Skip to main content
Springer Nature Link
Log in

Honest Majority GOD MPC with \(O(\textsf{depth}(C))\) Rounds and Low Online Communication

  • Conference paper
  • First Online:
Advances in Cryptology – ASIACRYPT 2024 (ASIACRYPT 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 15489))

  • 315 Accesses

Abstract

In the context of secure multiparty computation (MPC) protocols with guaranteed output delivery (GOD) for the honest majority setting, the state-of-the-art in terms of communication is the work of (Goyal et al. CRYPTO’20), which communicates O(n|C|) field elements, where |C| is the size of the circuit being computed and n is the number of parties. Their round complexity, as usual in secret-sharing based MPC, is proportional to \(O(\textsf{depth}(C))\), but only in the optimistic case where there is no cheating. Under attack, the number of rounds can increase to \(\varOmega (n^2)\) before honest parties receive output, which is undesired for shallow circuits with \(\textsf{depth}(C)\ll n^2\). In contrast, other protocols that only require \(O(\textsf{depth}(C))\) rounds even in the worst case exist, but the state-of-the-art from (Choudhury and Patra, Transactions on Information Theory, 2017) still requires \(\varOmega (n^4|C|)\) communication in the offline phase, and \(\varOmega (n^3|C|)\) in the online (for both point-to-point and broadcast channels). We see there exists a tension between efficient communication and number of rounds. For reference, the recent work of (Abraham et al., EUROCRYPT’23) shows that for perfect security and \(t<n/3\), protocols with both linear communication and \(O(\textsf{depth}(C))\) rounds exist.

We address this state of affairs by presenting a novel honest majority GOD protocol that maintains \(O(\textsf{depth}(C))\) rounds, even under attack, while improving over the communication of the most efficient protocol in this setting by Choudhury and Patra. More precisely, our protocol has point-to-point (P2P) online communication of O(n|C|), accompanied by O(n|C|) broadcasted (BC) elements, while the offline has \(O(n^3|C|)\) P2P communication with \(O(n^3|C|)\) BC. This improves over the previous best result, and reduces the tension between communication and round complexity. Our protocol is achieved via a careful use of packed secret-sharing in order to improve the communication of existing verifiable secret-sharing approaches, although at the expense of weakening their robust guarantees: reconstruction of shared values may fail, but only if the adversary gives away the identities of many corrupt parties. We show that this less powerful notion is still useful for MPC, and we use this as a core building block in our construction. Using this weaker VSS, we adapt the recent secure-with-abort Turbopack protocol (Escudero et al. CCS’22) to the GOD setting without significantly sacrificing in efficiency.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    In \(t<n/2\) the recovery is done with a technique called dispute control [5], which is repeated \(n^2\) times in the worst case, in contrast to player elimination—only suitable for \(t<n/3\)—which is repeated n times.

  2. 2.

    Note that our term \(O(|C|n)\times \textsf{BC}\) (which is not present in [18]) would require all parties to receive at least n|C| messages, which in practice means a communication of at least \(n^2|C|\), widening the gap between the protocol from [18] and ours. See also Remark 1.

  3. 3.

    Furthermore, this protocol can presumably be optimized by avoiding the instantiation of the broadcast channel—which comes “for free” in our setting—and relaxing perfect security to statistical, but we find it to be unnecessary for our feasibility results.

  4. 4.

    For a given instance of \(\varPi _{\mathsf {Packed\text {-} DSS}}\), we use the same packing parameter \(\ell \) and batching parameter m for each call to \(\pi _{\mathsf {Packed\text {-} DSS \text {-} Share}}\).

  5. 5.

    A ‘multiplication procedure’ multiplying a sharing by \(\boldsymbol{u}_1,\dots ,\boldsymbol{u}_m\) corresponds to multiplying the polynomials defined by the sharing by the degree-\((\ell -1)\) polynomials \(u_1(x),\dots ,u_m(x)\) defined by the above vectors.

  6. 6.

    \(\mathcal {F}_{\textsf{MPC}}\), as defined, is not reactive. However, this is only for presentation and it is not hard to extend our protocol to support reactive computation.

  7. 7.

    Having each input to be VSS’ed adds an extra factor of n with respect to the number of inputs. We present in the full version a variant that is more suitable incase there are many more inputs than outputs.

References

  1. Ittai Abraham, Gilad Asharov, Shravani Patil, and Arpita Patra. “Detect, Pack and Batch: Perfectly-Secure MPC with Linear Communication and Constant Expected Time”. In: Advances in Cryptology – EUROCRYPT 2023, Part II. Ed. by Carmit Hazay and Martijn Stam. Vol. 14005. Lecture Notes in Computer Science. Lyon, France: Springer, Heidelberg, Germany, 2023, pp. 251–281. doi: https://doi.org/10.1007/978-3-031-30617-4_9.

  2. Ittai Abraham, Gilad Asharov, and Avishay Yanai. “Efficient Perfectly Secure Computation with Optimal Resilience”. In: TCC 2021: 19th Theory of Cryptography Conference, Part II. Ed. by Kobbi Nissim and Brent Waters. Vol. 13043. Lecture Notes in Computer Science. Raleigh, NC, USA: Springer, Heidelberg, Germany, 2021, pp. 66–96. doi: https://doi.org/10.1007/978-3-030-90453-1_3.

  3. Benny Applebaum, Eliran Kachlon, and Arpita Patra. “The Round Complexity of Statistical MPC with Optimal Resiliency”. In: Cryptology ePrint Archive (2023).

    Google Scholar 

  4. Donald Beaver. “Efficient Multiparty Protocols Using Circuit Randomization”. In: Advances in Cryptology - CRYPTO’91. Ed. by Joan Feigenbaum. Vol. 576. Lecture Notes in Computer Science. Santa Barbara, CA, USA: Springer, Heidelberg, Germany, 1992, pp. 420–432. doi: https://doi.org/10.1007/3-540-46766-1_34.

  5. Zuzana Beerliová-Trubíniová and Martin Hirt. “Efficient Multi-party Computation with Dispute Control”. In: TCC 2006: 3rd Theory of Cryptography Conference. Ed. by Shai Halevi and Tal Rabin. Vol. 3876. Lecture Notes in Computer Science. New York, NY, USA: Springer, Heidelberg, Germany, 2006, pp. 305–328. doi: https://doi.org/10.1007/11681878_16.

  6. Zuzana Beerliová-Trubíniová and Martin Hirt. “Perfectly-Secure MPC with Linear Communication Complexity”. In: TCC 2008: 5th Theory of Cryptography Conference. Ed. by Ran Canetti. Vol. 4948. Lecture Notes in Computer Science. San Francisco, CA, USA: Springer, Heidelberg, Germany, 2008, pp. 213–230. doi: https://doi.org/10.1007/978-3-540-78524-8_13.

  7. Michael Ben-Or, Shafi Goldwasser, and Avi Wigderson. “Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation (Extended Abstract)”. In: 20th Annual ACM Symposium on Theory of Computing. Chicago, IL, USA: ACM Press, 1988, pp. 1–10. doi: https://doi.org/10.1145/62212.62213.

  8. Eli Ben-Sasson, Serge Fehr, and Rafail Ostrovsky. “Near-Linear Unconditionally- Secure Multiparty Computation with a Dishonest Minority”. In: Advances in Cryptology - CRYPTO 2012. Ed. by Reihaneh Safavi-Naini and Ran Canetti. Vol. 7417. Lecture Notes in Computer Science. Santa Barbara, CA, USA: Springer, Heidelberg, Germany, 2012, pp. 663–680. doi: https://doi.org/10.1007/978-3-642-32009-5_39.

  9. David Chaum, Claude Crépeau, and Ivan Damgård. “Multiparty Unconditionally Secure Protocols (Extended Abstract)”. In: 20th Annual ACM Symposium on Theory of Computing. Chicago, IL, USA: ACM Press, 1988, pp. 11–19. doi: https://doi.org/10.1145/62212.62214.

  10. Ashish Choudhury and Arpita Patra. “An Efficient Framework for Unconditionally Secure Multiparty Computation”. In: IEEE Transactions on Information Theory 63.1 (2017), pp. 428–468. doi: https://doi.org/10.1109/TIT.2016.2614685.

  11. Ronald Cramer, Ivan Damgård, Stefan Dziembowski, Martin Hirt, and Tal Rabin. “Efficient Multiparty Computations Secure Against an Adaptive Adversary”. In: Advances in Cryptology - EUROCRYPT’99. Ed. by Jacques Stern. Vol. 1592. Lecture Notes in Computer Science. Prague, Czech Republic: Springer, Heidelberg, Germany, 1999, pp. 311–326. doi: https://doi.org/10.1007/3-540-48910-X_22.

  12. Ivan Damgård, Kasper Green Larsen, and Jesper Buus Nielsen. “Communication Lower Bounds for Statistically Secure MPC, With or Without Preprocessing”. In: Advances in Cryptology - CRYPTO 2019, Part II. Ed. by Alexandra Boldyreva and Daniele Micciancio. Vol. 11693. Lecture Notes in Computer Science. Santa Barbara, CA, USA: Springer, Heidelberg, Germany, 2019, pp. 61–84. doi: https://doi.org/10.1007/978-3-030-26951-7_3.

  13. Ivan Damgård and Jesper Buus Nielsen. “Scalable and Unconditionally Secure Multiparty Computation”. In: Advances in Cryptology - CRYPTO 2007. Ed. by Alfred Menezes. Vol. 4622. Lecture Notes in Computer Science. Santa Barbara, CA, USA: Springer, Heidelberg, Germany, 2007, pp. 572–590. doi: https://doi.org/10.1007/978-3-540-74143-5_32.

  14. Daniel Escudero and Serge Fehr. “On Fully-Secure Honest Majority MPC Without n2 Round Overhead”. In: Progress in Cryptology - LATINCRYPT 2021: 7th International Conference on Cryptology and Information Security in Latin America. Ed. by Patrick Longa and Carla Ràfols. Vol. 12912. Lecture Notes in Computer Science. Bogotá, Colombia: Springer, Heidelberg, Germany, 2021, pp. 47–66. doi: https://doi.org/10.1007/978-3-031-44469-2_3.

  15. Daniel Escudero, Vipul Goyal, Antigoni Polychroniadou, and Yifan Song. “TurboPack: Honest Majority MPC with Constant Online Communication”. In: ACM CCS 2022: 29th Conference on Computer and Communications Security. Ed. by Heng Yin, Angelos Stavrou, Cas Cremers, and Elaine Shi. Los Angeles, CA, USA: ACM Press, 2022, pp. 951–964. doi: https://doi.org/10.1145/3548606.3560633.

  16. Matthew K. Franklin and Moti Yung. “Communication Complexity of Secure Computation (Extended Abstract)”. In: 24th Annual ACM Symposium on Theory of Computing. Victoria, BC, Canada: ACM Press, 1992, pp. 699–710. doi: https://doi.org/10.1145/129712.129780.

  17. Vipul Goyal, Yanyi Liu, and Yifan Song. “Communication-Efficient Unconditional MPC with Guaranteed Output Delivery”. In: Advances in Cryptology - CRYPTO 2019, Part II. Ed. by Alexandra Boldyreva and Daniele Micciancio. Vol. 11693. Lecture Notes in Computer Science. Santa Barbara, CA, USA: Springer, Heidelberg, Germany, 2019, pp. 85–114. doi: https://doi.org/10.1007/978-3-030-26951-7_4.

  18. Vipul Goyal, Yifan Song, and Chenzhi Zhu. “Guaranteed Output Delivery Comes Free in Honest Majority MPC”. In: Advances in Cryptology - CRYPTO 2020, Part II. Ed. by Daniele Micciancio and Thomas Ristenpart. Vol. 12171. Lecture Notes in Computer Science. Santa Barbara, CA, USA: Springer, Heidelberg, Germany, 2020, pp. 618–646. doi: https://doi.org/10.1007/978-3-030-56880-1_22.

  19. Martin Hirt, Ueli M. Maurer, and Bartosz Przydatek. “Efficient Secure Multi-party Computation”. In: Advances in Cryptology - ASIACRYPT 2000. Ed. by Tatsuaki Okamoto. Vol. 1976. Lecture Notes in Computer Science. Kyoto, Japan: Springer, Heidelberg, Germany, 2000, pp. 143–161. doi: https://doi.org/10.1007/3-540-44448-3_12.

  20. Yuval Ishai and Eyal Kushilevitz. “Perfect constant-round secure computation via perfect randomizing polynomials”. In: Automata, Languages and Programming: 29th International Colloquium, ICALP 2002 Málaga, Spain, July 8-13, 2002 Proceedings 29. Springer. 2002, pp. 244–256.

    Google Scholar 

  21. Yuval Ishai and Eyal Kushilevitz. “Randomizing polynomials: A new representation with applications to round-efficient secure computation”. In: Proceedings 41st Annual Symposium on Foundations of Computer Science. IEEE. 2000, pp. 294–304.

    Google Scholar 

  22. Yuval Ishai, Eyal Kushilevitz, Manoj Prabhakaran, Amit Sahai, and Ching- Hua Yu. “Secure Protocol Transformations”. In: Advances in Cryptology - CRYPTO 2016, Part II. Ed. by Matthew Robshaw and Jonathan Katz. Vol. 9815. Lecture Notes in Computer Science. Santa Barbara, CA, USA: Springer, Heidelberg, Germany, 2016, pp. 430–458. doi: https://doi.org/10.1007/978-3-662-53008-5_15.

  23. Arpita Patra and C. Pandu Rangan. Communication and Round Efficient Information Checking Protocol. 2010. arXiv: 1004.3504 [cs.CR].

  24. Tal Rabin and Michael Ben-Or. “Verifiable Secret Sharing and Multiparty Protocols with Honest Majority (Extended Abstract)”. In: 21st Annual ACM Symposium on Theory of Computing. Seattle, WA, USA: ACM Press, 1989, pp. 73–85. doi: https://doi.org/10.1145/73007.73014.

Download references

Acknowledgments

This paper was prepared in part for information purposes by the Artificial Intelligence Research group of JPMorgan Chase & Co and its affiliates (“JP Morgan”), and is not a product of the Research Department of JP Morgan. JP Morgan makes no representation and warranty whatsoever and disclaims all liability, for the completeness, accuracy or reliability of the information contained herein. This document is not intended as investment research or investment advice, or a recommendation, offer or solicitation for the purchase or sale of any security, financial instrument, financial product or service, or to be used in any way for evaluating the merits of participating in any transaction, and shall not constitute a solicitation under any jurisdiction or to any person, if such solicitation under such jurisdiction or to such person would be unlawful. 2024 JP Morgan Chase & Co. All rights reserved.

Author information

Authors and Affiliations

  1. University of Illinois Urbana-Champaign, Champaign, USA

    Amit Agarwal

  2. J.P. Morgan AI Research and J.P. Morgan AlgoCRYPT CoE, New York, USA

    Alexander Bienstock & Daniel Escudero

  3. Aarhus University, Aarhus, Denmark

    Ivan Damgård

Authors
  1. Amit Agarwal
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alexander Bienstock
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ivan Damgård
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Daniel Escudero
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Amit Agarwal .

Editor information

Editors and Affiliations

  1. Academia Sinica, Taipei, Taiwan

    Kai-Min Chung

  2. NTT Social Informatics Laboratories, Tokyo, Japan

    Yu Sasaki

Rights and permissions

Reprints and permissions

Copyright information

© 2025 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Agarwal, A., Bienstock, A., Damgård, I., Escudero, D. (2025). Honest Majority GOD MPC with \(O(\textsf{depth}(C))\) Rounds and Low Online Communication. In: Chung, KM., Sasaki, Y. (eds) Advances in Cryptology – ASIACRYPT 2024. ASIACRYPT 2024. Lecture Notes in Computer Science, vol 15489. Springer, Singapore. https://doi.org/10.1007/978-981-96-0938-3_8

Download citation

  • DOI: https://doi.org/10.1007/978-981-96-0938-3_8

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-96-0937-6

  • Online ISBN: 978-981-96-0938-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics