Abstract
The problem of secure multiparty computation is usually described as follows: each of n players in a network holds a private input x i. Together they would like to compute a function F(x 1,...,x n) without revealing the inputs, even though no particular player can be trusted. Attempts to contrive formal definitions for the problem have treated properties of the solution separately (correctness, privacy, etc.), giving an ad hoc collection of desirable properties and varied definitions that do not support clear or comparable proofs.
We propose a clear, concise, and unified definition for security and reliability in interactive computations. We develop a reduction called relative resilience that captures all desired properties at a single blow. Relative resilience allows one to classify and compare arbitrary protocols in terms of security and reliability, in the same way that Turing reductions allow one to classify and compare algorithms in terms of complexity. Security and reliability reduce to a simple statement: a protocol for F is resilient if it is as resilient as an ideal protocol in which a trusted host is available to compute F. Relative resilience captures the notions of security and reliability for a wide variety of interactive computations, including zero-knowledge proof systems, Byzantine Agreement, oblivious transfer, two-party oblivious circuit evaluation, among others.
Relative resilience provides modular proof techniques that other approaches lack: one may compare a sequence of protocols ranging from the real-world protocol to the ideal protocol, proving the relative resilience of each successive protocol with greater clarity and less complexity. Folk theorems about the “transitivity” of security and the security of concatenated protocols are now provable; and the proofs reveal that such folk theorems fail under subtle conditions that have previously gone unnoticed. The conciseness1 and modularity of our definitions and proof techniques provide great clarity in designing and reasoning about protocols and have already lead to provably secure protocols that are significantly more efficient than those appearing in the literature.
This research was supported in part under NSF grant CCR-870-4513 at Harvard University, and by an AT&T Bell Laboratories postdoctoral fellowship.
We have developed our definitions with great care and precision, and we believe them well-suited to Culling a meaningful 15-page abstract. A full versioii is available on request (see also [2], [4].
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
M. Abadi, J. Feigenbaum, J. Kilian. “On Hiding Information from an Oracle.” J. Comput. System Sci. 39 (1989), 21–50.
D. Beaver. “Secure Multiparty Protocols and Zero Knowledge Proof Systems Tolerating a Faulty Minority.” To appear, J. Cryptology. An earlier version appeared as “Secure Multiparty Protocols Tolerating Half Faulty Processors.” Proceedings of Crypto 1989, ACM, 1989.
D. Beaver. “Formal Definitions for Secure Distributed Protocols.” Proceedings of the DIMACS Workshop on Distributed Computing and Cryptography, Princeton, NJ, October, 1989, J. Feigenbaum, M. Merritt (eds.).
D. Beaver. Security, Fault Tolerance, and Communication Complexity in Distributed Systems. PhD Thesis, Harvard University, Cambridge, 1990.
D. Beaver, S. Goldwasser. “Multiparty Computation with Faulty Majority.” Proceedings of the 30 th FOCS, IEEE, 1989, 468–473.
D. Beaver, S. Haber. “Cryptographic Protocols Provably Secure Against Dynamic Adversaries.” Submitted to FOCS 91.
D. Beaver, S. Micali, P. Rogaway. “The Round Complexity of Secure Protocols.” Proceedings of the 22 st STOC, ACM, 1990, 503–513.
M. Ben-Or, S. Goldwasser, A. Wigderson. “Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation.” Proceedings of the 20th STOC, ACM, 1988, 1–10.
R. Blakley. “Security Proofs for Information Protection Systems.” Proceedings of the 1980 Symposium on Security and Privacy, IEEE Computer Society Press, New York, 1981, 79–88.
G. Brassard, D. Chaum, C. Crépeau. “Minimum Disclosure Proofs of Knowledge.” J. Comput. System Sci. 37 (1988), 156–189.
D. Chaum, C. Crépeau, I. Damgård. “Multiparty Unconditionally Secure Protocols.” Proceedings of the 20 th STOC, ACM, 1988, 11–19.
Z. Galil, S. Haber, M. Yung. “Cryptographic Computation: Secure Fault-Tolerant Protocols and the Public-Key Model.” Proceedings of Crypto 1987, Springer-Verlag, 1988, 135–155.
Z. Galil, S. Haber, and M. Yung. “Minimum-Knowledge Interactive Proofs for Decision Problems.” SIAM J. Comput. 18:4 (1989), 711–739.
S. Goldwasser, L. Levin. “Fair Computation of General Functions in Presence of Immoral Majority.” Proceedings of Crypto 1990.
S. Goldwasser, S. Micali. “Probabilistic Encryption.” J. Comput. System Sci. 28 (1984), 270–299.
S. Goldwasser, S. Micali, C. Rackoff. “The Knowledge Complexity of Interactive Proof Systems.” SIAM J. Comput. 18:1 (1989), 186–208.
S. Goldwasser, M. Sipser. “Private Coins vs. Public Coins in Interactive Proof Systems.” Proceedings of the 18th STOC, ACM, 1986, 59–68.
O. Goldreich, S. Micali, A. Wigderson. “Proofs that Yield Nothing but Their Validity and a Methodology of Cryptographic Protocol Design.” Proceedings of the 27th FOCS, IEEE, 1986, 174–187.
O. Goldreich, S. Micali, A. Wigderson. “How to Play Any Mental Game, or A Completeness Theorem for Protocols with Honest Majority.” Proceedings of the 19th STOC, ACM, 1987, 218–229.
S. Haber. Multi-Party Cryptographic Computation: Techniques and Applications, PhD Thesis, Columbia University, 1988.
S. Micali, P. Rogaway. “The Notion of Secure Computation.” Unpublished Manuscript, 1990.
S. Micali, P. Rogaway. “Secure Computation.” These Proceedings (Crypto 1991), page 9.8.
Y. Oren. “On the Cunning Power of Cheating Verifiers: Some Observations about Zero Knowledge Proofs.” Proceedings of the 19th STOC, ACM, 1987, 462–471.
T. Rabin, M. Ben-Or. “Verifiable Secret Sharing and Multiparty Protocols with Honest Majority.” Proceedings of the 21st STOC, ACM, 1989, 73–85.
A. Shamir. “How to Share a Secret.” Communications of the ACM, 22 (1979), 612–613.
A. Yao, “Theory and Applications of Trapdoor Functions.” Proceedings of the 23rd FOCS, IEEE, 1982, 80–91.
A. Yao. “How to Generate and Exchange Secrets.” Proceedings of the 27th FOCS, IEEE, 1986, 162–167.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1992 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Beaver, D. (1992). Foundations of Secure Interactive Computing. In: Feigenbaum, J. (eds) Advances in Cryptology — CRYPTO ’91. CRYPTO 1991. Lecture Notes in Computer Science, vol 576. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-46766-1_31
Download citation
DOI: https://doi.org/10.1007/3-540-46766-1_31
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-55188-1
Online ISBN: 978-3-540-46766-3
eBook Packages: Springer Book Archive