2018
DOI: 10.1007/978-3-030-03807-6_7
|View full text |Cite
|
Sign up to set email alerts
|

Two-Round Adaptively Secure Multiparty Computation from Standard Assumptions

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1

Citation Types

0
4
0

Year Published

2019
2019
2021
2021

Publication Types

Select...
6

Relationship

0
6

Authors

Journals

citations
Cited by 13 publications
(4 citation statements)
references
References 37 publications
0
4
0
Order By: Relevance
“…However, since S 2 is a simulator for π with adversary A 2 who uses a uniform input in his π 2 emulation, this implies that the interaction of the protocols π 1 , π 2 , and π 3 in Scenario 2 must also have as public output a value with distribution indistinguishable from X κ 1,1 ⊕X 3,(1+X 1,2 ) . Now, using the fact that the views which the protocol machines in Scenario 2 and 1 are indistinguishable, 11 we can deduce that the public output in Scenario 1 needs to also be distributed indistinguishably from X κ 1,1 ⊕ X 3,(1+X 1,2 ) . However, in Scenario 1, party P 2 is not corrupted which means that the public output distribution needs to be indistinguishable from f (X 1 , X 2 , X *…”
Section: Casementioning
confidence: 99%
See 2 more Smart Citations
“…However, since S 2 is a simulator for π with adversary A 2 who uses a uniform input in his π 2 emulation, this implies that the interaction of the protocols π 1 , π 2 , and π 3 in Scenario 2 must also have as public output a value with distribution indistinguishable from X κ 1,1 ⊕X 3,(1+X 1,2 ) . Now, using the fact that the views which the protocol machines in Scenario 2 and 1 are indistinguishable, 11 we can deduce that the public output in Scenario 1 needs to also be distributed indistinguishably from X κ 1,1 ⊕ X 3,(1+X 1,2 ) . However, in Scenario 1, party P 2 is not corrupted which means that the public output distribution needs to be indistinguishable from f (X 1 , X 2 , X *…”
Section: Casementioning
confidence: 99%
“…The "holy grail" in this thread has been two-round protocols, as single-round MPC for a large set of functions cannot be achieved [43]. The first solutions to this problem were based on strong cryptographic assumptions (FHE [5,59], iO [34], witness encryption [42], and spooky encryption [26]), whereas more recent results showed how to build two-round MPC resilient to any number of active corruptions from standard assumptions, such as two-round oblivious transfer (OT) [33,10,11] or OT-correlation setup and one-way functions (OWF) [35] (we discuss the state of the art in Section 1.1).…”
Section: Introductionmentioning
confidence: 99%
See 1 more Smart Citation
“…The “holy grail” in this thread has been two-round protocols, as single-round MPC for a large set of functions cannot be achieved [ 43 ]. The first solutions to this problem were based on strong cryptographic assumptions (FHE [ 5 , 59 ], iO [ 34 ], witness encryption [ 42 ], and spooky encryption [ 26 ]), whereas more recent results showed how to build two-round MPC resilient to any number of active corruptions from standard assumptions, such as two-round oblivious transfer (OT) [ 9 , 10 , 33 ] or OT-correlation setup and one-way functions (OWF) [ 35 ] (we discuss the state of the art in Sect. 1.1 ).…”
Section: Introductionmentioning
confidence: 99%