Incoercible Multiparty Computation
نویسندگان
چکیده
Current secure multiparty protocols have the following deficiency. The public transcript of the communication can be used as an involuntary commitment of the parties to their inputs and outputs. Thus parties can be later coerced by some authority to reveal their private data. Previous work that has pointed this interesting problem out contained only partial treatment. In this work we present the first general treatment of the coercion problem in secure computation. First we present a general definition of protocols that provide resilience to coercion. Our definition constitutes a natural extension of the general paradigm used for defining secure multiparty protocols. Next we show that if trapdoor permutations exist then any function can be incoercibly computed (i.e., computed by a protocol that provides resilience to coercion) in the presence of computationally bounded adversaries and only public communication channels. This holds as long as less than half the parties are coerced (or corrupted). In particular, ours are the first incoercible protocols without physical security assumptions. Also, our protocols constitute an alternative solution to the recently solved adaptive security problem. Our techniques are quite surprising and include non-standard use of deniable encryptions.
منابع مشابه
Deniable Encryption
Consider a situation in which the transmission of encrypted messages is intercepted by an adversary who can later ask the sender to reveal the random choices (and also the secret key, if one exists) used in generating the ciphertext, thereby exposing the cleartext. An encryption scheme is deniable if the sender can generate ‘fake random choices’ that will make the ciphertext ‘look like’ an encr...
متن کاملDesign and formal verification of DZMBE+
In this paper, a new broadcast encryption scheme is presented based on threshold secret sharing and secure multiparty computation. This scheme is maintained to be dynamic in that a broadcaster can broadcast a message to any of the dynamic groups of users in the system and it is also fair in the sense that no cheater is able to gain an unfair advantage over other users. Another important feature...
متن کاملAdaptively Secure Two-Party Computation from Indistinguishability Obfuscation
We present the first two-round, two-party general function evaluation protocol that is secure against honest-but-curious adaptive corruption of both parties. In addition, the protocol is incoercible for one of the parties, and fully leakage tolerant. It requires a global (non-programmable) reference string and is based on one way functions and general-purpose indistinguishability obfuscation wi...
متن کاملA General Framework for Multiparty Computations
Multiparty computation is a computation between multiple players which want to compute a common function based on private input. It was first proposed over 20 years ago and has since matured into a well established science. The goal of this thesis has been to develop efficient protocols for different operations used in multiparty computation and to propose uses for multiparty computation in rea...
متن کاملMultiparty Computation, an Introduction
These lecture notes introduce the notion of secure multiparty computation. We introduce some concepts necessary to define what it means for a multiparty protocol to be secure, and survey some known general results that describe when secure multiparty computation is possible. We then look at some general techniques for building secure multiparty protocols, including protocols for commitment and ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 1996 شماره
صفحات -
تاریخ انتشار 1996