Fast Large-Scale Honest-Majority MPC for Malicious Adversaries
Authors: 
Koji Chida, Koki Hamada, Dai Ikarashi, Ryo Kikuchi, Daniel Genkin, 
Yehuda Lindell, Ariel NofAuthors Info & Claims
Abstract
Protocols for secure multiparty computation enable a set of parties to compute a function of their inputs without revealing anything but the output. The security properties of the protocol must be preserved in the presence of adversarial behavior. The two classic adversary models considered are semi-honest (where the adversary follows the protocol specification but tries to learn more than allowed by examining the protocol transcript) and malicious (where the adversary may follow any arbitrary attack strategy). Protocols for semi-honest adversaries are often far more efficient, but in many cases the security guarantees are not strong enough. In this paper, we present new protocols for securely computing any functionality represented by an arithmetic circuit, assuming an honest majority exists. We utilize a new method for verifying that the adversary does not cheat, that yields a cost of just twice that of semi-honest protocols in some settings. Our protocols are information-theoretically secure in the presence of malicious adversaries. We present protocol variants for small and large fields, and show how to efficiently instantiate them based on replicated secret sharing and Shamir secret sharing. In particular, for large fields, our protocol requires each party to send just 2 field elements per multiplication gate in the three-party setting, and just 12 field elements per multiplication gate for any number of parties. As with previous works in this area aiming to achieve high efficiency, our protocol is secure with abort and does not achieve fairness, meaning that the adversary may receive output while the honest parties do not. We implemented our protocol and ran experiments for different numbers of parties, different network configurations and different circuit depths. Our protocol significantly outperforms the previous best for this setting (Lindell and Nof, CCS 2017); for a large number of parties (e.g., 100 parties), our implementation runs almost an order of magnitude faster than theirs.
References
[1]
T. Araki, A. Barak, J. Furukawa, T. Lichter, Y. Lindell, A. Nof, K. Ohara, A. Watzman, O. Weinstein. Optimized honest-majority MPC for malicious adversaries - breaking the 1 billion-gate per second barrier. In the 38th IEEE Symposium on Security and Privacy, pp. 843–862, (2017)
[2]
T. Araki, J. Furukawa, Y. Lindell, A. Nof, K. Ohara. High-throughput semi-honest secure three-party computation with an honest majority. In the 23rd ACM CCS, pp. 805–817, (2016)
[3]
D. Beaver. Foundations of secure interactive computing. In the 11th CRYPTO, pp 377–391, (1991)
[4]
E. Ben-Sasson, S. Fehr, R. Ostrovsky. Near-linear unconditionally-secure multiparty computation with a dishonest minority. In the 32nd CRYPTO, pp 663-680, (2012)
[5]
Z. Beerliová-Trubíniová, M. Hirt. Perfectly-secure MPC with linear communication complexity. In the 5th TCC, pp 213–230, (2008)
[6]
M. Ben-Or, S. Goldwasser, A. Wigderson. Completeness theorems for non-cryptographic fault-tolerant distributed computation. In the 20th STOC, pp 1–10, (1988)
[7]
S.S. Burra, E. Larraia, J.B. Nielsen, P.S. Nordholt, C. Orlandi, E. Orsini, P. Scholl, N.P. Smart. High performance multi-party computation for binary circuits based on oblivious transfer. ePrint Cryptology Archive, 2015/472.
[8]
Canetti R Security and composition of multiparty cryptographic protocols J. Cryptol. 2000 13 1 143-202
[9]
R. Canetti. Universally composable security: a new paradigm for cryptographic protocols. In the 42nd FOCS, pp 136–145, (2001)
[10]
D. Chaum, C. Crépeau, I. Damgård. Multi-party unconditionally secure protocols. In the 20th STOC, pp 11–19, (1988)
[11]
K. Chida, D. Genkin, K. Hamada, D. Ikarashi, R. Kikuchi, Y. Lindell, A. Nof. Fast large-scale honest-majority mpc for malicious adversaries. In the 38th CRYPTO, pp 34–64, (2018)
[12]
R. Cleve. Limits on the security of coin flips when half the processors are faulty. In the 18th STOC, pp 364–369, (1986)
[13]
R. Cramer, I. Damgård, Y. Ishai, Share conversion, pseudorandom secret-sharing and applications to secure computation. In TCC 2005, pp 342–362, (2005)
[14]
I. Damgård, Y. Ishai. Scalable secure multiparty computation. In the 26th CRYPTO, pp 501–520, (2006)
[15]
I. Damgård, M. Keller, E. Larraia, V. Pastro, P. Scholl, N.P. Smart. Practical covertly secure MPC for dishonest majority - or: breaking the SPDZ limits. In the 18th ESORICS, pp 1–18, (2013)
[16]
I. Damgård, J. Nielsen. Scalable and unconditionally secure multiparty computation. In the 27th CRYPTO, pp 572–590, (2007)
[17]
I. Damgård, V. Pastro, N.P. Smart, S. Zakarias. Multiparty computation from somewhat homomorphic encryption. In the 32nd CRYPTO, pp 643–662, (2012)
[18]
D. Genkin, Y. Ishai, M. Prabhakaran, A. Sahai, E. Tromer. Circuits resilient to additive attacks with applications to secure computation. In STOC 2014, pp 495-504, (2014)
[19]
D. Genkin, Y. Ishai, A. Polychroniadou. Efficient multi-party computation: from passive to active security via secure SIMD circuits. In the 35th CRYPTO, pp 721–741, (2015)
[20]
M. Hirt, J.B. Nielsen. Robust multiparty computation with linear communication complexity. In the 26th CRYPTO, pp 463–482, (2006)
[21]
O. Goldreich, S. Micali, A. Wigderson. How to play any mental game. In the 19th STOC, pp 218–229, (1987)
[22]
S. Goldwasser, L. Levin. Fair computation of general functions in presence of immoral majority. In the 10th CRYPTO, pp 77–93, (1990)
[23]
Goldreich O Foundations of Cryptography: Basic Applications 2004 Cambridge Cambridge University Press
[24]
Goldwasser S and Lindell Y Secure computation without agreement J. Cryptol. 2005 18 3 247-287
[25]
V. Goyal, Y. Liu, Y. Song. Communication-efficient unconditional MPC with guaranteed output delivery. In the 39th CRYPTO, pp 85–114, (2019)
[26]
V. Goyal, Y. Song, C. Zhu, Guaranteed output delivery comes free in honest majority MPC. In the 40th CRYPTO, pp 618–646, (2020)
[27]
M. Keller, E. Orsini, P. Scholl, MASCOT: faster malicious arithmetic secure computation with oblivious transfer. In the 23rd ACM CCS, pp 830–842, (2016)
[28]
M. Keller, V. Pastro, D. Rotaru, Overdrive: making SPDZ great again. In the 37th EUROCRYPT, pp 158-189, (2018)
[29]
Kushilevitz E, Lindell Y, and Rabin T Information-theoretically secure protocols and security under composition SIAM J. Comput. 2010 39 5 2090-2112
[30]
Y. Lindell, A. Nof. A framework for constructing fast MPC over arithmetic circuits with malicious adversaries and an honest-majority. In the ACM CCS 2017, pp 259–276, (2017)
[31]
Y. Lindell, B. Pinkas. Secure two-party computation via cut-and-choose oblivious transfer. In the 8th TCC, pp 329–346, (2011)
[32]
P. Mohassel, M. Rosulek, Y. Zhang. Fast and secure three-party computation: the garbled circuit approach. In the 22nd ACM CCS, pp 591–602, (2015)
[33]
J.B. Nielsen, P.S. Nordholt, C. Orlandi, S.S. Burra. A new approach to practical active-secure two-party computation. In the 32nd CRYPTO, pp 681–700, (2012)
[34]
P. Paillier. Public-key cryptosystems based on composite degree residuosity classes. In EUROCRYPT’ 99, pp 223–238, (1999)
[35]
T. Rabin, M. Ben-Or. Verifiable secret sharing and multi-party protocols with honest majority. In the 21st STOC, pp 73–85, (1989)
[36]
Shamir A How to share a secret Commun. ACM 1979 22 11 612-613
[37]
I. Damgård, M. Geisler, M. Krøigaard, J.B.Nielsen. Asynchronous multiparty computation: theory and implementation. In the 12th PKC, pp 160–179, (2009)
[38]
A. Yao. How to generate and exchange secrets. In the 27th FOCS, pp 162–167, (1986)
Recommendations
Fast Fully Secure Multi-Party Computation over Any Ring with Two-Thirds Honest Majority
CCS '22: Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications SecurityWe introduce a new MPC protocol to securely compute any functionality over an arbitrary black-box finite ring (which may not be commutative), tolerating t < n/3 active corruptions whileguaranteeing output delivery (G.O.D.). Our protocol is based on ...
Two-Thirds Honest-Majority MPC for Malicious Adversaries at Almost the Cost of Semi-Honest
CCS '19: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications SecuritySecure multiparty computation (MPC) enables a set of parties to securely carry out a joint computation of their private inputs without revealing anything but the output. Protocols for semi-honest adversaries guarantee security as long as the corrupted ...
A Framework for Constructing Fast MPC over Arithmetic Circuits with Malicious Adversaries and an Honest-Majority
CCS '17: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications SecurityProtocols for secure multiparty computation enable a set of parties to compute a function of their inputs without revealing anything but the output. The security properties of the protocol must be preserved in the presence of adversarial behavior. The ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
© International Association for Cryptologic Research 2023. Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
Publisher
Springer-Verlag
Berlin, Heidelberg
Publication History
Published: 18 April 2023
Accepted: 29 January 2023
Revision received: 29 January 2023
Received: 17 November 2019
Author Tags
Qualifiers
- Research-article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 19 Nov 2024
Other Metrics
Citations
Cited By
View allView Options
View options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in