Dishonest Majority Multi-Party Computation for Binary Circuits

Larraia, Enrique; Orsini, Emmanuela; Smart, Nigel P.

doi:10.1007/978-3-662-44381-1_28

Cited by 43 publications

(48 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our protocol for F 2 40 triples has the biggest advantage over previous protocols, with an estimated 200x speed-up over the SPDZ implementation. For binary circuits, our multi-party protocol is comparable with the two-party TinyOT protocol and around 3x faster than the fixed protocol of Larraia et al [16]. For MiniMAC, we give figures for the amortized cost of a single multiplication in F 2 8 .…”

Section: Our Contributionsmentioning

confidence: 97%

“…Our main contribution is a new method of creating SPDZ triples in F 2 k using only symmetric primitives, so it is much more efficient than previous protocols using SHE. Our protocol is based on a novel correlated OT extension protocol that increases efficiency by allowing an adversary to introduce errors of a specific form, which may be 2-party TinyOT [18,5] 0 54 0.07 F2 n-party TinyOT [16,5] 81n(n − 1) 27n(n − 1) 0.24 This work §5.2 27n(n − 1) 9n(n − 1) 0.08…”

Section: Our Contributionsmentioning

confidence: 99%

“…Additionally, we revisit the multi-party TinyOT protocol by Larraia et al from CRYPTO 2014 [16], and identify a crucial security flaw that results in a selective failure attack. A standard fix has an efficiency cost of at least 9x, which we show how to reduce to just 3x with a modified protocol.…”

Section: Our Contributionsmentioning

confidence: 99%

“…The triple production protocol by Larraia et al [16] has two main stages: first, unauthenticated shares of triples are created (using the aBit protocol by Nielsen et al [18] as a black box) and secondly the shares are authenticated, again using aBit, and checked for correctness with a sacrificing procedure. The main problem with this approach is that given shares of an unauthenticated triple for a, b, c ∈ F 2 where c = a · b, the parties may not input their correct shares of this triple into the authentication step.…”

Section: Our Contributionsmentioning

confidence: 99%

“…It has similar efficiency to SPDZ in the online phase but has faster preprocessing, producing around 10000 F 2 triples per second. Larraia et al [16] extended TinyOT to the multi-party setting and adapted it to fit with the SPDZ online phase. The multi-party TinyOT protocol also checks correctness of triples using sacrificing, and two-party TinyOT uses a similar procedure called combining to remove possible leakage from a triple, but when working in small fields simple pairwise checks are not enough.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

A Unified Approach to MPC with Preprocessing Using OT

Frederiksen

Keller

Orsini

et al. 2015

Advances in Cryptology -- ASIACRYPT 2015

Self Cite

View full text Add to dashboard Cite

Abstract. SPDZ, TinyOT and MiniMAC are a family of MPC protocols based on secret sharing with MACs, where a preprocessing stage produces multiplication triples in a finite field. This work describes new protocols for generating multiplication triples in fields of characteristic two using OT extensions. Before this work, TinyOT, which works on binary circuits, was the only protocol in this family using OT extensions. Previous SPDZ protocols for triples in large finite fields require somewhat homomorphic encryption, which leads to very inefficient runtimes in practice, while no dedicated preprocessing protocol for MiniMAC (which operates on vectors of small field elements) was previously known. Since actively secure OT extensions can be performed very efficiently using only symmetric primitives, it is highly desirable to base MPC protocols on these rather than expensive public key primitives. We analyze the practical efficiency of our protocols, showing that they should all perform favorably compared with previous works; we estimate our protocol for SPDZ triples in F 2 40 will perform around 2 orders of magnitude faster than the best known previous protocol.

show abstract

Section: Our Contributionsmentioning

confidence: 97%

Section: Our Contributionsmentioning

confidence: 99%

Section: Our Contributionsmentioning

confidence: 99%

Section: Our Contributionsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

A Unified Approach to MPC with Preprocessing Using OT

Frederiksen

Keller

Orsini

et al. 2015

Advances in Cryptology -- ASIACRYPT 2015

Self Cite

View full text Add to dashboard Cite

show abstract

Concretely Efficient Large-Scale MPC with Active Security (or, TinyKeys for TinyOT)

Hazay

Orsini

Schöll

et al. 2018

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

In this work we develop a new theory for concretely efficient, largescale MPC with active security. Current practical techniques are mostly in the strong setting of all-but-one corruptions, which leads to protocols that scale badly with the number of parties. To work around this issue, we consider a large-scale scenario where a small minority out of many parties is honest and design scalable, more efficient MPC protocols for this setting. Our results are achieved by introducing new techniques for information-theoretic MACs with short keys and extending the work of Hazay et al. (CRYPTO 2018), which developed new passively secure MPC protocols in the same context. We further demonstrate the usefulness of this theory in practice by analyzing the concrete communication overhead of our protocols, which improve upon the most efficient previous works.

show abstract

A Note on the Communication Complexity of Multiparty Computation in the Correlated Randomness Model

Couteau

2019

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Secure multiparty computation (MPC) addresses the challenge of evaluating functions on secret inputs without compromising their privacy. A central question in multiparty computation is to understand the amount of communication needed to securely evaluate a circuit of size s. In this work, we revisit this fundamental question in the setting of information-theoretically secure MPC in the correlated randomness model, where a trusted dealer distributes correlated random coins, independent of the inputs, to all parties before the start of the protocol. This setting is of strong theoretical interest, and has led to the most practically efficient MPC protocols known to date. While it is known that protocols with optimal communication (proportional to input plus output size) can be obtained from the LWE assumption, and that protocols with sublinear communication o(s) can be obtained from the DDH assumption, the question of constructing protocols with o(s) communication remains wide open for the important case of informationtheoretic MPC in the correlated randomness model; all known protocols in this model require O(s) communication in the online phase. In this work, we exhibit the first generic multiparty computation protocol in the correlated randomness model with communication sublinear in the circuit size, for a large class of circuits. More precisely, we show the following: any size-s layered circuit (whose nodes can be partitioned into layers so that any edge connects adjacent layers) can be evaluated with O(s/log log s) communication. Our results holds for both boolean and arithmetic circuits, in the honest-but-curious setting, and do not assume honest majority. For boolean circuits, we extend our results to handle malicious corruption.

show abstract

Dishonest Majority Multi-Party Computation for Binary Circuits

Cited by 43 publications

References 15 publications

A Unified Approach to MPC with Preprocessing Using OT

A Unified Approach to MPC with Preprocessing Using OT

Concretely Efficient Large-Scale MPC with Active Security (or, TinyKeys for TinyOT)

A Note on the Communication Complexity of Multiparty Computation in the Correlated Randomness Model

Contact Info

Product

Resources

About