TY - GEN
T1 - Three Party Secure Computation with Friends and Foes
AU - Alon, Bar
AU - Beimel, Amos
AU - Omri, Eran
N1 - Publisher Copyright:
© 2023, International Association for Cryptologic Research.
PY - 2023/1/1
Y1 - 2023/1/1
N2 - In secure multiparty computation (MPC), the goal is to allow a set of mutually distrustful parties to compute some function of their private inputs in a way that preserves security properties, even in the face of adversarial behavior by some of the parties. However, classical security definitions do not pose any privacy restrictions on the view of honest parties. Thus, if an attacker adversarially leaks private information to honest parties, it does not count as a violation of privacy. This is arguably undesirable, and in real-life scenarios, it is hard to imagine that possible users would agree to have their private information revealed, even if only to other honest parties. To address this issue, Alon et al. [CRYPTO 20] introduced the notion of security with friends and foes (FaF security). In essence, (t, h)-FaF security requires that a malicious adversary corrupting up to t parties cannot help a coalition of h semi-honest parties to learn anything beyond what they can learn from their inputs and outputs (combined with the input and outputs of the malicious parties). They further showed that (t, h)-FaF security with n parties is achievable for any functionality if 2 t+ h< n, and for some functionality, (t, h)-FaF security is impossible assuming 2 t+ h≥ n. A remaining important open problem is to characterize the set of n-party functionalities that can be computed with (t, h)-FaF security assuming 2 t+ h≥ n. In this paper, we focus on the special, yet already challenging, case of (1, 1)-FaF security for three-party, 2-ary (two inputs), symmetric (all parties output the same value) functionalities. We provide several positive results, a lower bound on the round complexity, and an impossibility result. In particular, we prove the following. (1) we identify a large class of three-party Boolean symmetric 2-ary functionalities that can be computed with (1, 1)-FaF full security, and (2) We identify a large class of three-party (possibly non-Boolean) symmetric 2-ary functionalities, for which no O(log κ) -round protocol computes them with (1, 1)-FaF full security. This matches the round complexity of our positive results for various interesting functionalities, such as equality of strings.
AB - In secure multiparty computation (MPC), the goal is to allow a set of mutually distrustful parties to compute some function of their private inputs in a way that preserves security properties, even in the face of adversarial behavior by some of the parties. However, classical security definitions do not pose any privacy restrictions on the view of honest parties. Thus, if an attacker adversarially leaks private information to honest parties, it does not count as a violation of privacy. This is arguably undesirable, and in real-life scenarios, it is hard to imagine that possible users would agree to have their private information revealed, even if only to other honest parties. To address this issue, Alon et al. [CRYPTO 20] introduced the notion of security with friends and foes (FaF security). In essence, (t, h)-FaF security requires that a malicious adversary corrupting up to t parties cannot help a coalition of h semi-honest parties to learn anything beyond what they can learn from their inputs and outputs (combined with the input and outputs of the malicious parties). They further showed that (t, h)-FaF security with n parties is achievable for any functionality if 2 t+ h< n, and for some functionality, (t, h)-FaF security is impossible assuming 2 t+ h≥ n. A remaining important open problem is to characterize the set of n-party functionalities that can be computed with (t, h)-FaF security assuming 2 t+ h≥ n. In this paper, we focus on the special, yet already challenging, case of (1, 1)-FaF security for three-party, 2-ary (two inputs), symmetric (all parties output the same value) functionalities. We provide several positive results, a lower bound on the round complexity, and an impossibility result. In particular, we prove the following. (1) we identify a large class of three-party Boolean symmetric 2-ary functionalities that can be computed with (1, 1)-FaF full security, and (2) We identify a large class of three-party (possibly non-Boolean) symmetric 2-ary functionalities, for which no O(log κ) -round protocol computes them with (1, 1)-FaF full security. This matches the round complexity of our positive results for various interesting functionalities, such as equality of strings.
KW - MPC with friends and foes
KW - full security
KW - lower bounds
KW - protocols
UR - http://www.scopus.com/inward/record.url?scp=85178598442&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-48618-0_6
DO - 10.1007/978-3-031-48618-0_6
M3 - Conference contribution
AN - SCOPUS:85178598442
SN - 9783031486173
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 156
EP - 185
BT - Theory of Cryptography - 21st International Conference, TCC 2023, Proceedings
A2 - Rothblum, Guy
A2 - Wee, Hoeteck
PB - Springer Science and Business Media Deutschland GmbH
T2 - 21st International conference on Theory of Cryptography Conference, TCC 2023
Y2 - 29 November 2023 through 2 December 2023
ER -