In particular, we design a novel constant round protocol that converts from shares over Z_q to shares over the integers working for all shared inputs from Z_q. Furthermore, we present a constant round protocol to securely evaluate a shared input on a public polynomial whose running time is linear in the degree of the polynomial. The proposed solution makes use of Chebyshev Polynomials. We show that the latter two protocols can be used to design efficient constant round protocols for the following natural problems:
(i) Equality: Computing shares of the bit indicating if a shared input value equals zero or not. This provides the missing building blocks for many constant round linear algebra protocols from the work of Cramer and Damgaard [CrDa01]. (ii) Comparison: Computing shares of a bit indicating which of two shared inputs is greater. (iii) Bits: Computing shares of the binary representation of a shared input value. (iv) Exponentiation: Computing shares of x^a mod q given shares of x, a and q.
Prior to this paper, for all the above mentioned problems, there were in general no efficient constant round protocols known providing unconditional security.
Category / Keywords: cryptographic protocols / multi-party computation, unconditional security, secret sharing Date: received 28 Feb 2005, last revised 19 May 2005 Contact author: ekiltz at cs ucsd edu Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation Note: A bug in the conversion protocol has been fixed in this revision. Version: 20050520:001044 (All versions of this report) Short URL: ia.cr/2005/066 Discussion forum: Show discussion | Start new discussion