Cryptology ePrint Archive: Report 2001/023

Robustness for Free in Unconditional Multi-Party Computation

Martin Hirt and Ueli Maurer

Abstract: We present a very efficient multi-party computation protocol unconditionally secure against an active adversary. The security is maximal, i.e., active corruption of up to $t<n/3$ of the $n$ players is tolerated. The communication complexity for securely evaluating a circuit with $m$ multiplication gates over a finite field is $\O(mn^2)$ field elements, including the communication required for simulating broadcast. This corresponds to the complexity of the best known protocols for the passive model, where the corrupted players are guaranteed not to deviate from the protocol. Even in this model, it seems to be unavoidable that for every multiplication gate every player must send a value to every other player, and hence the complexity of our protocol may well be optimal. The constant overhead factor for robustness is small and the protocol is practical.

Category / Keywords: cryptographic protocols / multi-party computation, optimal efficiency, unconditional security

Date: received 7 Mar 2001

Contact author: hirt at inf ethz ch

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Version: 20010309:162339 (All versions of this report)

Short URL: ia.cr/2001/023

Discussion forum: Show discussion | Start new discussion