Computational Verifiable Secret Sharing Revisited

Backes, Michael; Kate, Aniket; Patra, Arpita

doi:10.1007/978-3-642-25385-0_32

Cited by 47 publications

(22 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our Sup-Sh protocol is almost equivalent to the AVSS primitive [CKAS02,Can96,BKP11]: it allows a dealer D to "verifiably" share a secret s, thus generating [s], and ensures that at least one honest party is privileged to obtain all the n shares encrypted for the respective share holders. The existing computational AVSS protocols (e.g., [CKAS02,BKP11]) are designed with n = 3t + 1 and are based on sharing a secret using a bivariate polynomial of degree t in each variable and (homomorphic) commitments. In this paradigm, it is ensured that D has distributed "consistent" shares to n − t = 2t + 1 parties such that (at least) t + 1 honest parties among them can "enable" the remaining parties to get their shares.…”

Section: Important Sub-protocols For the Preprocessing Phasementioning

confidence: 99%

“…Now using the homomorphic property of commitments every party can compute the remaining committed shares and Com s , thus possessing all the necessary information of [s]. Given [s] generated using Sh, protocol Rec is based on the standard reconstruction protocol used in the existing computationally secure AVSS [BKP11,CKAS02], which allows the parties to robustly reconstruct s. In the protocol, each party sends its share-pair to all the parties, which are verified with the corresponding commitment, available with the parties (as part of [s]). Once t + 1 "correct" share pairs are received, the sharing polynomial, and hence s, is reconstructed.…”

Section: Our Avss Protocolmentioning

confidence: 99%

See 1 more Smart Citation

Asynchronous MPC with a strict honest majority using non-equivocation

Backes

Bendun

Choudhury

et al. 2014

Proceedings of the 2014 ACM Symposium on Principles of Distributed Computing

Self Cite

View full text Add to dashboard Cite

Multiparty computation (MPC) among n parties can tolerate up to t < n/2 active corruptions in a synchronous communication setting; however, in an asynchronous communication setting, the resiliency bound decreases to only t < n/3 active corruptions. We improve the resiliency bound for asynchronous MPC (AMPC) to match synchronous MPC using non-equivocation.Non-equivocation is a message authentication mechanism to restrict a corrupted sender from making conflicting statements to different (honest) parties. It can be implemented using an increment-only counter and a digital signature oracle, realizable with trusted hardware modules readily available in commodity computers and smartphone devices. A non-equivocation mechanism can also be transferable and allow a receiver to verifiably transfer the authenticated statement to other parties. In this work, using transferable non-equivocation, we present an AMPC protocol tolerating t < n/2 faults. From a practical point of view, our AMPC protocol requires fewer setup assumptions than the previous AMPC protocol with t < n/2 by Beerliová-Trubíniová, Hirt and Nielsen [PODC 2010]: unlike their AMPC protocol, it does not require any synchronous broadcast round at the beginning of the protocol and avoids the threshold homomorphic encryption setup assumption. Moreover, our AMPC protocol is also efficient and provides a gain of Θ(n) in the communication complexity per multiplication gate, over the AMPC protocol of Beerliová-Trubíniová et al. In the process, using non-equivocation, we also define the first asynchronous verifiable secret sharing (AVSS) scheme with t < n/2, which is of independent interest to threshold cryptography.

show abstract

Section: Important Sub-protocols For the Preprocessing Phasementioning

confidence: 99%

Section: Our Avss Protocolmentioning

confidence: 99%

Asynchronous MPC with a strict honest majority using non-equivocation

Backes

Bendun

Choudhury

et al. 2014

Proceedings of the 2014 ACM Symposium on Principles of Distributed Computing

Self Cite

View full text Add to dashboard Cite

show abstract

“…This allows us to have more meaningful comparisons with other VSS protocols. We will compare our solution to the 4-round statistical VSS of [27], the 3-round VSS of [32], and the 2-round VSS of [3] (see Table 1). These protocols have different security models and different optimization goals, therefore also selecting different methods for securing communication between parties.…”

Section: Example: Verifiable Shamir Secret Sharingmentioning

confidence: 99%

“…The 2-round VSS of [3] This protocol also uses commitments that do not have to be homomorphic. This is still different from F tr and ICP : commitments can ensure that the same message has been transmitted to distinct parties.…”

Section: Example: Verifiable Shamir Secret Sharingmentioning

confidence: 99%

Verifiable Computation in Multiparty Protocols with Honest Majority

Laud

Pankova

2014

Provable Security

View full text Add to dashboard Cite

Abstract. We present a generic method for turning passively secure protocols into protocols secure against covert attacks. The method adds a post-execution verification phase to the protocol that allows a misbehaving party to escape detection only with negligible probability. The execution phase, after which the computed protocol result is already available for parties, has only negligible overhead added by our method. The checks, based on linear probabilistically checkable proofs, are done in zero-knowledge, thereby preserving the privacy guarantees of the original protocol. Our method is inspired by recent results in verifiable computation, adapting them to multiparty setting and significantly lowering their computational costs for the provers.

show abstract

“…Next, in the reconstruction phase, the shares are combined by the nodes to either (1) recover the same secret s or (2) tag the dealer as cheater. In this work, we use the (n − 1)/2-tolerant probabilistic VSS protocol of [38]. Accordingly, the RNG protocol in a set S of nodes proceeds as follows: (1) each node i in S chooses a random number r i ∈ F. (2) Each node i acts as a dealer and shares r i using the VSS protocol.…”

Section: ) Random Number Generation (Rng)mentioning

confidence: 99%

Scalable and Secure Polling in Dynamic Distributed Networks

Gambs

Guerraoui²,

Harkous³

et al. 2012

2012 IEEE 31st Symposium on Reliable Distributed Systems

View full text Add to dashboard Cite

Abstract-We consider the problem of securely conducting a poll in synchronous dynamic networks equipped with a Public Key Infrastructure (PKI). Whereas previous distributed solutions had a communication cost of O(n 2 ) in an n nodes system, we present SPP (Secure and Private Polling), the first distributed polling protocol requiring only a communication complexity of O(n log 3 n), which we prove is near-optimal. Our protocol ensures perfect security against a computationally-bounded adversary, tolerates ( > > 0 (not depending on n), and outputs the exact value of the poll with high probability. SPP is composed of two sub-protocols, which we believe to be interesting on their own: SPP-Overlay maintains a structured overlay when nodes leave or join the network, and SPP-Computation conducts the actual poll. We validate the practicality of our approach through experimental evaluations and describe briefly two possible applications of SPP: (1) an optimal Byzantine Agreement protocol whose communication complexity is Θ(n log n) and (2) a protocol solving an open question of King and Saia in the context of aggregation functions, namely on the feasibility of performing multiparty secure aggregations with a communication complexity of o(n 2 ).

show abstract

Computational Verifiable Secret Sharing Revisited

Cited by 47 publications

References 40 publications

Asynchronous MPC with a strict honest majority using non-equivocation

Asynchronous MPC with a strict honest majority using non-equivocation

Verifiable Computation in Multiparty Protocols with Honest Majority

Scalable and Secure Polling in Dynamic Distributed Networks

Contact Info

Product

Resources

About