Paper 2007/332

Universally Composable Multiparty Computation with Partially Isolated Parties

Ivan Damgaard, Jesper Buus Nielsen, and Daniel Wichs

Abstract

It is well known that universally composable multiparty computation cannot, in general, be achieved in the standard model without setup assumptions when the adversary can corrupt an arbitrary number of players. One way to get around this problem is by having a \emph{trusted third party} generate some global setup such as a \emph{common reference string (CRS)} or a \emph{public key infrastructure (PKI)}. The recent work of Katz shows that we may instead rely on physical assumptions, and in particular \emph{tamper-proof hardware tokens}. In this paper, we consider a similar but \emph{strictly weaker} physical assumption. We assume that a player (Alice) can \emph{partially isolate} another player (Bob) for a brief portion of the computation and prevent Bob from communicating more than some limited number of bits with the environment. For example, isolation might be achieved by asking Bob to put his functionality on a tamper-proof hardware token and assuming that Alice can prevent this token from communicating to the outside world. Alternatively, Alice may interact with Bob directly but in a special office which she administers and where there are no high-bandwidth communication channels to the outside world. We show that, under \emph{standard} cryptographic assumptions, such physical setup can be used to UC-realize any two party and multiparty computation in the presence of an active and \emph{adaptive} adversary corrupting any number of players. We also consider an alternative scenario, in which there are some trusted third parties but no single such party is trusted by all of the players. This compromise allows us to significantly limit the use of the physical set-up and hence might be preferred in practice.