TY - GEN
T1 - Generalized Pseudorandom Secret Sharing and Efficient Straggler-Resilient Secure Computation
AU - Benhamouda, Fabrice
AU - Boyle, Elette
AU - Gilboa, Niv
AU - Halevi, Shai
AU - Ishai, Yuval
AU - Nof, Ariel
N1 - Publisher Copyright:
© 2021, International Association for Cryptologic Research.
PY - 2021/1/1
Y1 - 2021/1/1
N2 - Secure multiparty computation (MPC) enables n parties, of which up to t may be corrupted, to perform joint computations on their private inputs while revealing only the outputs. Optimizing the asymptotic and concrete costs of MPC protocols has become an important line of research. Much of this research focuses on the setting of an honest majority, where n≥ 2 t+ 1, which gives rise to concretely efficient protocols that are either information-theoretic or make a black-box use of symmetric cryptography. Efficiency can be further improved in the case of a strong honest majority, where n> 2 t+ 1. Motivated by the goal of minimizing the communication and latency costs of MPC with a strong honest majority, we make two related contributions. Generalized pseudorandom secret sharing (PRSS). Linear correlations serve as an important resource for MPC protocols and beyond. PRSS enables secure generation of many pseudorandom instances of such correlations without interaction, given replicated seeds of a pseudorandom function. We extend the PRSS technique of Cramer et al. (TCC 2005) for sharing degree-d polynomials to new constructions leveraging a particular class of combinatorial designs. Our constructions yield a dramatic efficiency improvement when the degree d is higher than the security threshold t, not only for standard degree-d correlations but also for several useful generalizations. In particular, correlations for locally converting between slot configurations in “share packing” enable us to avoid the concrete overhead of prior works.Cheap straggler resilience. In reality, communication is not fully synchronous: protocol executions suffer from variance in communication delays and occasional node or message-delivery failures. We explore the benefits of PRSS-based MPC with a strong honest majority toward robustness against such failures, in turn yielding improved latency delays. In doing so we develop a novel technique for defending against a subtle “double-dipping” attack, which applies to the best existing protocols, with almost no extra cost in communication or rounds. Combining the above tools requires further work, including new methods for batch verification via distributed zero-knowledge proofs (Boneh et al., CRYPTO 2019) that apply to packed secret sharing. Overall, our work demonstrates new advantages of the strong honest majority setting, and introduces new tools—in particular, generalized PRSS—that we believe will be of independent use within other cryptographic applications.
AB - Secure multiparty computation (MPC) enables n parties, of which up to t may be corrupted, to perform joint computations on their private inputs while revealing only the outputs. Optimizing the asymptotic and concrete costs of MPC protocols has become an important line of research. Much of this research focuses on the setting of an honest majority, where n≥ 2 t+ 1, which gives rise to concretely efficient protocols that are either information-theoretic or make a black-box use of symmetric cryptography. Efficiency can be further improved in the case of a strong honest majority, where n> 2 t+ 1. Motivated by the goal of minimizing the communication and latency costs of MPC with a strong honest majority, we make two related contributions. Generalized pseudorandom secret sharing (PRSS). Linear correlations serve as an important resource for MPC protocols and beyond. PRSS enables secure generation of many pseudorandom instances of such correlations without interaction, given replicated seeds of a pseudorandom function. We extend the PRSS technique of Cramer et al. (TCC 2005) for sharing degree-d polynomials to new constructions leveraging a particular class of combinatorial designs. Our constructions yield a dramatic efficiency improvement when the degree d is higher than the security threshold t, not only for standard degree-d correlations but also for several useful generalizations. In particular, correlations for locally converting between slot configurations in “share packing” enable us to avoid the concrete overhead of prior works.Cheap straggler resilience. In reality, communication is not fully synchronous: protocol executions suffer from variance in communication delays and occasional node or message-delivery failures. We explore the benefits of PRSS-based MPC with a strong honest majority toward robustness against such failures, in turn yielding improved latency delays. In doing so we develop a novel technique for defending against a subtle “double-dipping” attack, which applies to the best existing protocols, with almost no extra cost in communication or rounds. Combining the above tools requires further work, including new methods for batch verification via distributed zero-knowledge proofs (Boneh et al., CRYPTO 2019) that apply to packed secret sharing. Overall, our work demonstrates new advantages of the strong honest majority setting, and introduces new tools—in particular, generalized PRSS—that we believe will be of independent use within other cryptographic applications.
UR - http://www.scopus.com/inward/record.url?scp=85120081452&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-90453-1_5
DO - 10.1007/978-3-030-90453-1_5
M3 - Conference contribution
AN - SCOPUS:85120081452
SN - 9783030904524
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 129
EP - 161
BT - Theory of Cryptography - 19th International Conference, TCC 2021, Proceedings
A2 - Nissim, Kobbi
A2 - Waters, Brent
A2 - Waters, Brent
PB - Springer Science and Business Media Deutschland GmbH
T2 - 19th International Conference on Theory of Cryptography, TCC 2021
Y2 - 8 November 2021 through 11 November 2021
ER -