Round-Optimal Multi-party Computation with Identifiable Abort

Michele Ciampi; Divya Ravi; Luisa Siniscalchi; Hendrik Waldner

doi:10.1007/978-3-031-06944-4_12

Round-Optimal Multi-party Computation with Identifiable Abort

Michele Ciampi, Divya Ravi, Luisa Siniscalchi^*, Hendrik Waldner

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Secure multi-party computation (MPC) protocols that are resilient to a dishonest majority allow the adversary to get the output of the computation while, at the same time, forcing the honest parties to abort. Aumann and Lindell introduced the enhanced notion of security with identifiable abort, which still allows the adversary to trigger an abort but, at the same time, it enables the honest parties to agree on the identity of the party that led to the abort. More recently, in Eurocrypt 2016, Garg et al. showed that, assuming access to a simultaneous message exchange channel for all the parties, at least four rounds of communication are required to securely realize non-trivial functionalities in the plain model. Following Garg et al., a sequence of works has matched this lower bound, but none of them achieved security with identifiable abort. In this work, we close this gap and show that four rounds of communication are also sufficient to securely realize any functionality with identifiable abort using standard and generic polynomial-time assumptions. To achieve this result we introduce the new notion of bounded-rewind secure MPC that guarantees security even against an adversary that performs a mild form of reset attacks. We show how to instantiate this primitive starting from any MPC protocol and by assuming trapdoor-permutations. The notion of bounded-rewind secure MPC allows for easier parallel composition of MPC protocols with other (interactive) cryptographic primitives. Therefore, we believe that this primitive can be useful in other contexts in which it is crucial to combine multiple primitives with MPC protocols while keeping the round complexity of the final protocol low.

Original language	English
Title of host publication	Advances in Cryptology – EUROCRYPT 2022 - 41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2022, Proceedings
Editors	Orr Dunkelman, Stefan Dziembowski
Publisher	Springer
Pages	335-364
Number of pages	30
ISBN (Electronic)	978-3-031-06944-4
ISBN (Print)	978-3-031-06943-7
DOIs	https://doi.org/10.1007/978-3-031-06944-4_12
Publication status	Published - 25 May 2022
Event	41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2022 - Trondheim, Norway Duration: 30 May 2022 → 3 Jun 2022

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	13275 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2022
Country/Territory	Norway
City	Trondheim
Period	30/05/22 → 3/06/22

Access to Document

10.1007/978-3-031-06944-4_12Licence: All Rights Reserved

Round-Optimal Multi-Party_CIAMPI_DOA01022022_AFV_CC-BYAccepted author manuscript, 677 KBLicence: Creative Commons: Attribution (CC-BY)

https://eprint.iacr.org/2022/645Licence: Creative Commons: Attribution (CC-BY)
https://link.springer.com/chapter/10.1007/978-3-031-06944-4_12Licence: All Rights Reserved

Cite this

Ciampi, M., Ravi, D., Siniscalchi, L., & Waldner, H. (2022). Round-Optimal Multi-party Computation with Identifiable Abort. In O. Dunkelman, & S. Dziembowski (Eds.), Advances in Cryptology – EUROCRYPT 2022 - 41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2022, Proceedings (pp. 335-364). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 13275 LNCS). Springer. https://doi.org/10.1007/978-3-031-06944-4_12

Ciampi, Michele ; Ravi, Divya ; Siniscalchi, Luisa et al. / Round-Optimal Multi-party Computation with Identifiable Abort. Advances in Cryptology – EUROCRYPT 2022 - 41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2022, Proceedings. editor / Orr Dunkelman ; Stefan Dziembowski. Springer, 2022. pp. 335-364 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{85a49da8bb494cbdb75e18ecc552f8ef,

title = "Round-Optimal Multi-party Computation with Identifiable Abort",

abstract = "Secure multi-party computation (MPC) protocols that are resilient to a dishonest majority allow the adversary to get the output of the computation while, at the same time, forcing the honest parties to abort. Aumann and Lindell introduced the enhanced notion of security with identifiable abort, which still allows the adversary to trigger an abort but, at the same time, it enables the honest parties to agree on the identity of the party that led to the abort. More recently, in Eurocrypt 2016, Garg et al. showed that, assuming access to a simultaneous message exchange channel for all the parties, at least four rounds of communication are required to securely realize non-trivial functionalities in the plain model. Following Garg et al., a sequence of works has matched this lower bound, but none of them achieved security with identifiable abort. In this work, we close this gap and show that four rounds of communication are also sufficient to securely realize any functionality with identifiable abort using standard and generic polynomial-time assumptions. To achieve this result we introduce the new notion of bounded-rewind secure MPC that guarantees security even against an adversary that performs a mild form of reset attacks. We show how to instantiate this primitive starting from any MPC protocol and by assuming trapdoor-permutations. The notion of bounded-rewind secure MPC allows for easier parallel composition of MPC protocols with other (interactive) cryptographic primitives. Therefore, we believe that this primitive can be useful in other contexts in which it is crucial to combine multiple primitives with MPC protocols while keeping the round complexity of the final protocol low.",

author = "Michele Ciampi and Divya Ravi and Luisa Siniscalchi and Hendrik Waldner",

note = "Funding Information: D. Ravi—Funded by the European Research Council (ERC) under the European Unions{\textquoteright}s Horizon 2020 research and innovation programme under grant agreement No. 803096 (SPEC). Publisher Copyright: {\textcopyright} 2022, International Association for Cryptologic Research.; 41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2022 ; Conference date: 30-05-2022 Through 03-06-2022",

year = "2022",

month = may,

day = "25",

doi = "10.1007/978-3-031-06944-4_12",

language = "English",

isbn = "978-3-031-06943-7",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer",

pages = "335--364",

editor = "Orr Dunkelman and Stefan Dziembowski",

booktitle = "Advances in Cryptology – EUROCRYPT 2022 - 41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2022, Proceedings",

address = "United Kingdom",

}

Ciampi, M, Ravi, D, Siniscalchi, L & Waldner, H 2022, Round-Optimal Multi-party Computation with Identifiable Abort. in O Dunkelman & S Dziembowski (eds), Advances in Cryptology – EUROCRYPT 2022 - 41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2022, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 13275 LNCS, Springer, pp. 335-364, 41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2022, Trondheim, Norway, 30/05/22. https://doi.org/10.1007/978-3-031-06944-4_12

Round-Optimal Multi-party Computation with Identifiable Abort. / Ciampi, Michele; Ravi, Divya; Siniscalchi, Luisa et al.
Advances in Cryptology – EUROCRYPT 2022 - 41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2022, Proceedings. ed. / Orr Dunkelman; Stefan Dziembowski. Springer, 2022. p. 335-364 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 13275 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Round-Optimal Multi-party Computation with Identifiable Abort

AU - Ciampi, Michele

AU - Ravi, Divya

AU - Siniscalchi, Luisa

AU - Waldner, Hendrik

N1 - Funding Information: D. Ravi—Funded by the European Research Council (ERC) under the European Unions’s Horizon 2020 research and innovation programme under grant agreement No. 803096 (SPEC). Publisher Copyright: © 2022, International Association for Cryptologic Research.

PY - 2022/5/25

Y1 - 2022/5/25

N2 - Secure multi-party computation (MPC) protocols that are resilient to a dishonest majority allow the adversary to get the output of the computation while, at the same time, forcing the honest parties to abort. Aumann and Lindell introduced the enhanced notion of security with identifiable abort, which still allows the adversary to trigger an abort but, at the same time, it enables the honest parties to agree on the identity of the party that led to the abort. More recently, in Eurocrypt 2016, Garg et al. showed that, assuming access to a simultaneous message exchange channel for all the parties, at least four rounds of communication are required to securely realize non-trivial functionalities in the plain model. Following Garg et al., a sequence of works has matched this lower bound, but none of them achieved security with identifiable abort. In this work, we close this gap and show that four rounds of communication are also sufficient to securely realize any functionality with identifiable abort using standard and generic polynomial-time assumptions. To achieve this result we introduce the new notion of bounded-rewind secure MPC that guarantees security even against an adversary that performs a mild form of reset attacks. We show how to instantiate this primitive starting from any MPC protocol and by assuming trapdoor-permutations. The notion of bounded-rewind secure MPC allows for easier parallel composition of MPC protocols with other (interactive) cryptographic primitives. Therefore, we believe that this primitive can be useful in other contexts in which it is crucial to combine multiple primitives with MPC protocols while keeping the round complexity of the final protocol low.

AB - Secure multi-party computation (MPC) protocols that are resilient to a dishonest majority allow the adversary to get the output of the computation while, at the same time, forcing the honest parties to abort. Aumann and Lindell introduced the enhanced notion of security with identifiable abort, which still allows the adversary to trigger an abort but, at the same time, it enables the honest parties to agree on the identity of the party that led to the abort. More recently, in Eurocrypt 2016, Garg et al. showed that, assuming access to a simultaneous message exchange channel for all the parties, at least four rounds of communication are required to securely realize non-trivial functionalities in the plain model. Following Garg et al., a sequence of works has matched this lower bound, but none of them achieved security with identifiable abort. In this work, we close this gap and show that four rounds of communication are also sufficient to securely realize any functionality with identifiable abort using standard and generic polynomial-time assumptions. To achieve this result we introduce the new notion of bounded-rewind secure MPC that guarantees security even against an adversary that performs a mild form of reset attacks. We show how to instantiate this primitive starting from any MPC protocol and by assuming trapdoor-permutations. The notion of bounded-rewind secure MPC allows for easier parallel composition of MPC protocols with other (interactive) cryptographic primitives. Therefore, we believe that this primitive can be useful in other contexts in which it is crucial to combine multiple primitives with MPC protocols while keeping the round complexity of the final protocol low.

UR - http://www.scopus.com/inward/record.url?scp=85131920895&partnerID=8YFLogxK

U2 - 10.1007/978-3-031-06944-4_12

DO - 10.1007/978-3-031-06944-4_12

M3 - Conference contribution

AN - SCOPUS:85131920895

SN - 978-3-031-06943-7

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 335

EP - 364

BT - Advances in Cryptology – EUROCRYPT 2022 - 41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2022, Proceedings

A2 - Dunkelman, Orr

A2 - Dziembowski, Stefan

PB - Springer

T2 - 41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2022

Y2 - 30 May 2022 through 3 June 2022

ER -

Ciampi M, Ravi D, Siniscalchi L, Waldner H. Round-Optimal Multi-party Computation with Identifiable Abort. In Dunkelman O, Dziembowski S, editors, Advances in Cryptology – EUROCRYPT 2022 - 41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2022, Proceedings. Springer. 2022. p. 335-364. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-031-06944-4_12