k round multiparty computation from k round oblivious
play

k -Round Multiparty Computation from k -Round Oblivious Transfer via - PowerPoint PPT Presentation

Feb 27, 2024 •179 likes •1.03k views

k -Round Multiparty Computation from k -Round Oblivious Transfer via Garbled Interactive Circuits Fabrice Benhamouda Huijia (Rachel) Lin IBM Research / Columbia University, US University of California, Santa Barbara, US Eurocrypt 2018, May 1,

  1. k -Round Multiparty Computation from k -Round Oblivious Transfer via Garbled Interactive Circuits Fabrice Benhamouda Huijia (Rachel) Lin IBM Research / Columbia University, US University of California, Santa Barbara, US Eurocrypt 2018, May 1, 2018

  2. Introduction Overview Round Collapsing via GIC FC with WE Secure Multiparty Computation (MPC) x 1 Auction Seller P 1 (no input) Buyer P i bids x i USD x 5 x 2 P 1 P 5 P 2 x 4 x 3 P 4 P 3 Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 2 / 23

  3. Introduction Overview Round Collapsing via GIC FC with WE Secure Multiparty Computation (MPC) x 1 Auction Seller P 1 (no input) Buyer P i bids x i USD x 5 x 2 y 1 P 1 Seller P 1 gets y 1 = ( max bid, buyer ) Buyer P i gets � y 5 y 2 P 5 P 2 1 if winner y i = x 4 x 3 0 else y 4 y 3 P 4 P 3 Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 2 / 23

  4. Introduction Overview Round Collapsing via GIC FC with WE Secure Multiparty Computation (MPC) x 1 Auction Seller P 1 (no input) Buyer P i bids x i USD x 5 x 2 y 1 P 1 Seller P 1 gets y 1 = ( max bid, buyer ) Buyer P i gets � y 5 y 2 P 5 P 2 1 if winner y i = x 4 x 3 0 else Question: How many rounds? y 4 y 3 P 4 P 3 Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 2 / 23

  5. Introduction Overview Round Collapsing via GIC FC with WE Secure Multiparty Computation Adversarial Model Adversary can corrupt any party at the beginning semi-honest: corrupted parties behave honestly Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 3 / 23

  6. Introduction Overview Round Collapsing via GIC FC with WE Secure Multiparty Computation Adversarial Model Adversary can corrupt any party at the beginning semi-honest: corrupted parties behave honestly malicious: corrupted parties can behave arbitrarily Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 3 / 23

  7. Introduction Overview Round Collapsing via GIC FC with WE Secure Multiparty Computation Adversarial Model Adversary can corrupt any party at the beginning semi-honest: corrupted parties behave honestly semi-malicious: corrupted parties behave honestly but adaptively choose input and randomness malicious: corrupted parties can behave arbitrarily Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 3 / 23

  8. Introduction Overview Round Collapsing via GIC FC with WE Secure Multiparty Computation Adversarial Model Adversary can corrupt any party at the beginning semi-honest: corrupted parties behave honestly semi-malicious: corrupted parties behave honestly but adaptively choose input and randomness malicious: corrupted parties can behave arbitrarily k -round semi-malicious MPC + NIZK ⇒ k -round malicious MPC Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 3 / 23

  9. Introduction Overview Round Collapsing via GIC FC with WE Oblivious Transfer (OT) b ∈ { 0 , 1 } x 0 , x 1 . . . receiver sender Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 4 / 23

  10. Introduction Overview Round Collapsing via GIC FC with WE Oblivious Transfer (OT) b ∈ { 0 , 1 } x 0 , x 1 . . . receiver sender x b ⊥ Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 4 / 23

  11. Introduction Overview Round Collapsing via GIC FC with WE Oblivious Transfer (OT) b ∈ { 0 , 1 } x 0 , x 1 . . . receiver sender x b ⊥ k -round OT k -round MPC Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 4 / 23

  12. Introduction Overview Round Collapsing via GIC FC with WE Oblivious Transfer (OT) b ∈ { 0 , 1 } x 0 , x 1 . . . receiver sender x b ⊥ k -round OT k -round MPC ? Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 4 / 23

  13. Introduction Overview Round Collapsing via GIC FC with WE Previous Results Semi-Honest Setting N : number of parties; L : number of rounds N L Assumptions [Yao82, Yao86] 2 k k -round OT Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 5 / 23

  14. Introduction Overview Round Collapsing via GIC FC with WE Previous Results Semi-Honest Setting N : number of parties; L : number of rounds N L Assumptions [Yao82, Yao86] 2 k k -round OT N O ( d ) O ( 1 ) -round OT [GMW87] O ( 1 ) O ( 1 ) -round OT [BMR90] N . . . Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 5 / 23

  15. Introduction Overview Round Collapsing via GIC FC with WE Previous Results Semi-Honest Setting N : number of parties; L : number of rounds N L Assumptions [Yao82, Yao86] 2 k k -round OT N O ( d ) O ( 1 ) -round OT [GMW87] O ( 1 ) O ( 1 ) -round OT [BMR90] N . . . N 2 CRS/... + LWE [AJLTVW12, MW16, CM15, BP16, PS16] [BGI16, BGI17, BGILT18] N 2 PKI + DDH 2 iO or WE [GGHR14, GP15, CGP15, DKR15, GLS15] N Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 5 / 23

  16. Introduction Overview Round Collapsing via GIC FC with WE Previous Results Semi-Honest Setting N : number of parties; L : number of rounds N L Assumptions [Yao82, Yao86] 2 k k -round OT N O ( d ) O ( 1 ) -round OT [GMW87] O ( 1 ) O ( 1 ) -round OT [BMR90] N . . . N 2 CRS/... + LWE [AJLTVW12, MW16, CM15, BP16, PS16] [BGI16, BGI17, BGILT18] N 2 PKI + DDH 2 iO or WE [GGHR14, GP15, CGP15, DKR15, GLS15] N [GS17a] N 2 bilinear group Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 5 / 23

  17. Introduction Overview Round Collapsing via GIC FC with WE Previous Results Semi-Honest Setting N : number of parties; L : number of rounds N L Assumptions [Yao82, Yao86] 2 k k -round OT N O ( d ) O ( 1 ) -round OT [GMW87] O ( 1 ) O ( 1 ) -round OT [BMR90] N . . . N 2 CRS/... + LWE [AJLTVW12, MW16, CM15, BP16, PS16] [BGI16, BGI17, BGILT18] N 2 PKI + DDH 2 iO or WE [GGHR14, GP15, CGP15, DKR15, GLS15] N [GS17a] N 2 bilinear group N k k -round OT [GS17b] k -round OT ours N k Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 5 / 23

  18. Introduction Overview Round Collapsing via GIC FC with WE Results Theorem k -round MPC ‡ k -round OT ⇔ Corollary � � semi-honest semi-honest 2 -round MPC ‡ 2 -round OT ⇔ semi-malicious semi-malicious Corollary (using [AJLTVW12]) semi-malicious k -round OT + NIZK ⇒ malicious k -round MPC ‡ ∗ delayed semi-malicious security is sufficient; † for k ≥ 5 ‡ simultaneous messages, broadcast channel, static corruptions, with abort Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 6 / 23

  19. Introduction Overview Round Collapsing via GIC FC with WE Results Theorem   semi-honest  semi-honest   k -round MPC ‡  k -round OT ⇔ semi-malicious semi-malicious malicious ∗ malicious † Corollary � � semi-honest semi-honest 2 -round MPC ‡ 2 -round OT ⇔ semi-malicious semi-malicious Corollary (using [AJLTVW12]) semi-malicious k -round OT + NIZK ⇒ malicious k -round MPC ‡ ∗ delayed semi-malicious security is sufficient; † for k ≥ 5 ‡ simultaneous messages, broadcast channel, static corruptions, with abort Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 6 / 23

  20. Introduction Overview Round Collapsing via GIC FC with WE Results Theorem   semi-honest  semi-honest   k -round MPC ‡  k -round OT ⇔ semi-malicious semi-malicious malicious ∗ malicious † Corollary � � semi-honest semi-honest 2 -round MPC ‡ 2 -round OT ⇔ semi-malicious semi-malicious Corollary (using [AJLTVW12]) semi-malicious k -round OT + NIZK ⇒ malicious k -round MPC ‡ ∗ delayed semi-malicious security is sufficient; † for k ≥ 5 ‡ simultaneous messages, broadcast channel, static corruptions, with abort Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 6 / 23

  21. Introduction Overview Round Collapsing via GIC FC with WE Results Theorem   semi-honest  semi-honest   k -round MPC ‡  k -round OT ⇔ semi-malicious semi-malicious malicious ∗ malicious † Corollary � � semi-honest semi-honest 2 -round MPC ‡ 2 -round OT ⇔ semi-malicious semi-malicious Corollary (using [AJLTVW12]) semi-malicious k -round OT + NIZK ⇒ malicious k -round MPC ‡ ∗ delayed semi-malicious security is sufficient; † for k ≥ 5 ‡ simultaneous messages, broadcast channel, static corruptions, with abort Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 6 / 23

  22. Introduction Overview Round Collapsing via GIC FC with WE Previous Results Malicious Setting in the Plain Model N : number of parties; L : number of rounds Blackbox lower-bound: L ≥ 4 N L Assumptions [ACJ17] N 5 DDH N 4 subexp DDH [ACJ17] [BHP17] N 4 subexp LWE + adp. com. 4 ETDP + DDH/LWE or QR [HHPV17] N [BGJKKS17] N 4 DDH or QR or N-th res N k ≥ 5 k -round OT ours Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 7 / 23

  23. Introduction Overview Round Collapsing via GIC FC with WE Previous Results Malicious Setting in the Plain Model N : number of parties; L : number of rounds Blackbox lower-bound: L ≥ 4 N L Assumptions [ACJ17] N 5 DDH N 4 subexp DDH [ACJ17] [BHP17] N 4 subexp LWE + adp. com. 4 ETDP + DDH/LWE or QR [HHPV17] N [BGJKKS17] N 4 DDH or QR or N-th res N k ≥ 5 k -round OT ours Open problem: 4-round MPC from 4-round OT Fabrice Benhamouda (IBM) k -Round MPC from k -Round OT Eurocrypt 2018 7 / 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Round-Optimal Secure Multiparty Computation with Honest Majority Prabhanjan Ananth Arka Rai

Round-Optimal Secure Multiparty Computation with Honest Majority Prabhanjan Ananth Arka Rai

Round-Optimal Secure Multiparty Computation with Honest Majority Prabhanjan Ananth Arka Rai Choudhuri Aarushi Goel Abhishek Jain CRYPTO 2018 Secure Multiparty Computation ! # ! $ ! " ! % Secure Multiparty Computation Securely compute

1.18k views • 102 slides
Two-Round Secure Multiparty Computation Minimizing Public Key Operations Sanjam Garg

Two-Round Secure Multiparty Computation Minimizing Public Key Operations Sanjam Garg

Two-Round Secure Multiparty Computation Minimizing Public Key Operations Sanjam Garg Peihan Miao Akshayaram Srinivasan What did we achieve? Two-Round Secure Multiparty Computation Minimizing Public Key Operations Sanjam Garg

628 views • 41 slides
Round Optimal Secure Multiparty Computation from Minimal Assumptions Arka Rai Choudhuri Michele

Round Optimal Secure Multiparty Computation from Minimal Assumptions Arka Rai Choudhuri Michele

Round Optimal Secure Multiparty Computation from Minimal Assumptions Arka Rai Choudhuri Michele Ciampi Vipul Goyal Johns Hopkins University The University of Edinburgh Carnegie Mellon University and NTT Research Abhishek Jain Rafail

1.42k views • 119 slides
Toy Example Toy Example Toy Example Toy Example Toy Example D 1 weak classifiers = vertical or

Toy Example Toy Example Toy Example Toy Example Toy Example D 1 weak classifiers = vertical or

Toy Example Toy Example Toy Example Toy Example Toy Example D 1 weak classifiers = vertical or horizontal half-planes Round 1 Round 1 Round 1 Round 1 Round 1 h 1 D 2 " 1 =0.30 ! =0.42 1 Round 2 Round 2 Round 2 Round 2 Round

188 views • 5 slides
Chapter 11: Scaling and Round-off Noise Keshab K. Parhi Outline Introduction Scaling

Chapter 11: Scaling and Round-off Noise Keshab K. Parhi Outline Introduction Scaling

Chapter 11: Scaling and Round-off Noise Keshab K. Parhi Outline Introduction Scaling and Round-off Noise State Variable Description of Digital Filters Scaling and Round-off Noise Computation Round-off Noise Computation

577 views • 46 slides
Two Round Oblivious Transfer from CDH or LPN Eurocrypt 2020 Nico Dttling Sanjam Garg Mohammad

Two Round Oblivious Transfer from CDH or LPN Eurocrypt 2020 Nico Dttling Sanjam Garg Mohammad

Two Round Oblivious Transfer from CDH or LPN Eurocrypt 2020 Nico Dttling Sanjam Garg Mohammad Hajiabadi Daniel Masny Daniel Wichs CISPA Helmholtz Center for Information Security UC Berkeley Visa Research Northeastern University

425 views • 13 slides
Most traditional stories are like a round, crocheted potholder. The storyteller goes round and

Most traditional stories are like a round, crocheted potholder. The storyteller goes round and

Alberta Jones Assistant Professor, School of Education, U of A Southeast Ph.D. Candidate-Indigenous Studies, U of A Fairbanks June, 2016 Most traditional stories are like a round, crocheted potholder. The storyteller goes round and round

575 views • 20 slides
th An rs 4 th Ame Ameri rican Le Legion Riders Annual Sum Summit Merry-Go-Round Round

th An rs 4 th Ame Ameri rican Le Legion Riders Annual Sum Summit Merry-Go-Round Round

th An rs 4 th Ame Ameri rican Le Legion Riders Annual Sum Summit Merry-Go-Round Round Robin Unity Ride District Patch Sonny Decker & Jeff Hawk Merry-Go-Round & The Round Robin These month-long events are intended for our

841 views • 22 slides
Toy Example Toy Example Toy Example Toy Example Toy Example D 1 weak classifiers = vertical or

Toy Example Toy Example Toy Example Toy Example Toy Example D 1 weak classifiers = vertical or

Toy Example Toy Example Toy Example Toy Example Toy Example D 1 weak classifiers = vertical or horizontal half-planes Round 1 Round 1 Round 1 Round 1 Round 1 h 1 D 2

210 views • 7 slides
Collusion- -Free Free Collusion Multiparty Computation Multiparty Computation in the Mediated

Collusion- -Free Free Collusion Multiparty Computation Multiparty Computation in the Mediated

Collusion- -Free Free Collusion Multiparty Computation Multiparty Computation in the Mediated Model in the Mediated Model Jol Alwen (NYU) Jonathan Katz (U. Maryland) Yehuda Lindell (Bar-Ilan U.) Giuseppe Persiano (U. Salerno) abhi

519 views • 25 slides
On the Exact Round Complexity of Secure Three-Party Computation Arpita Patra, Divya Ravi Indian

On the Exact Round Complexity of Secure Three-Party Computation Arpita Patra, Divya Ravi Indian

On the Exact Round Complexity of Secure Three-Party Computation Arpita Patra, Divya Ravi Indian Institute of Science CRYPTO 2018 Our Objective What is the exact round complexity of 3-party protocols with honest majority under the following

446 views • 10 slides
The Exact Round Complexity of Secure Computation Antigoni Polychroniadou (Aarhus University)

The Exact Round Complexity of Secure Computation Antigoni Polychroniadou (Aarhus University)

The Exact Round Complexity of Secure Computation Antigoni Polychroniadou (Aarhus University) joint work with Sanjam Garg, Pratyay Mukherjee (UC Berkeley), Omkant Pandey (Drexel University) Background: Secure Multi-Party Computation x 1 f(x 1 ,

750 views • 54 slides
Lessons learned from the 2 0 1 0 round of PHC and planning for the 2 0 2 0 round to m eet the

Lessons learned from the 2 0 1 0 round of PHC and planning for the 2 0 2 0 round to m eet the

UN EGM on Strengthening the Demographic Evidence Base For The Post-2015 Development Agenda, New York, 5-6 October 2015 Lessons learned from the 2 0 1 0 round of PHC and planning for the 2 0 2 0 round to m eet the post-2 0 1 5 developm ent

420 views • 15 slides
INLA workshop quiz Murray Logan August 16, 2016 Table of contents 1 Round 1: What the @#?

INLA workshop quiz Murray Logan August 16, 2016 Table of contents 1 Round 1: What the @#?

-1- INLA workshop quiz Murray Logan August 16, 2016 Table of contents 1 Round 1: What the @#? would you know 1 2 Round 2 - Science and Nature 2 3 Round 3 - Box and Flix 3 4 Round 3 - Balderdash 4 1. Round 1: What the @#? would you

535 views • 5 slides
A Meet-in-the-Middle Attack on 8-Round AES H useyin Demirci Ali Aydn Sel cuk presented

A Meet-in-the-Middle Attack on 8-Round AES H useyin Demirci Ali Aydn Sel cuk presented

A Meet-in-the-Middle Attack on 8-Round AES H useyin Demirci Ali Aydn Sel cuk presented by Orhun Kara 1 Outline The AES A 5-round distinguisher Attack on 7-round AES-192, AES-256 and 8-round AES-256 Some optimizations

504 views • 19 slides
Chosen-Key Distinguishers on 12-Round Feistel-SP and 11-Round Collision Attacks on Its Hashing

Chosen-Key Distinguishers on 12-Round Feistel-SP and 11-Round Collision Attacks on Its Hashing

Chosen-Key Distinguishers on 12-Round Feistel-SP and 11-Round Collision Attacks on Its Hashing Modes Xiaoyang Dong and Xiaoyun Wang Shandong University, Tsinghua University FSE 2017 Tokyo, Japan Outline 2 Secret-key and Open-key Models u

526 views • 24 slides
International Development Working Group SONAL SHAH Beeck Center For Social Impact And Innovation

International Development Working Group SONAL SHAH Beeck Center For Social Impact And Innovation

Lessons from the Social Impact Investment Taskforce: International Development Working Group SONAL SHAH Beeck Center For Social Impact And Innovation RITA PERAKIS Center For Global Development NOVEMBER 24, 2014 Introduction to Working Group

460 views • 17 slides
Scientific Computing Maastricht Science Program Week 1 Frans Oliehoek

Scientific Computing Maastricht Science Program Week 1 Frans Oliehoek

Scientific Computing Maastricht Science Program Week 1 Frans Oliehoek <frans.oliehoek@maastrichtuniversity.nl> Good Choice! Let me start: Congratulations! There is virtually no branch of science that can do without scientific

959 views • 67 slides
Multiobjective Parameter Optimization of Elliptic PDEs using the Reduced Basis Method S.

Multiobjective Parameter Optimization of Elliptic PDEs using the Reduced Basis Method S.

Multiobjective Parameter Optimization of Elliptic PDEs using the Reduced Basis Method S. Banholzer, B. Gebken, M. Dellnitz, S. Peitz, S. Volkwein University of Konstanz / Paderborn University Workshop: New trends in PDE constrained optimization

652 views • 61 slides
Bailouts, Time Inconsistency, and Optimal Regulation V. V. Chari University of Minnesota and

Bailouts, Time Inconsistency, and Optimal Regulation V. V. Chari University of Minnesota and

Bailouts, Time Inconsistency, and Optimal Regulation V. V. Chari University of Minnesota and Federal Reserve Bank of Minneapolis Patrick Kehoe Federal Reserve Bank of Minneapolis, University of Minnesota, and Princeton University

713 views • 29 slides
Assessment of Residual Radioisotopes Following F-18 Radionuclide Production Imam Kambali

Assessment of Residual Radioisotopes Following F-18 Radionuclide Production Imam Kambali

Assessment of Residual Radioisotopes Following F-18 Radionuclide Production Imam Kambali Center for Radioisotope and Radiopharmaceutical Technology National Nuclear Energy Agency (BATAN) ICTP, Trieste, Italy Puspiptek Area, Serpong, South

503 views • 17 slides
Neutrino-induced production of radioisotopes in Core-Collapse Supernovae A. Sieverding 1 , L.

Neutrino-induced production of radioisotopes in Core-Collapse Supernovae A. Sieverding 1 , L.

Neutrino-induced production of radioisotopes in Core-Collapse Supernovae A. Sieverding 1 , L. Huther 1 , G. Mart nez-Pinedo 1 , K. Langanke 1 , 2 ,A. Heger 3 1 Technische Universit at Darmstadt 2 GSI Helmholtzzentrum, Darmstadt 3 Monash

540 views • 34 slides
DHS Radiation Portal Monitor Project at PNNL Dennis Weier Pacific Northwest National Laboratory

DHS Radiation Portal Monitor Project at PNNL Dennis Weier Pacific Northwest National Laboratory

PNNL-SA-63388 Radiation Portal Monitor Project DHS Radiation Portal Monitor Project at PNNL Dennis Weier Pacific Northwest National Laboratory November 18, 2008 The Challenge: U.S. Ports of Entry Mail/ECCF Land Border Maritime Air Cargo

391 views • 17 slides
Risk thinking and nuclear power Cathryn Carson Societal Risks

Risk thinking and nuclear power Cathryn Carson Societal Risks

Risk thinking and nuclear power Cathryn Carson Societal Risks and the Law Spring 2013 Reactor Safety Study, a.k.a. Rasmussen Report, a.k.a.

479 views • 30 slides

More recommend