Skip to main content
SpringerLink
Log in

MPC-Friendly Symmetric Cryptography from Alternating Moduli: Candidates, Protocols, and Applications

  • Conference paper
  • First Online:
Advances in Cryptology – CRYPTO 2021 (CRYPTO 2021)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12828))

Included in the following conference series:

Abstract

We study new candidates for symmetric cryptographic primitives that leverage alternation between linear functions over \(\mathbb {Z}_2\) and \(\mathbb {Z}_3\) to support fast protocols for secure multiparty computation (MPC). This continues the study of weak pseudorandom functions of this kind initiated by Boneh et al. (TCC 2018) and Cheon et al. (PKC 2021).

We make the following contributions.

  • Candidates. We propose new designs of symmetric primitives based on alternating moduli. These include candidate one-way functions, pseudorandom generators, and weak pseudorandom functions. We propose concrete parameters based on cryptanalysis.

  • Protocols. We provide a unified approach for securely evaluating modulus-alternating primitives in different MPC models. For the original candidate of Boneh et al., our protocols obtain at least 2x improvement in all performance measures. We report efficiency benchmarks of an optimized implementation.

  • Applications. We showcase the usefulness of our candidates for a variety of applications. This includes short “Picnic-style” signature schemes, as well as protocols for oblivious pseudorandom functions, hierarchical key derivation, and distributed key generation for function secret sharing.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 89.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    A weak PRF is one whose security only holds when evaluated on random inputs. In many applications of strong PRF, a weak PRF can be used instead by first applying a hash function (modeled as a random oracle) to the input.

  2. 2.

    Otherwise, each output would have \(2^s\) preimages and there would be no security advantage.

  3. 3.

    See https://csrc.nist.gov/projects/post-quantum-cryptography/.

  4. 4.

    In general, one may guess the Hamming weight of the solution and repeat the algorithm accordingly a polynomial number of times.

References

  1. libsodium 1.0.18-stable (2020). https://libsodium.gitbook.io/doc/. Accessed 31 Dec 2020

  2. Akavia, A., Bogdanov, A., Guo, S., Kamath, A., Rosen, A.: Candidate weak pseudorandom functions in AC MOD 2. In: ITCS, pp. 251–260 (2014)

    Google Scholar 

  3. Albrecht, M.R., et al.: Feistel structures for MPC, and more. In: Sako, K., Schneider, S., Ryan, P.Y.A. (eds.) ESORICS 2019. LNCS, vol. 11736, pp. 151–171. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-29962-0_8

    Chapter  Google Scholar 

  4. Albrecht, M.R., Rechberger, C., Schneider, T., Tiessen, T., Zohner, M.: Ciphers for MPC and FHE. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9056, pp. 430–454. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46800-5_17

    Chapter  Google Scholar 

  5. Aly, A., Ashur, T., Ben-Sasson, E., Dhooghe, S., Szepieniec, A.: Design of symmetric-key primitives for advanced cryptographic protocols. TOSC 2020(3), 1–45 (2020)

    Google Scholar 

  6. Applebaum, B., Ishai, Y., Kushilevitz, E.: Cryptography in NC\({}^{\text{0}}\). In: FOCS, pp. 166–175 (2004)

    Google Scholar 

  7. Baum, C., de Saint Guilhem, C.D., Kales, D., Orsini, E., Scholl, P., Zaverucha, G.: Banquet: Short and fast signatures from AES. In: Garay, J.A. (ed.) PKC 2021. LNCS, vol. 12710, pp. 266–297. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-75245-3_11

    Chapter  Google Scholar 

  8. Beaver, D.: Efficient multiparty protocols using circuit randomization. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 420–432. Springer, Heidelberg (1992). https://doi.org/10.1007/3-540-46766-1_34

    Chapter  Google Scholar 

  9. Becker, A., Coron, J.-S., Joux, A.: Improved generic algorithms for hard knapsacks. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 364–385. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20465-4_21

    Chapter  Google Scholar 

  10. Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: STOC, pp. 1–10 (1988)

    Google Scholar 

  11. Beullens, W.: Sigma protocols for MQ, PKP and SIS, and Fishy signature schemes. In: Canteaut, A., Ishai, Y. (eds.) EUROCRYPT 2020. LNCS, vol. 12107, pp. 183–211. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45727-3_7

    Chapter  Google Scholar 

  12. Beullens, W., Delpech de Saint Guilhem, C.: LegRoast: Efficient post-quantum signatures from the legendre PRF. In: Ding, J., Tillich, J.-P. (eds.) PQCrypto 2020. LNCS, vol. 12100, pp. 130–150. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-44223-1_8

    Chapter  Google Scholar 

  13. Blum, M., Micali, S.: How to generate cryptographically strong sequences of pseudorandom bits. SICOMP 13(4), 850–864 (1984)

    Article  MathSciNet  Google Scholar 

  14. Boneh, D., Boyle, E., Corrigan-Gibbs, H., Gilboa, N., Ishai, Y.: Zero-knowledge proofs on secret-shared data via fully linear PCPs. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11694, pp. 67–97. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26954-8_3

    Chapter  Google Scholar 

  15. Boneh, D., Ishai, Y., Passelègue, A., Sahai, A., Wu, D.J.: Exploring crypto dark matter: New simple PRF candidates and their applications. In: Beimel, A., Dziembowski, S. (eds.) TCC 2018. LNCS, vol. 11240, pp. 699–729. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03810-6_25

    Chapter  Google Scholar 

  16. Bonnetain, X., Bricout, R., Schrottenloher, A., Shen, Y.: Improved classical and quantum algorithms for subset-sum. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020. LNCS, vol. 12492, pp. 633–666. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64834-3_22

    Chapter  Google Scholar 

  17. Boyle, E., et al.: Function secret sharing for mixed-mode and fixed-point secure computation. In: Canteaut, A., Standaert, F.-X. (eds.) EUROCRYPT 2021. LNCS, vol. 12697, pp. 871–900. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-77886-6_30

    Chapter  Google Scholar 

  18. Boyle, E., Couteau, G., Gilboa, N., Ishai, Y.: Compressing vector OLE. In: CCS, pp. 896–912 (2018)

    Google Scholar 

  19. Boyle, E., et al.: Efficient two-round OT extension and silent non-interactive secure computation. In: CCS, pp. 291–308 (2019)

    Google Scholar 

  20. Boyle, E., Couteau, G., Gilboa, N., Ishai, Y., Kohl, L., Scholl, P.: Efficient pseudorandom correlation generators: silent OT extension and more. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11694, pp. 489–518. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26954-8_16

    Chapter  Google Scholar 

  21. Boyle, E., Couteau, G., Gilboa, N., Ishai, Y., Kohl, L., Scholl, P.: Efficient pseudorandom correlation generators from ring-LPN. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020. LNCS, vol. 12171, pp. 387–416. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-56880-1_14

    Chapter  Google Scholar 

  22. Boyle, E., Gilboa, N., Ishai, Y.: Function secret sharing. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 337–367. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46803-6_12

    Chapter  Google Scholar 

  23. Boyle, E., Gilboa, N., Ishai, Y.: Secure computation with preprocessing via function secret sharing. In: Hofheinz, D., Rosen, A. (eds.) TCC 2019. LNCS, vol. 11891, pp. 341–371. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-36030-6_14

    Chapter  Google Scholar 

  24. Boyle, E., Gilboa, N., Ishai, Y., Nof, A.: Practical fully secure three-party computation via sublinear distributed zero-knowledge proofs. In: CCS, pp. 869–886 (2019)

    Google Scholar 

  25. Chase, M., et al.: Post-quantum zero-knowledge and signatures from symmetric-key primitives. In: CCS, pp. 1825–1842 (2017)

    Google Scholar 

  26. Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols. In: STOC, pp. 11–19 (1988)

    Google Scholar 

  27. Chen, L.: Non-deterministic quasi-polynomial time is average-case hard for ACC circuits. In: FOCS, pp. 1281–1304 (2019)

    Google Scholar 

  28. Chen, L., Ren, H.: Strong average-case lower bounds from non-trivial derandomization. In: STOC, pp. 1327–1334 (2020)

    Google Scholar 

  29. Cheon, J.H., Cho, W., Kim, J.H., Kim, J.: Adventures in crypto dark matter: Attacks and fixes for weak pseudorandom functions. In: Garay, J.A. (ed.) PKC 2021. LNCS, vol. 12711, pp. 739–760. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-75248-4_26

    Chapter  Google Scholar 

  30. Couteau, G., Dupin, A., Méaux, P., Rossi, M., Rotella, Y.: On the concrete security of Goldreich’s pseudorandom generator. In: Peyrin, T., Galbraith, S. (eds.) ASIACRYPT 2018. LNCS, vol. 11273, pp. 96–124. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03329-3_4

    Chapter  Google Scholar 

  31. Damgård, I.B.: On the randomness of Legendre and Jacobi sequences. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 163–172. Springer, New York (1990). https://doi.org/10.1007/0-387-34799-2_13

    Chapter  Google Scholar 

  32. Damgård, I., Keller, M.: Secure multiparty AES. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 367–374. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14577-3_31

    Chapter  Google Scholar 

  33. Damgård, I., Nielsen, J.B., Nielsen, M., Ranellucci, S.: The TinyTable Protocol for 2-party secure computation, or: gate-scrambling revisited. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10401, pp. 167–187. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63688-7_6

    Chapter  Google Scholar 

  34. Dinur, I., et al.: MPC-friendly symmetric cryptography from alternating moduli: Candidates, protocols, and applications. Cryptology ePrint Archive, report number 2021/885 (2021). https://eprint.iacr.org/2021/885.pdf

  35. Doerner, J., Shelat, A.: Scaling ORAM for secure computation. In: CCS, pp. 523–535 (2017)

    Google Scholar 

  36. Filmus, Y., Ishai, Y., Kaplan, A., Kindler, G.: Limits of preprocessing. In: CCC, pp. 17:1–17:22 (2020)

    Google Scholar 

  37. Freedman, M.J., Ishai, Y., Pinkas, B., Reingold, O.: Keyword search and oblivious pseudorandom functions. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 303–324. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30576-7_17

    Chapter  Google Scholar 

  38. Goldreich, O.: Candidate one-way functions based on expander graphs. In: Goldreich, O. (ed.) Studies in Complexity and Cryptography. Miscellanea on the Interplay between Randomness and Computation. LNCS, vol. 6650, pp. 76–87. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22670-0_10

    Chapter  Google Scholar 

  39. Goldreich, O., Goldwasser, S., Micali, S.: On the cryptographic applications of random functions (extended abstract). In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 276–288. Springer, Heidelberg (1985). https://doi.org/10.1007/3-540-39568-7_22

    Chapter  Google Scholar 

  40. Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: STOC, pp. 218–229 (1987)

    Google Scholar 

  41. Grassi, L., Rechberger, C., Rotaru, D., Scholl, P., Smart, N.P.: MPC-friendly symmetric key primitives. In: CCS, pp. 430–443 (2016)

    Google Scholar 

  42. Howgrave-Graham, N., Joux, A.: New generic algorithms for hard knapsacks. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 235–256. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5_12

    Chapter  Google Scholar 

  43. Ishai, Y., Kilian, J., Nissim, K., Petrank, E.: Extending oblivious transfers efficiently. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 145–161. Springer, Heidelberg (2003). https://doi.org/10.1007/978-3-540-45146-4_9

    Chapter  Google Scholar 

  44. Ishai, Y., Kushilevitz, E., Lu, S., Ostrovsky, R.: Private large-scale databases with distributed searchable symmetric encryption. In: Sako, K. (ed.) CT-RSA 2016. LNCS, vol. 9610, pp. 90–107. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-29485-8_6

    Chapter  Google Scholar 

  45. Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Zero-knowledge from secure multiparty computation. In: STOC, pp. 21–30 (2007)

    Google Scholar 

  46. Jarecki, S., Kiayias, A., Krawczyk, H.: Round-optimal password-protected secret sharing and T-PAKE in the password-only model. In: Sarkar, P., Iwata, T. (eds.) ASIACRYPT 2014. LNCS, vol. 8874, pp. 233–253. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-45608-8_13

    Chapter  MATH  Google Scholar 

  47. Jarecki, S., Kiayias, A., Krawczyk, H., Xu, J.: Highly-efficient and composable password-protected secret sharing (or: How to protect your Bitcoin wallet online). In: EURO S&P, pp. 276–291 (2016)

    Google Scholar 

  48. Jarecki, S., Liu, X.: Efficient oblivious pseudorandom function with applications to adaptive OT and secure computation of set intersection. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 577–594. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00457-5_34

    Chapter  MATH  Google Scholar 

  49. Kabanets, V., Koroth, S., Lu, Z., Myrisiotis, D., Oliveira, I.: Algorithms and lower bounds for De Morgan formulas of low-communication leaf gates. In: CCC, pp. 15:1–15:41 (2020)

    Google Scholar 

  50. Kales, D., Zaverucha, G.: Improving the performance of the Picnic signature scheme. TCHES 2020(4), 154–188 (2020)

    Article  Google Scholar 

  51. Katz, J., Kolesnikov, V., Wang, X.: Improved non-interactive zero knowledge with applications to post-quantum signatures. In: CCS, pp. 525–537 (2018)

    Google Scholar 

  52. Kelsey, J., Chang, S.J., Perlner, R.: SHA-3 derived functions: cSHAKE KMAC TupleHash and ParallelHash. National Institute for Standards and Technology, Special Publication 800-185 (2016)

    Google Scholar 

  53. Levin, L.: One-way functions and pseudorandom generators. In: STOC, pp. 363–365 (1985)

    Google Scholar 

  54. Matsumoto, T., Imai, H.: Public quadratic polynomial-tuples for efficient signature-verification and message-encryption. In: Barstow, D., et al. (eds.) EUROCRYPT 1988. LNCS, vol. 330, pp. 419–453. Springer, Heidelberg (1988). https://doi.org/10.1007/3-540-45961-8_39

    Chapter  Google Scholar 

  55. Miles, E., Viola, E.: Substitution-permutation networks, pseudorandom functions, and natural proofs. J. ACM 62(6), 46:1–46:29 (2015)

    Article  MathSciNet  Google Scholar 

  56. Pinkas, B., Schneider, T., Smart, N.P., Williams, S.C.: Secure two-party computation is practical. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 250–267. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-10366-7_15

    Chapter  Google Scholar 

  57. Proposal, B.I.: Hierarchical deterministic wallets (2017). https://en.bitcoin.it/wiki/BIP_0032

  58. de Saint Guilhem, C.D., De Meyer, L., Orsini, E., Smart, N.P.: BBQ: using AES in Picnic signatures. In: Paterson, K.G., Stebila, D. (eds.) SAC 2019. LNCS, vol. 11959, pp. 669–692. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-38471-5_27

    Chapter  MATH  Google Scholar 

  59. Schoppmann, P., Gascón, A., Reichert, L., Raykova, M.: Distributed vector-OLE: improved constructions and implementation. In: CCS, pp. 1055–1072 (2019)

    Google Scholar 

  60. Seres, I.A., Horváth, M., Burcsi, P.: The Legendre pseudorandom function as a multivariate quadratic cryptosystem: security and applications. Cryptology ePrint Archive, Report 2021/182 (2021)

    Google Scholar 

  61. The Picnic Design Team: The Picnic signature algorithm specification, version 3.0, September 2020. https://microsoft.github.io/Picnic/

  62. Wang, X., Ranellucci, S., Katz, J.: Global-scale secure multiparty computation. In: CCS, pp. 39–56 (2017)

    Google Scholar 

  63. Yang, J., Guo, Q., Johansson, T., Lentmaier, M.: Revisiting the concrete security of Goldreich’s pseudorandom generator (2021)

    Google Scholar 

  64. Yang, K., Weng, C., Lan, X., Zhang, J., Wang, X.: Ferret: Fast extension for correlated OT with small communication. In: CCS, pp. 1607–1626 (2020)

    Google Scholar 

  65. Yao, A.C.: Theory and application of trapdoor functions. In: FOCS, pp. 80–91 (1982)

    Google Scholar 

  66. Yao, A.C.: How to generate and exchange secrets. In: FOCS, pp. 162–167 (1986)

    Google Scholar 

Download references

Acknowledgments

Itai Dinur is supported by ISF grants 573/16 and 1903/20, and by the European Research Council under the ERC starting grant agreement No. 757731 (LightCrypt). Yuval Ishai is supported by ERC Project NTSC (742754), ISF grant 2774/20, NSF-BSF grant 2015782, and BSF grant 2018393.

Author information

Authors and Affiliations

  1. Ben-Gurion University, Beersheba, Israel

    Itai Dinur

  2. Cornell Tech, New York, USA

    Steven Goldfeder & Mahimna Kelkar

  3. Brooklyn College, CUNY, New York, USA

    Tzipora Halevi

  4. Technion, Haifa, Israel

    Yuval Ishai

  5. Cornell University, Ithaca, USA

    Mahimna Kelkar

  6. Graduate Center, CUNY, New York, USA

    Vivek Sharma

  7. Microsoft Research, Redmond, USA

    Greg Zaverucha

Authors
  1. Itai Dinur
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Steven Goldfeder
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tzipora Halevi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yuval Ishai
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Mahimna Kelkar
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Vivek Sharma
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Greg Zaverucha
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Itai Dinur .

Editor information

Editors and Affiliations

  1. Columbia University, New York City, NY, USA

    Tal Malkin

  2. University of Michigan, Ann Arbor, MI, USA

    Chris Peikert

Rights and permissions

Reprints and permissions

Copyright information

© 2021 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Dinur, I. et al. (2021). MPC-Friendly Symmetric Cryptography from Alternating Moduli: Candidates, Protocols, and Applications. In: Malkin, T., Peikert, C. (eds) Advances in Cryptology – CRYPTO 2021. CRYPTO 2021. Lecture Notes in Computer Science(), vol 12828. Springer, Cham. https://doi.org/10.1007/978-3-030-84259-8_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-84259-8_18

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-84258-1

  • Online ISBN: 978-3-030-84259-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation