multi party computation based on
play

Multi-Party Computation Based on One-Way Functions Sandro Coretti - PowerPoint PPT Presentation

Mar 10, 2023 •199 likes •677 views

Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions Sandro Coretti (New York University) Juan Garay (Yahoo Research) Martin Hirt (ETH Zurich) Vassilis Zikas (RPI) Secure Multi-Party Computation (MPC) [Yao82, GMW87,

  1. Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions Sandro Coretti (New York University) Juan Garay (Yahoo Research) Martin Hirt (ETH Zurich) Vassilis Zikas (RPI)

  2. Secure Multi-Party Computation (MPC) [Yao82, GMW87, BGW88, CCD88, RB89,…] 2 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  3. Secure Multi-Party Computation (MPC) [Yao82, GMW87, BGW88, CCD88, RB89,…] Mutually distrustful parties wish to evaluate function of their inputs 3 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  4. Secure Multi-Party Computation (MPC) (2) [GMW87, C00, C01,…] 4 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  5. Secure Multi-Party Computation (MPC) (2) [GMW87, C00, C01,…] MPC protocol should emulate a trusted third party 5 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  6. Secure Multi-Party Computation (MPC) (3) 6 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  7. Secure Multi-Party Computation (MPC) (3) Simulation-based security definition in the Universal Composability (UC) framework [C01] 7 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  8. Synchronous Communication Network  Each pair of parties connected by secure channels  Protocol proceeds in rounds  Messages sent in particular round guaranteed to arrive by beginning of next round 8 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  9. Synchronous Communication Network  Each pair of parties connected by secure channels  Protocol proceeds in rounds  Messages sent in particular round guaranteed to arrive by beginning of next round  “Plain” UC framework is inherently asynchronous • Adversary has full control over message delivery; may choose to delete messages sent between honest parties • “Synchronous” UC using clock functionality and bounded-delay channels [KMTZ13] 9 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  10. Asynchronous Communication Network  Synchronous network: great for analysis • (Partially) Synchronized clocks + bounded network latency → “timeouts” (T) • Round length typically (much) higher than average transmission time 10 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  11. Asynchronous Communication Network  Synchronous network: great for analysis • (Partially) Synchronized clocks + bounded network latency → “timeouts” (T) • Round length typically (much) higher than average transmission time  UC asynchrony: overly pessimistic 11 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  12. Asynchronous Communication Network  Synchronous network: great for analysis • (Partially) Synchronized clocks + bounded network latency → “timeouts” (T) • Round length typically (much) higher than average transmission time  UC asynchrony: overly pessimistic “It takes advantage of the nature of information being easy to spread but hard to stifle.” 12 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  13. Asynchronous Communication Network  Synchronous network: great for analysis • (Partially) Synchronized clocks + bounded network latency → “timeouts” (T) • Round length typically (much) higher than average transmission time  UC asynchrony: overly pessimistic “It takes advantage of the nature of information being easy to spread but hard to stifle.” Satoshi Nakamoto 13 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  14. Asynchronous Communication Network (2)  Each pair of parties connected by secure channels  Messages sent guaranteed to arrive only eventually  Adversary may: • Delay message delivery by arbitrary finite amount of time • Reorder messages • Note: No deletions! (Unlike UC)  Model considered early on in fault-tolerant distributed computing (e.g., [FLP83] ) and asynchronous MPC [BCG93,…] 14 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  15. Asynchronous Communication Network (2)  Each pair of parties connected by secure channels  Messages sent guaranteed to arrive only eventually  Adversary may: • Delay message delivery by arbitrary finite amount of time • Reorder messages • Note: No deletions! (Unlike UC)  Model considered early on in fault-tolerant distributed computing (e.g., [FLP83] ) and asynchronous MPC [BCG93,…]  “Opportunistic”: protocols terminate as quickly as the network allows 15 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  16. Asynchronous Communication Network (2)  Each pair of parties connected by secure channels  Messages sent guaranteed to arrive only eventually  Adversary may: • Delay message delivery by arbitrary finite amount of time • Reorder messages • Note: No deletions! (Unlike UC)  Model considered early on in fault-tolerant distributed computing (e.g., [FLP83] ) and asynchronous MPC [BCG93,…]  “Opportunistic”: protocols terminate as quickly as the network allows  To date: Asynchronous MPC with eventual delivery not modeled in UC 16 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  17. This Work  Formalize asynchronous model with eventual delivery in the UC framework • Asynchronous round complexity • Basic communication resources: async. secure channel (A-SMT) and async. Byzantine agreement (A-BA) 17 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  18. This Work  Formalize asynchronous model with eventual delivery in the UC framework • Asynchronous round complexity • Basic communication resources: async. secure channel (A-SMT) and async. Byzantine agreement (A-BA)  Constant-round MPC protocol • I.e., round complexity independent of circuit’s multiplicative depth • Based on standard assumptions (PRFs) • Tolerates t < n/ 3 corruptions • Adaptive adversary 18 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  19. Prior Work: Constant-Round MPC Protocols  Synchronous model: • Based on circuit garbling [Yao86, BMR90, DI05, IPS08] • Based on FHE [AJLTVW12] • t < n/ 2 corruptions • Assume broadcast channel (cf. [FL82, BE03, CCGZ16]) 19 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  20. Prior Work: Constant-Round MPC Protocols  Synchronous model: • Based on circuit garbling [Yao86, BMR90, DI05, IPS08] • Based on FHE [AJLTVW12] • t < n/ 2 corruptions • Assume broadcast channel (cf. [FL82, BE03, CCGZ16])  Asynchronous model (recall: eventual delivery): • Based on FHE [Coh16] • t < n/ 3 corruptions • Static security • Assume A-BA • (Other known protocols are GMW- based → circuit depth) 20 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  21. This Work  Formalize asynchronous model with eventual delivery in the UC framework • Asynchronous round complexity • Basic communication resources: async. secure channel (A-SMT) and async. Byzantine agreement (A-BA)  Constant-round MPC protocol • I.e., round complexity independent of circuit’s multiplicative depth • Based on standard assumptions (PRFs) • Tolerates t < n/ 3 corruptions • Adaptive adversary 21 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  22. Modeling Asynchronous Communication in UC Sender Receiver • Poll for messages: T = T -1 Input messages • If T = 0, first message in buffer output A-SMT Functionality: Adversary • Stores messages in buffer • Reorder messages in buffer • Maintains delay T • Increase T , specified in unary 22 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  23. Modeling Asynchronous Communication in UC (2)  Protocol execution: • Party either sends message or • polls A-SMT channels in round-robin fashion 23 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  24. Modeling Asynchronous Communication in UC (2)  Protocol execution: • Party either sends message or • polls A-SMT channels in round-robin fashion  Round complexity: Maximum number of times any party switches between sending and polling 24 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  25. Modeling Asynchronous Secure Function Evaluation in UC Parties P • Provide input • Poll for output: T = T -1 • If T = 0, first message in buffer output A-SFE Functionality: Adversary • Collects inputs and computes output • Decide on set of n - t input providers • Maintains delay T • Increase T , specified in unary 25 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

  26. Modeling Asynchronous Byzantine Agreement in UC Parties P • Provide input • Poll for output: T = T -1 • If T = 0, first message in buffer output Adversary A-BA Functionality: • Maintains delay T • Decide on set C of n - t input providers • Collects inputs and computes output • Increase T , specified in unary • If there is agreement in C output corresponding value • Otherwise, output a value specified by attacker 26 Constant-Round Asynchronous Multi-Party Computation Based on One-Way Functions

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Communication Locality in C i i L li i Secure Multi Party Secure Multi-Party Computation

Communication Locality in C i i L li i Secure Multi Party Secure Multi-Party Computation

Communication Locality in C i i L li i Secure Multi Party Secure Multi-Party Computation Computation How to Run Sublinear Algorithms in a Distributed Algorithms in a Distributed Setting Elette Boyle Shafi Goldwasser Stefano Tessaro

1.01k views • 36 slides
Secure Multi-Party Computation Gunnar Kreitz KTH Royal Institute of Technology

Secure Multi-Party Computation Gunnar Kreitz KTH Royal Institute of Technology

Background Secure Computation Security Model Generic Protocol Applications Secure Multi-Party Computation Gunnar Kreitz KTH Royal Institute of Technology gkreitz@kth.se October 4 2012 Gunnar Kreitz Secure Multi-Party Computation

1.28k views • 59 slides
Multi-Party Computation in Presence of Corrupted Majorities Dominik Raub Institute of

Multi-Party Computation in Presence of Corrupted Majorities Dominik Raub Institute of

Multi-Party Computation in Presence of Corrupted Majorities Dominik Raub Institute of Theoretical Computer Science ETH Zrich on joint work with R. Knzler, J. Mller-Quade, C. Lucas, U. Maurer, M. Fitzi Metaguse, 2009/10/04 Multi-Party

1.04k views • 83 slides
Introduction to Secure Multi-Party Computation Many thanks to Vitaly Shmatikov of the

Introduction to Secure Multi-Party Computation Many thanks to Vitaly Shmatikov of the

Introduction to Secure Multi-Party Computation Many thanks to Vitaly Shmatikov of the University of Texas, Austin for providing these slides. slide 1 Motivation General framework for describing computation between parties who do not

1.03k views • 35 slides
TinyKeys: A New Approach to Efficient Multi-Party Computation Carmit Hazay , Emmanuela Orsini,

TinyKeys: A New Approach to Efficient Multi-Party Computation Carmit Hazay , Emmanuela Orsini,

TinyKeys: A New Approach to Efficient Multi-Party Computation Carmit Hazay , Emmanuela Orsini, Peter Scholl and Eduardo Soria-Vazquez Based on slides prepared by Peter Scholl and Eduardo Soria-Vazquez Secure Multi-Party Computation (MPC)

756 views • 36 slides
SoK: General Purpose Frameworks for Secure Multi-party Computation Marcella Brett Daniel Steve

SoK: General Purpose Frameworks for Secure Multi-party Computation Marcella Brett Daniel Steve

SoK: General Purpose Frameworks for Secure Multi-party Computation Marcella Brett Daniel Steve Hemenway Hastings Noble Zdancewic University of Pennsylvania 1 / 20 Secure Multi-party Computation (MPC) Compute an arbitrary function among

1.13k views • 36 slides
Revisiting Square Root ORAM Efficient Random Access in Multi-Party Computation Samee Zahur Xiao

Revisiting Square Root ORAM Efficient Random Access in Multi-Party Computation Samee Zahur Xiao

Revisiting Square Root ORAM Efficient Random Access in Multi-Party Computation Samee Zahur Xiao Wang Mariana Raykova Adri Gascn Jack Doerner Jonathan Katz David Evans oblivc.org/sqoram Secure multi-party computation applications Set

504 views • 25 slides
General Purpose Frameworks for Secure Multi-party Computation Marcella Brett Daniel Steve

General Purpose Frameworks for Secure Multi-party Computation Marcella Brett Daniel Steve

General Purpose Frameworks for Secure Multi-party Computation Marcella Brett Daniel Steve Hemenway Hastings Noble Zdancewic University of Pennsylvania 1 / 26 Secure multi-party computation (MPC) MPC allows a group of mutually

882 views • 51 slides
Secure Multi-party Quantum Computation with a Dishonest Majority Yfke Dulek, Alex Grilo, Stacey

Secure Multi-party Quantum Computation with a Dishonest Majority Yfke Dulek, Alex Grilo, Stacey

Secure Multi-party Quantum Computation with a Dishonest Majority Yfke Dulek, Alex Grilo, Stacey Je ff ery, Christian Majenz, Christian Scha ff ner Introduction Multi-party computation (MPC) Input (player i): x i 83 false Output: f(x 1 , ,

686 views • 20 slides
Multi Party Computation: From Theory to Practice Nigel P . Smart Department of Computer

Multi Party Computation: From Theory to Practice Nigel P . Smart Department of Computer

Multi Party Computation: From Theory to Practice Nigel P . Smart Department of Computer Science, University Of Bristol, Merchant Venturers Building, Woodland Road, Bristol, BS8 1UB. January 8, 2013 Nigel P . Smart Multi Party

604 views • 28 slides
Asynchronous Multi-Party Computation Vassilis Zikas RPI MPC School IIT Mumbai Secure

Asynchronous Multi-Party Computation Vassilis Zikas RPI MPC School IIT Mumbai Secure

Asynchronous Multi-Party Computation Vassilis Zikas RPI MPC School IIT Mumbai Secure Multi-Party Computation (MPC) Security D 1 D 2 D 4 D 3 Secure Multi-Party Computation (MPC) Security D 1 D 2 1 2 4 3 D 4 D 3 Secure

1.36k views • 124 slides
Multi-Party Computation with Hybrid Security Matthias Fitzi, Thomas Holenstein, and J urg

Multi-Party Computation with Hybrid Security Matthias Fitzi, Thomas Holenstein, and J urg

Multi-Party Computation with Hybrid Security Matthias Fitzi, Thomas Holenstein, and J urg Wullschleger Multi-Party Computation (MPC)

405 views • 29 slides
Adaptively Secure Multi-Party Computation with Dishonest Majority Sanjam Garg Amit

Adaptively Secure Multi-Party Computation with Dishonest Majority Sanjam Garg Amit

Adaptively Secure Multi-Party Computation with Dishonest Majority Sanjam Garg Amit Sahai UCLA Secure Multiparty Computation A set of mutually distrustful parties (n) wish to compute a joint function of their private inputs

309 views • 16 slides
MP-SPDZ: A Versatile Framework for Multi-Party Computation Marcel Keller CSIROs Data61 13 May

MP-SPDZ: A Versatile Framework for Multi-Party Computation Marcel Keller CSIROs Data61 13 May

MP-SPDZ: A Versatile Framework for Multi-Party Computation Marcel Keller CSIROs Data61 13 May 2020 MP-SPDZ 20+ MPC protocols in several computation domains and security models (malicious/semi-honest, any threshold corruption) Secret

53 views • 4 slides
Secure Multi-Party Computation Lecture 13 Must We Trust ? Can we have an auction

Secure Multi-Party Computation Lecture 13 Must We Trust ? Can we have an auction

Secure Multi-Party Computation Lecture 13 Must We Trust ? Can we have an auction without an auctioneer?! Declared winning bid should be correct Only the winner and winning bid should be revealed Using data without sharing?

446 views • 20 slides
More Practical Multi-Party Computation Feng Hao University of Warwick Tutorial, Indocryt19

More Practical Multi-Party Computation Feng Hao University of Warwick Tutorial, Indocryt19

More Practical Multi-Party Computation Feng Hao University of Warwick Tutorial, Indocryt19 Hyderabad, India There are only three papers that are worth writing: the first, the last and the best. - Roger Needham (1935-2003) Outline of

1.26k views • 102 slides
SystemVerilogCSP: Modeling Digital Asynchronous Circuits Using SystemVerilog Interfaces Arash

SystemVerilogCSP: Modeling Digital Asynchronous Circuits Using SystemVerilog Interfaces Arash

SystemVerilogCSP: Modeling Digital Asynchronous Circuits Using SystemVerilog Interfaces Arash Saifhashemi 1 Peter A. Beerel 1,2 1 Ming Hsieh Dept. of Electrical Engineering, University of Southern California 2 Fulcrum Microsystems, Calabasas CA,

410 views • 24 slides
A Guide for Families How to use this is document: You can navigate to an area of f in

A Guide for Families How to use this is document: You can navigate to an area of f in

Distance Learning Phase 2 A Guide for Families How to use this is document: You can navigate to an area of f in interest, or jump forw rward or backward usin ing the tabs: Special Ed. Instruction Technology Q &amp; A Expectations

359 views • 21 slides
Communication in Distributed Systems Issues in communication (today) Message-oriented

Communication in Distributed Systems Issues in communication (today) Message-oriented

Communication in Distributed Systems Issues in communication (today) Message-oriented Communication Remote Procedure Calls Transparency but poor for passing references Remote Method Invocation RMIs are essentially RPCs

246 views • 9 slides
Passive Routing Attacks in MANET ! Location privacy attack Correlate a mobile node with its

Passive Routing Attacks in MANET ! Location privacy attack Correlate a mobile node with its

ANODR : AN onymous O n- D emand R outing with Untraceable Routes for Mobile Ad Hoc Networks MobiHOC 2003 June 3, 2003 Jiejun Kong, Xiaoyan Hong Wireless-Adaptive-Mobility Laboratory Department of Computer Science University of California,

345 views • 10 slides
SWIFT: Using Task-Based Parallelism, Fully Asynchronous Communication and Vectorization to

SWIFT: Using Task-Based Parallelism, Fully Asynchronous Communication and Vectorization to

SWIFT: Using Task-Based Parallelism, Fully Asynchronous Communication and Vectorization to achieve maximal HPC performance Matthieu Schaller Research Assistant Institute for Computational Cosmology, Durham University, UK November 2016 This

597 views • 49 slides
FCPS School Board Briefing - April 23, 2020 Discussion Items: Distance Learning Plan (DLP) for

FCPS School Board Briefing - April 23, 2020 Discussion Items: Distance Learning Plan (DLP) for

Department of Special Services Distance Learning Plan for COVID19 Closure FCPS School Board Briefing - April 23, 2020 Discussion Items: Distance Learning Plan (DLP) for Students with Disabilities Staff Roles and Responsibilities

348 views • 24 slides
Satsy Input-Output Code Search Engine Carl Chapman Cole Groff Cody Hoover Trevor Lund Kaitlin

Satsy Input-Output Code Search Engine Carl Chapman Cole Groff Cody Hoover Trevor Lund Kaitlin

Satsy Input-Output Code Search Engine Carl Chapman Cole Groff Cody Hoover Trevor Lund Kaitlin McAbee Problem Statement Lots of open-source code is available for use. Instead of rewriting code that already exists, can we search to

444 views • 23 slides
WHAT IS ZOOM? ONLINE VIDEO CONFERENCING TOOL SIMILAR TO SKYPE, ADOBE CONNECT, GOOGLE HANGOUTS

WHAT IS ZOOM? ONLINE VIDEO CONFERENCING TOOL SIMILAR TO SKYPE, ADOBE CONNECT, GOOGLE HANGOUTS

WHAT IS ZOOM? ONLINE VIDEO CONFERENCING TOOL SIMILAR TO SKYPE, ADOBE CONNECT, GOOGLE HANGOUTS AND FACETIME HTTP://UKY.ZOOM.US KEYWORDS SYNCHRONOUS VIRTUAL CLASSROOM SYNCHRONOUS LEARNING WEB-CONFERENCING E-CONFERENCING WEBINAR

246 views • 20 slides

More recommend