3,609 research outputs found
ARPA Whitepaper
We propose a secure computation solution for blockchain networks. The
correctness of computation is verifiable even under malicious majority
condition using information-theoretic Message Authentication Code (MAC), and
the privacy is preserved using Secret-Sharing. With state-of-the-art multiparty
computation protocol and a layer2 solution, our privacy-preserving computation
guarantees data security on blockchain, cryptographically, while reducing the
heavy-lifting computation job to a few nodes. This breakthrough has several
implications on the future of decentralized networks. First, secure computation
can be used to support Private Smart Contracts, where consensus is reached
without exposing the information in the public contract. Second, it enables
data to be shared and used in trustless network, without disclosing the raw
data during data-at-use, where data ownership and data usage is safely
separated. Last but not least, computation and verification processes are
separated, which can be perceived as computational sharding, this effectively
makes the transaction processing speed linear to the number of participating
nodes. Our objective is to deploy our secure computation network as an layer2
solution to any blockchain system. Smart Contracts\cite{smartcontract} will be
used as bridge to link the blockchain and computation networks. Additionally,
they will be used as verifier to ensure that outsourced computation is
completed correctly. In order to achieve this, we first develop a general MPC
network with advanced features, such as: 1) Secure Computation, 2) Off-chain
Computation, 3) Verifiable Computation, and 4)Support dApps' needs like
privacy-preserving data exchange
Secure Multiparty Computation with Partial Fairness
A protocol for computing a functionality is secure if an adversary in this
protocol cannot cause more harm than in an ideal computation where parties give
their inputs to a trusted party which returns the output of the functionality
to all parties. In particular, in the ideal model such computation is fair --
all parties get the output. Cleve (STOC 1986) proved that, in general, fairness
is not possible without an honest majority. To overcome this impossibility,
Gordon and Katz (Eurocrypt 2010) suggested a relaxed definition -- 1/p-secure
computation -- which guarantees partial fairness. For two parties, they
construct 1/p-secure protocols for functionalities for which the size of either
their domain or their range is polynomial (in the security parameter). Gordon
and Katz ask whether their results can be extended to multiparty protocols.
We study 1/p-secure protocols in the multiparty setting for general
functionalities. Our main result is constructions of 1/p-secure protocols when
the number of parties is constant provided that less than 2/3 of the parties
are corrupt. Our protocols require that either (1) the functionality is
deterministic and the size of the domain is polynomial (in the security
parameter), or (2) the functionality can be randomized and the size of the
range is polynomial. If the size of the domain is constant and the
functionality is deterministic, then our protocol is efficient even when the
number of parties is O(log log n) (where n is the security parameter). On the
negative side, we show that when the number of parties is super-constant,
1/p-secure protocols are not possible when the size of the domain is
polynomial
Anonymous quantum communication
We present the first protocol for the anonymous transmission of a quantum
state that is information-theoretically secure against an active adversary,
without any assumption on the number of corrupt participants. The anonymity of
the sender and receiver is perfectly preserved, and the privacy of the quantum
state is protected except with exponentially small probability. Even though a
single corrupt participant can cause the protocol to abort, the quantum state
can only be destroyed with exponentially small probability: if the protocol
succeeds, the state is transferred to the receiver and otherwise it remains in
the hands of the sender (provided the receiver is honest).Comment: 11 pages, to appear in Proceedings of ASIACRYPT, 200
Information-Theoretically Secure Voting Without an Honest Majority
We present three voting protocols with unconditional privacy and
information-theoretic correctness, without assuming any bound on the number of
corrupt voters or voting authorities. All protocols have polynomial complexity
and require private channels and a simultaneous broadcast channel. Our first
protocol is a basic voting scheme which allows voters to interact in order to
compute the tally. Privacy of the ballot is unconditional, but any voter can
cause the protocol to fail, in which case information about the tally may
nevertheless transpire. Our second protocol introduces voting authorities which
allow the implementation of the first protocol, while reducing the interaction
and limiting it to be only between voters and authorities and among the
authorities themselves. The simultaneous broadcast is also limited to the
authorities. As long as a single authority is honest, the privacy is
unconditional, however, a single corrupt authority or a single corrupt voter
can cause the protocol to fail. Our final protocol provides a safeguard against
corrupt voters by enabling a verification technique to allow the authorities to
revoke incorrect votes. We also discuss the implementation of a simultaneous
broadcast channel with the use of temporary computational assumptions, yielding
versions of our protocols achieving everlasting security
Secret Sharing Based on a Hard-on-Average Problem
The main goal of this work is to propose the design of secret sharing schemes
based on hard-on-average problems. It includes the description of a new
multiparty protocol whose main application is key management in networks. Its
unconditionally perfect security relies on a discrete mathematics problem
classiffied as DistNP-Complete under the average-case analysis, the so-called
Distributional Matrix Representability Problem. Thanks to the use of the search
version of the mentioned decision problem, the security of the proposed scheme
is guaranteed. Although several secret sharing schemes connected with
combinatorial structures may be found in the bibliography, the main
contribution of this work is the proposal of a new secret sharing scheme based
on a hard-on-average problem, which allows to enlarge the set of tools for
designing more secure cryptographic applications
Multipartite entanglement verification resistant against dishonest parties
Future quantum information networks will likely consist of quantum and
classical agents, who have the ability to communicate in a variety of ways with
trusted and untrusted parties and securely delegate computational tasks to
untrusted large-scale quantum computing servers. Multipartite quantum
entanglement is a fundamental resource for such a network and hence it is
imperative to study the possibility of verifying a multipartite entanglement
source in a way that is efficient and provides strong guarantees even in the
presence of multiple dishonest parties. In this work, we show how an agent of a
quantum network can perform a distributed verification of a multipartite
entangled source with minimal resources, which is, nevertheless, resistant
against any number of dishonest parties. Moreover, we provide a tight tradeoff
between the level of security and the distance between the state produced by
the source and the ideal maximally entangled state. Last, by adding the
resource of a trusted common random source, we can further provide security
guarantees for all honest parties in the quantum network simultaneously.Comment: The statement of Theorem 2 has been revised and a new proof is given.
Other results unchange
- …