Trading Correctness for Privacy in Unconditional Multi-Party Computation Corrected Version

نویسندگان

  • Matthias Fitzi
  • Martin Hirt
  • Ueli Maurer
چکیده

This paper improves on the classical results in unconditionally secure multi-party computation among a set of n players, by considering a model with three simultaneously occurring types of player corruption: the adversary can actively corrupt (i.e. take full control over) up to ta players and, additionally, can passively corrupt (i.e. read the entire information of) up to tp players and fail-corrupt (i.e. stop the computation of) up to tf other players. The classical results in multi-party computation are for the special cases of only passive (ta = tf = 0) or only active (tp = tf = 0) corruption. In the passive case, every function can be computed securely if and only if tp < n/2. In the active case, every function can be computed securely if and only if ta < n/3; when a broadcast channel is available, then this bound is ta < n/2. These bounds are tight. Strictly improving these results, one of our results states that, in addition to tolerating ta < n/3 actively corrupted players, privacy can be guaranteed against every minority, thus tolerating additional tp ≤ n/6 passively corrupted players. These protocols require no broadcast and have an exponentially small failure probability. We further show that the bound t < n/2 for passive corruption holds even if the adversary is additionally allowed to make the passively corrupted players fail. Moreover, we characterize completely the achievable thresholds ta, tp and tf for four scenarios. Zero failure probability is achievable if and only if 3ta + 2tp + tf < n; this holds whether or not a broadcast channel is available. Exponentially small failure probability with a broadcast channel is achievable if and only if 2ta +2tp + tf < n; without broadcast, the additional condition 3ta + tf < n is necessary and sufficient. In this corrected version, an error pointed out by Damg̊ard [Dam99] is

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Trading Correctness for Privacy in Unconditional Multi-Party Computation

This paper improves on the classical results in unconditionally secure multi-party computation among a set of n players, by considering a model with three simultaneously occurring types of player corruption: the adversary can actively corrupt (i.e. take full control over) up to ta players and, additionally, can passively corrupt (i.e. read the entire information of) up to tp players and fail-co...

متن کامل

(Unconditional) Secure Multiparty Computation with Man-in-the-middle Attacks

In secure multi-party computation n parties jointly evaluate an n-variate function f in the presence of an adversary which can corrupt up till t parties. All honest parties are required to receive their correct output values, irrespective of how the corrupted parties under the control of the adversary behave. The adversary should not be able to learn anything more about the input values of the ...

متن کامل

Trading Correctness for Privacy in Unconditional Multi-Party Computation (Extended Abstract)

This paper improves on the classical results in unconditionally secure multi-party computation among a set of n players, by considering a model with three simultaneously occurring types of player corruption: the adversary can actively corrupt (i.e. take full control over) up to ta players and, additionally, can passively corrupt (i.e. read the entire information of) up to tp players and fail-co...

متن کامل

On Correctness and Privacy in Distributed Mechanisms

Mechanisms that aggregate the possibly conflicting preferences of individual agents are studied extensively in economics, operations research, and lately computer science. Perhaps surprisingly, the classic literature assumes participating agents to act selfishly, possibly untruthfully, if it is to their advantage, whereas the mechanism center is usually assumed to be honest and trustworthy. We ...

متن کامل

Enigma: Decentralized Computation Platform with Guaranteed Privacy

A peer-to-peer network, enabling different parties to jointly store and run computations on data while keeping the data completely private. Enigma’s computational model is based on a highly optimized version of secure multi-party computation, guaranteed by a verifiable secret-sharing scheme. For storage, we use a modified distributed hashtable for holding secret-shared data. An external blockch...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 1998