Presentation is loading. Please wait.

Presentation is loading. Please wait.

Efficient Multiparty Protocols via Log-Depth Threshold Formulae Ron Rothblum Weizmann Institute Joint work with Gil Cohen, Ivan Damgard, Yuval Ishai, Jonas.

Similar presentations


Presentation on theme: "Efficient Multiparty Protocols via Log-Depth Threshold Formulae Ron Rothblum Weizmann Institute Joint work with Gil Cohen, Ivan Damgard, Yuval Ishai, Jonas."— Presentation transcript:

1 Efficient Multiparty Protocols via Log-Depth Threshold Formulae Ron Rothblum Weizmann Institute Joint work with Gil Cohen, Ivan Damgard, Yuval Ishai, Jonas Kolker, Peter Bro Miltersen and Ran Raz

2 Secure Multiparty Computation (MPC) [Yao86,GMW87] An adversary that controls a (limited) subset of the parties learns nothing more than the inputs and outputs of the parties it controls.

3 Feasibility Results: Perfect Security [BGW88,CCD88]

4 Our Contribution Huge body of work on secure MPC but protocols are fairly complicated. We suggest a conceptually simple and flexible approach to designing efficient MPC protocols. Building blocks: 1.Player emulation - builds on Hirt-Maurer [HM00] but with a different motivation. 2.Simple constant-party MPC protocols. 3.Threshold formulae composed of threshold gates.

5 Applications 1.Conceptually simple protocols for perfectly secure MPC – obtaining passive/active security. 2.New results on feasibility of MPC in a variety of settings, e.g., secure MPC over algebraic structures such as non-Abelian groups. 3.Distributed computing – broadcast/Byzantine agreement.

6 MPC via Player Emulation [HM00]

7 MPC via Player Emulation Minimal number of parties needed for security against one passive party

8 MPC with a Trusted Party

9

10 MPC via Player Emulation

11

12 The output is sent back to the parties.

13 MPC via Player Emulation

14

15

16

17

18

19 Associate wires with parties and place 1 on input wires that the adversary controls. If output is 0 then the protocol is secure against this adversary.

20 MPC via Player Emulation

21 Comparison with [HM00]

22 MPC via Player Emulation

23

24 3-Party Protocols Can use BGW restricted to 3 parties or better yet use the MPC made simple protocol of [Maurer02]. Maurers protocol is simple and elegant but exponential in the number of parties. For 3 parties– not an issue!

25 MPC via Player Emulation

26 Majority from Majorities

27 Active Security Minimal number of parties for security against one active party

28 Applications Simplifications*: 1.MPC over fields ([BGW88], [CCD88], [AL13]). 2.MPC over rings ([CFIK03]). 3.MPC over groups ([DPSW07,DPS+12a,DPS12+b]). 4.Distributed computing: broadcast, broadcast from 2-cast ([FM00]). * Caveats: non-optimal threshold and higher polynomial complexity.

29 Applications

30 Conclusions and Open Questions MPC methodology: 1.Design simple constant-party protocols. 2.Prove player emulation theorem. Intriguing connections to open questions in complexity-theory: 1.Explicit exact majority-from-majorities formula. 2.Exact threshold-from-thresholds formula (even non-explicit).

31 Thank you!


Download ppt "Efficient Multiparty Protocols via Log-Depth Threshold Formulae Ron Rothblum Weizmann Institute Joint work with Gil Cohen, Ivan Damgard, Yuval Ishai, Jonas."

Similar presentations


Ads by Google