Multiparty Computation for Dishonest Majority: From Passive to Active Security at Low Cost.

, that allow us to achieve active security for just a (small) constant amount of work more than for passive security. ... Multiparty computation protocols have been known for more than twenty years now, but due to their lack of efficiency their use is still limited in real-world applications: the goal of this paper is the ... The authors would like to thank Jesper Buus Nielsen for the essential suggestions in the protocol design, and Yuval Ishai, Yehuda Lindell for valuable comments. ...

doi:10.1007/978-3-642-14623-7_30 fatcat:djrpgka67ncpzivqlwottiweku

Motivated by problems in secure multiparty computation (MPC), we study a natural extension of identifiable secret sharing to the case where an arbitrary number of players may be corrupted. ... We demonstrate the usefulness of this primitive by presenting several applications to MPC without an honest majority. -Complete primitives for MPC. ... We would like to acknowledge the helpful comments and suggestions of the anonymous TCC reviewers, and in particular for pointing out the relevance of the notion of IC Signatures from [25] . ...

doi:10.1007/978-3-642-28914-9_2 fatcat:vz4kxwojunekbmmjmarxdbi2oe

Our method is inspired by recent results in verifiable computation, adapting them to multiparty setting and significantly lowering their computational costs for the provers. ... We present a generic method for turning passively secure protocols into protocols secure against covert attacks. ... From the start, two kinds of adversaries -passive and active -have been considered in the construction of SMC protocols, with highest performance and the greatest variety achieved for protocol sets secure ...

doi:10.1007/978-3-319-12475-9_11 fatcat:rddszpuz2nc37gxeoidy6rxq3a

A particularly novel aspect is that it automatically determines the minimum number of rounds needed for a computation, and uses this to minimize the overall cost of the computation. ... We present a runtime environment for executing secure programs via a multi-party computation protocol in the preprocessing model. ... Recent practical MPC work in the secret sharing tradition has focused on full active security against a dishonest majority, utilizing a form of "shared MAC" to provide security [4, 11, 13, 23] . ...

doi:10.1145/2508859.2516744 dblp:conf/ccs/KellerSS13 fatcat:r3dvfhkzfjcjdcemxftbwhc5jy

setting, to actively secure protocols with abort. ... To this end, we present a general and simple method to compile arbitrary secretsharing-based passively secure protocols defined over an arbitrary ring that are secure up to additive attacks in a malicious ... Compiling honest majority protocols from passive to active security have also been studied previously. [18] shows how to efficient convert a passively secure honest majority protocol with the same properties ...

dblp:journals/iacr/EscuderoD20 fatcat:vtivrro6ofc5zgwip42ptr5fom

Several actively secure protocols over these rings have been implemented, for both the dishonest majority setting and the setting of three parties with one corruption. ... Multiparty computation (MPC) over rings such as Z 2 32 or Z 2 64 has received a great deal of attention recently due to its ease of implementation and attractive performance. ... However, their compiler does not preserve the adversary threshold when moving from passive to active security. ...

dblp:journals/iacr/AbspoelDEN19 fatcat:c3h4bowflnefxd5rrsv36omqby

We introduce a new MPC protocol to securely compute any functionality over an arbitrary black-box finite ring (which may not be commutative), tolerating t < n/3 active corruptions while guaranteeing output ... performed at the end before revealing the output. ... For example, although it may be reasonable to assume a passive adversary in a restricted set of settings, it is natural to desire security against active adversaries, given that there is no way to audit ...

dblp:journals/iacr/DalskovEN22 fatcat:cq3zks6lcfe5tktlrtqkbk4rf4

These experiments provide an interesting insight into cost between active and passive security, as well as honest and dishonest majority. ... In contrast, most secure evaluation protocols in the literature are targeted to a specific threat model and their implementations are only a "proof-of-concept", making it very hard for their adoption in ... We thank Assi Barak (who was previously on this paper) for many helpful discussions in the initial phases of this project. ...

doi:10.2478/popets-2020-0077 fatcat:ped3x4xxebby5fg5pua2wkn754

DOAJ

We present a multi-party computation protocol in the case of dishonest majority which has very low round complexity. ... Additionally, we present a variant of our protocol which trades the depth of the garbling circuit (computed using SHE) for some more multiplications in the offline and online phases. ... Introduction Secure multiparty computation: In the setting of secure multiparty computation (MPC), a set of mutually distrusting parties wish to compute a joint function of their private inputs. ...

doi:10.1007/978-3-662-53641-4_21 fatcat:syycakbu7remhmxoo2npju4zzi

We propose several variants of a secure multiparty computation protocol for AES encryption. ... We implemented the variants using VIFF, a software framework for implementing secure multiparty computation (MPC). ... We can, for instance, use the classic passively secure protocol from [1] tolerating a dishonest majority, or the actively secure protocol from [6] tolerating less then one third corrupted players. ...

doi:10.1007/978-3-642-14577-3_31 fatcat:ad6o7rsmrredrm77bsvdv7vv3e

Chapter 8: Active Security for Dishonest Majority. This chapter extends the protocol from Chapter 7 to achieve active security with abort making use of message authentication codes, or MACs. ... Chapter 4: Passive and Perfect Security for Honest Majority. ... For example, shifting from passive to active security requires us to either switch from perfect to statistical simulation, or from honest majority to two-thirds honest majority. ...

dblp:journals/iacr/Escudero22 fatcat:deawwnokefcxhon73nyvxdv4dm

The aim of this paper is to present some of the recent progress in efficient secure multiparty computation (MPC). In MPC we have a set of parties owning a set of private inputs. ... The parties want to compute a function of their inputs, but they do not trust each other, therefore they need a cryptographic protocol to perform the computation in a way that 1) the output is correct ... The VIFF Project [DGKN09] (viff.dk), allows instead to compute with arithmetic circuits: born as a solution for honest majority only, it contains now runtimes for dishonest majority and active adversaries ...

doi:10.1109/icassp.2011.5947691 dblp:conf/icassp/Orlandi11 fatcat:a2cmm2bavra6hatgro5f4ea5du

The secure multiparty computation technique completes its execution in approximately 2 ms for data contributed by one million subjects. ... Results: We propose two provably secure solutions to address this challenge: (1) a somewhat homomorphic encryption (HE) approach, and (2) a secure multiparty computation (MPC) approach. ... Moreau, Jaak Simm, and Amin Ardeshirdavani were funded by Research Council KU Leuven: CoE PFV/10/016 SymBioSys; Flemish Government: IWT: Exaptation, PhD grants FWO 06260 (Iterative and multi-level methods for ...

doi:10.1186/s12859-018-2541-3 fatcat:jxi5l2xw3vdkplosqdi6rfxr4y

DOAJ

This causes a problem where, in order to reconstruct a multiplication result, the number of polynomials needed will increase from 𝑘 to 2𝑘 − 1. ... In this paper, we propose a multiparty computation that uses a secret sharing scheme that is secure against a product-sum operation but does not increase the degree of polynomial of the output. ... In particular, SPDZ 2 supposes an active adversary and is secure against a dishonest majority. Moreover, because SPDZ 2 uses SHE in the preprocessing phase, it is considered computationally secure. ...

dblp:journals/iacr/KamalI17 fatcat:yhbo7wuqqzboll6zzku6vcoc5m

In particular, we provide a comprehensive comparison between running secure inference of large ImageNet models with active and passive security, as well as honest and dishonest majority. ... The most efficient inference can be performed using a passive honest majority protocol which takes between 0.9 and 25.8 seconds, depending on the size of the model; for active security and an honest majority ... We thank Adrià Gascón for fruitful discussions, and also NEC and BIU members, especially Prof. Benny Pinkas and Prof. Yehuda Lindell for very useful comments on this work. ...

arXiv:1910.12435v1 fatcat:i5jxhze7zvgqjmel4rq4i6dljm

Multiple Versions

Multiparty Computation for Dishonest Majority: From Passive to Active Security at Low Cost [chapter]

Preserved Fulltext

Identifying Cheaters without an Honest Majority [chapter]

Preserved Fulltext

Verifiable Computation in Multiparty Protocols with Honest Majority [chapter]

Preserved Fulltext

An architecture for practical actively secure MPC with dishonest majority

Preserved Fulltext

Honest Majority MPC with Abort with Minimal Online Communication [article]

Preserved Fulltext

An Efficient Passive-to-Active Compiler for Honest-Majority MPC over Rings [article]

Preserved Fulltext

Fast Fully Secure Multi-Party Computation over Any Ring with Two-Thirds Honest Majority [article]

Preserved Fulltext

Secure Evaluation of Quantized Neural Networks

Preserved Fulltext

More Efficient Constant-Round Multi-party Computation from BMR and SHE [chapter]

Preserved Fulltext

Secure Multiparty AES [chapter]

Preserved Fulltext

An Introduction to Secret-Sharing-Based Secure Multiparty Computation [article]

Preserved Fulltext

Is multiparty computation any good in practice?

Preserved Fulltext

Towards practical privacy-preserving genome-wide association study

Preserved Fulltext

Conditionally Secure Secrecy Computation using Secret Sharing Scheme for n<2k-1 (full paper) [article]

Preserved Fulltext

Secure Evaluation of Quantized Neural Networks [article]

Preserved Fulltext

Other Versions