Multiparty Computations Information-Theoretically Secure Against an Adaptive Adversary

In this thesis we study a problem of doing Verifiable Secret Sharing (VSS) and Multiparty Computations (MPC) in a model where private channels between the players and a broadcast channel is available. The adversary is active, adaptive and has an unbounded computing power. The thesis is based on two papers [CDD00, CDD99]. In [CDD00] we assume that the adversary can corrupt any set from a given adversary structure. In this setting we study a problem of doing efficient VSS and MPC given an access to a secret sharing scheme (SS). For all adversary structures where VSS is possible at all, we show that, up to a polynomial time black-box reduction, the complexity of adaptively secure VSS is the same as that of ordinary secret sharing (SS), where security is only required against a passive, static adversary. Previously, such a connection was only known for linear secret sharing and VSS schemes. We then show an impossibility result indicating that a similar equivalence does not hold for Multiparty Computation (MPC): we show that even if protocols are given black-box access for free to an idealized secret sharing scheme secure for the access structure in question, it is not possible to handle all relevant access structures efficiently, not even if the adversary is passive and static. In other words, general MPC can only be black-box reduced efficiently to secret sharing if extra properties of the secret sharing scheme used (such as linearity) are assumed. The protocols of [CDD99] assume that we work against a threshold adversary structure. We propose new VSS and MPC protocols that are substantially more efficient than the ones previously known. Another contribution of [CDD99] is an attack against a Weak Secret Sharing Protocol (WSS) of [RBO89]. The attack exploits the fact that the adversary is adaptive. We present this attack here and discuss other problems caused by the adaptiveness (one of the examples are taken from [CDD01]). All protocols in the thesis are formally specified and the proofs of their security are sketched.