Collusion-Free Multiparty Computation in the Mediated Model

Collusion-free protocols prevent subliminal communication (i.e., covert channels) betweenparties running the protocol. In the standard communication model (and assuming the existenceof one-way functions), protocols satisfying any reasonable degree of privacy cannot be collusion-free. To circumvent this impossibility result, Alwen et al. recently suggested the mediatedmodel where all communication passes through a mediator; the goal is to design protocolswhere collusion-freeness is guaranteed as long as the mediator is honest, while standard securityguarantees continue to hold if the mediator is dishonest. In this model, they gave constructionsof collusion-free protocols for commitments and zero-knowledge proofs in the two-party setting.We strengthen the definition of Alwen et al. in several ways, and resolve the key openquestions in this area by showing a collusion-free protocol (in the mediated model) for computingany multi-party functionality. ∗This research was supported by US-Israel Binational Science Foundation grant #2004240.†Department of Computer Science, The University of Maryland, USA. Email: [email protected]‡Department of Computer Science, Bar-Ilan University, Israel. Email: [email protected]