Efficient Secure Multiparty Computation with Identifiable Abort

We study secure multiparty computation (MPC) in the dishonest majority setting providing security with identifiable abort, where if the protocol aborts, the honest parties can agree upon the identity of a corrupt party. All known constructions that achieve this notion require expensive zero-knowledge techniques to obtain active security, so are not practical. In this work, we present the first efficient MPC protocol with identifiable abort. Our protocol has an information-theoretic online phase with message complexity $O(n^2)$ for each secure multiplication (where $n$ is the number of parties), similar to the BDOZ protocol (Bendlin et al., Eurocrypt 2011), and a factor in the security parameter lower than the identifiable abort protocol of Ishai et al. (Crypto 2014). A key component of our protocol is a linearly homomorphic information-theoretic signature scheme, for which we provide the first definitions and construction based on a previous non-homomorphic scheme. We then show how to implement the preprocessing for our protocol using somewhat homomorphic encryption, similarly to the SPDZ protocol (Damgård et al., Crypto 2012) and other recent works with applicable efficiency improvements

A New Approach to Efficient and Secure Fixed-point Computation

Secure Multi-Party Computation (MPC) constructions typically allow computation over a finite field or ring. While useful for many applications, certain real-world applications require the usage of decimal numbers. While it is possible to emulate floating-point operations in MPC, fixed-point computation has gained more traction in the practical space due to its simplicity and efficient realizations. Even so, current protocols for fixed-point MPC still require computing a secure truncation after each multiplication gate. In this paper, we show a new paradigm for realizing fixed-point MPC. Starting from an existing MPC protocol over arbitrary, large, finite fields or rings, we show how to realize MPC over a residue number system (RNS). This allows us to leverage certain mathematical structures to construct a secure algorithm for efficient approximate truncation by a static and public value. We then show how this can be used to realize highly efficient secure fixed-point computation. In contrast to previous approaches, our protocol does not require any multiplications of secret values in the underlying MPC scheme to realize truncation but instead relies on preprocessed pairs of correlated random values, which we show can be constructed very efficiently, when accepting a small amount of leakage and robustness in the strong, covert model. We proceed to implement our protocol, with SPDZ as the underlying MPC protocol, and achieve significantly faster fixed-point multiplication

From Fairness to Full Security in Multiparty Computation

In the setting of secure multiparty computation (MPC), a set of mutually distrusting parties wish to jointly compute a function, while guaranteeing the privacy of their inputs and the correctness of the output. An MPC protocol is called fully secure if no adversary can prevent the honest parties from obtaining their outputs. A protocol is called fair if an adversary can prematurely abort the computation, however, only before learning any new information. We present highly efficient transformations from fair computations to fully secure computations, assuming the fraction of honest parties is constant (e.g., 1% of the parties are honest). Compared to previous transformations that require linear invocations (in the number of parties) of the fair computation, our transformations require super-logarithmic, and sometimes even super-constant, such invocations. The main idea is to delegate the computation to chosen random committees that invoke the fair computation. Apart from the benefit of uplifting security, the reduction in the number of parties is also useful, since only committee members are required to work, whereas the remaining parties simply listen to the computation over a broadcast channel. One application of these transformations is a new $\delta$-bias coin-flipping protocol, whose round complexity has a super-logarithmic dependency on the number of parties, improving over the protocol of Beimel, Omri, and Orlov (Crypto 2010) that has a linear dependency. A second application is a new fully secure protocol for computing the Boolean OR function, with a super-constant round complexity, improving over the protocol of Gordon and Katz (TCC 2009) whose round complexity is linear in the number of parties. Finally, we show that our positive results are in a sense optimal, by proving that for some functionalities, a super-constant number of (sequential) invocations of the fair computation is necessary for computing the functionality in a fully secure manner

Accountable Bulletin Boards: Definition and Provably Secure Implementation

Bulletin boards (BB) are important cryptographic building blocks that, at their core, provide a broadcast channel with memory. BBs are widely used within many security protocols, including secure multi-party computation protocols, e-voting systems, and electronic auctions. Even though the security of protocols crucially depends on the underlying BB, as also highlighted by recent works, the literature on constructing secure BBs is sparse. The so-far only provably secure BBs require trusted components and sometimes also networks without message loss, which makes them unsuitable for applications with particularly high security needs where these assumptions might not always be met. In this work, we fill this gap by leveraging the concepts of accountability and universal composability (UC). More specifically, we propose the first ideal functionality for accountable BBs that formalizes the security requirements of such BBs in UC. We then propose Fabric$^\ast_\text{BB}$ as a slight extension designed on top of Fabric$^\ast$, which is a variant of the prominent Hyperledger Fabric distributed ledger protocol, and show that Fabric$^\ast_\text{BB}$ UC-realizes our ideal BB functionality. This result makes Fabric$^\ast_\text{BB}$ the first provably accountable BB, an often desired, but so far not formally proven property for BBs, and also the first BB that has been proven to be secure based only on standard cryptographic assumptions and without requiring trusted BB components or network assumptions. Through an implementation and performance evaluation we show that Fabric$^\ast_\text{BB}$ is practical for many applications of BBs

Theory of Cryptography [electronic resource] : 14th International Conference, TCC 2016-B, Beijing, China, October 31-November 3, 2016, Proceedings, Part I /

The two-volume set LNCS 9985 and LNCS 9986 constitutes the refereed proceedings of the 14th International Conference on Theory of Cryptography, TCC 2016-B, held in Beijing, China, in November 2016. The total of 45 revised full papers presented in the proceedings were carefully reviewed and selected from 113 submissions. The papers were organized in topical sections named: TCC test-of-time award; foundations; unconditional security; foundations of multi-party protocols; round complexity and efficiency of multi-party computation; differential privacy; delegation and IP; public-key encryption; obfuscation and multilinear maps; attribute-based encryption; functional encryption; secret sharing; new models.TCC Test-of-Time Award -- From Indifferentiability to Constructive Cryptography (and Back) -- Foundations -- Fast Pseudorandom Functions Based on Expander Graphs -- 3-Message Zero Knowledge Against Human Ignorance -- The GGM Function Family is a Weakly One-Way Family of Functions -- On the (In)security of SNARKs in the Presence of Oracles -- Leakage Resilient One-Way Functions: The Auxiliary-Input Setting -- Simulating Auxiliary Inputs, Revisited -- Unconditional Security -- Pseudoentropy: Lower-bounds for Chain rules and Transformations -- Oblivious Transfer from Any Non-Trivial Elastic Noisy Channel via Secret Key Agreement -- Simultaneous Secrecy and Reliability Amplification for a General Channel Model -- Proof of Space from Stacked Expanders -- Perfectly Secure Message Transmission in Two Rounds -- Foundations of Multi-Party Protocols -- Almost-Optimally Fair Multiparty Coin-Tossing with Nearly Three-Quarters Malicious -- Binary AMD Circuits from Secure Multiparty Computation -- Composable Security in the Tamper-Proof Hardware Model under Minimal Complexity -- Composable Adaptive Secure Protocols without Setup under Polytime Assumptions -- Adaptive Security of Yao’s Garbled Circuits -- Round Complexity and Efficiency of Multi-Party Computation -- Efficient Secure Multiparty Computation with Identifiable Abort -- Secure Multiparty RAM Computation in Constant Rounds -- Constant-Round Maliciously Secure Two-Party Computation in the RAM Model -- More Efficient Constant-Round Multi-Party Computation from BMR and SHE -- Cross&Clean: Amortized Garbled Circuits With Constant Overhead -- Differential Privacy -- Separating Computational and Statistical Differential Privacy in the Client-Server Model -- Concentrated Differential Privacy: Simplifications, Extensions, and Lower Bounds -- Strong Hardness of Privacy from Weak Traitor Tracing. .The two-volume set LNCS 9985 and LNCS 9986 constitutes the refereed proceedings of the 14th International Conference on Theory of Cryptography, TCC 2016-B, held in Beijing, China, in November 2016. The total of 45 revised full papers presented in the proceedings were carefully reviewed and selected from 113 submissions. The papers were organized in topical sections named: TCC test-of-time award; foundations; unconditional security; foundations of multi-party protocols; round complexity and efficiency of multi-party computation; differential privacy; delegation and IP; public-key encryption; obfuscation and multilinear maps; attribute-based encryption; functional encryption; secret sharing; new models