Download presentation
Presentation is loading. Please wait.
Published byKolby Simmers Modified over 10 years ago
1
Efficient Multiparty Protocols via Log-Depth Threshold Formulae Ron Rothblum Weizmann Institute Joint work with Gil Cohen, Ivan Damgard, Yuval Ishai, Jonas Kolker, Peter Bro Miltersen and Ran Raz
2
Secure Multiparty Computation (MPC) [Yao86,GMW87] An adversary that controls a (limited) subset of the parties learns nothing more than the inputs and outputs of the parties it controls.
3
Feasibility Results: Perfect Security [BGW88,CCD88]
4
Our Contribution Huge body of work on secure MPC but protocols are fairly complicated. We suggest a conceptually simple and flexible approach to designing efficient MPC protocols. Building blocks: 1.Player emulation - builds on Hirt-Maurer [HM00] but with a different motivation. 2.Simple constant-party MPC protocols. 3.Threshold formulae composed of threshold gates.
5
Applications 1.Conceptually simple protocols for perfectly secure MPC – obtaining passive/active security. 2.New results on feasibility of MPC in a variety of settings, e.g., secure MPC over algebraic structures such as non-Abelian groups. 3.Distributed computing – broadcast/Byzantine agreement.
6
MPC via Player Emulation [HM00]
7
MPC via Player Emulation Minimal number of parties needed for security against one passive party
8
MPC with a Trusted Party 5 4 3 2 1
9
5 4 3 2 1
10
5 4 3 2 1 MPC via Player Emulation
11
5 4 3 2 1
12
5 4 3 2 1 The output is sent back to the parties.
13
MPC via Player Emulation
14
5 4 3 2 1
15
5 4 3 2 1
16
5 4 3 2 1
17
5 4 3 2 1
18
5 4 3 2 1
19
Associate wires with parties and place 1 on input wires that the adversary controls. If output is 0 then the protocol is secure against this adversary.
20
MPC via Player Emulation
21
Comparison with [HM00]
22
MPC via Player Emulation
24
3-Party Protocols Can use BGW restricted to 3 parties or better yet use the MPC made simple protocol of [Maurer02]. Maurers protocol is simple and elegant but exponential in the number of parties. For 3 parties– not an issue!
25
MPC via Player Emulation
26
Majority from Majorities
27
Active Security Minimal number of parties for security against one active party
28
Applications Simplifications*: 1.MPC over fields ([BGW88], [CCD88], [AL13]). 2.MPC over rings ([CFIK03]). 3.MPC over groups ([DPSW07,DPS+12a,DPS12+b]). 4.Distributed computing: broadcast, broadcast from 2-cast ([FM00]). * Caveats: non-optimal threshold and higher polynomial complexity.
29
Applications
30
Conclusions and Open Questions MPC methodology: 1.Design simple constant-party protocols. 2.Prove player emulation theorem. Intriguing connections to open questions in complexity-theory: 1.Explicit exact majority-from-majorities formula. 2.Exact threshold-from-thresholds formula (even non-explicit).
31
Thank you!
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.