Abstract
A multiparty computation protocol is perfectly secure for some function f if it perfectly emulates an ideal computation of f. Thus, perfect security is the strongest and most desirable notion of security, as it guarantees security in the face of any adversary and eliminates the dependency on any security parameter. Ben-Or et al. [2] [STOC ’88] and Chaum et al. [5] [STOC ’88] showed that any function can be computed with perfect security if strictly less than one-third of the parties can be corrupted. For two-party sender-receiver functionalities (where only one party receives an output), Ishai et al. [9] [TCC ’13] showed that any function can be computed with perfect security in the correlated randomness model. Unfortunately, they also showed that perfect security cannot be achieved in general for two-party functions that give outputs to both parties (even in the correlated randomness model).
We study the feasibility of obtaining perfect security for deterministic symmetric two-party functionalities (i.e., where both parties obtain the same output) in the face of malicious adversaries. We explore both the plain model as well as the correlated randomness model. We provide positive results in the plain model, and negative results in the correlated randomness model. As a corollary, we obtain the following results.
-
1.
We provide a characterization of symmetric functionalities with (up to) four possible outputs that can be computed with perfect security. The characterization is further refined when restricted to three possible outputs and to Boolean functions. All characterizations are the same for both the plain model and the correlated randomness model.
-
2.
We show that if a functionality contains an embedded XOR or an embedded AND, then it cannot be computed with perfect security (even in the correlated randomness model).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
- 1.
For semi-honest adversaries, they showed that an honest majority is sufficient.
- 2.
A functionality f is said to have an embedded XOR if there exists \(x_1,x_2\in \mathcal {X}\) and \(y_1,y_2\in \mathcal {Y}\) such that \(f(x_1,y_1)=f(x_2,y_2)\ne f(x_1,y_2)=f(x_2,y_1)\). The functionality is said to have an embedded AND if \(f(x_2,y_2)\ne f(x_1,y_1)=f(x_1,y_2)=f(x_2,y_1)\).
- 3.
The typical convention in secure computation is to let \(f:{\{0,1\}^*}\times {\{0,1\}^*}\mapsto {\{0,1\}^*}\). However, we consider only functionalities with a constant domain, which is why we introduce this notation.
References
Alon, B., Paskin-Cherniavsky, A.: On perfectly secure 2PC in the OT-hybrid model. In: Hofheinz, D., Rosen, A. (eds.) TCC 2019. LNCS, vol. 11891, pp. 561–595. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-36030-6_22
Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computing. In: Proceedings of the 20th STOC, pp. 1–10 (1988). https://doi.org/10.1145/3335741.3335756
Brassard, G., Crépeau, C., Santha, M.: Oblivious transfers and intersecting codes. IACR Cryptology ePrint Archive, vol. 1996, p. 10 (1996). http://eprint.iacr.org/1996/010
Canetti, R.: Security and composition of multiparty cryptographic protocols. J. Cryptol. 13(1), 143–202 (2000). https://doi.org/10.1007/s001459910006
Chaum, D., Crépeau, C., Damgard, I.: Multiparty unconditionally secure protocols. In: Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing, pp. 11–19 (1988). https://doi.org/10.1145/62212.62214
Chor, B., Kushilevitz, E.: A zero-one law for Boolean privacy. SIAM J. Discret. Math. 4(1), 36–47 (1991)
Cleve, R.: Limits on the security of coin flips when half the processors are faulty. In: Proceedings of the Eighteenth Annual ACM Symposium on Theory of Computing, pp. 364–369 (1986)
Goldreich, O.: Foundations of Cryptography - VOLUME 2: Basic Applications. Cambridge University Press, Cambridge (2004)
Ishai, Y., Kushilevitz, E., Meldgaard, S., Orlandi, C., Paskin-Cherniavsky, A.: On the power of correlated randomness in secure computation. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 600–620. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36594-2_34
Kushilevitz, E.: Privacy and communication complexity. SIAM J. Discret. Math. 5(2), 273–284 (1992)
Wolf, S., Wullschleger, J.: Oblivious transfer is symmetric. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 222–232. Springer, Heidelberg (2006). https://doi.org/10.1007/11761679_14
Acknowledgements
The work of B. Alon, O. Nissenbaum, E. Omri, and A. Paskin-Cherniavsky was supported in part by the Ariel Cyber Innovation Center in conjunction with the Israel National Cyber directorate in the Prime Minister’s Office. The work of B. Alon, O. Nissenbaum, and E. Omri was also supported in part by grants from the Israel Science Foundation (no.152/17). This work was done while E. Omri was visiting Georgetown University, supported by the Robert L. McDevitt, K.S.G., K.C.H.S. and Catherine H. McDevitt L.C.H.S. endowment at Georgetown University. The work of A. Patra was supported by DST National Mission on Interdisciplinary Cyber-Physical Systems (NM-ICPS) 2020–2025 and SERB MATRICS (Theoretical Sciences) Grant 2020–2023.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Alon, B., Nissenbaum, O., Omri, E., Paskin-Cherniavsky, A., Patra, A. (2022). On Perfectly Secure Two-Party Computation for Symmetric Functionalities with Correlated Randomness. In: Kiltz, E., Vaikuntanathan, V. (eds) Theory of Cryptography. TCC 2022. Lecture Notes in Computer Science, vol 13748. Springer, Cham. https://doi.org/10.1007/978-3-031-22365-5_19
Download citation
DOI: https://doi.org/10.1007/978-3-031-22365-5_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-22364-8
Online ISBN: 978-3-031-22365-5
eBook Packages: Computer ScienceComputer Science (R0)