A recent trend in MPC protocols is to have a more expensive preprocessing phase followed by a very efficient online phase, e.g., the recent so-called SPDZ protocol by Damgård et al. Applications such as voting and some auctions are perfect use-case for these protocols, as the parties usually know well in advance when the computation will take place, and using those protocols allows us to use only cheap information-theoretic primitives in the actual computation. Unfortunately no protocol of the SPDZ type supports an audit phase.
In this paper, we show how to achieve efficient MPC with a public audit. We formalize the concept of publicly auditable secure computation and provide an enhanced version of the SPDZ protocol where, even if all the servers are corrupted, anyone with access to the transcript of the protocol can check that the output is indeed correct. Most importantly, we do so without significantly compromising the performance of SPDZ i.e. our online phase has complexity approximately twice that of SPDZ.Category / Keywords: Efficient Multi-Party Computation, Public Verifiability, Electronic Voting Original Publication (with major differences): 9th Conference on Security and Cryptography for Networks (SCN 2014) Date: received 3 Feb 2014, last revised 16 Sep 2016 Contact author: cbaum at cs au dk Available format(s): PDF | BibTeX Citation Note: Partial revision of the paper to increase readability. Version: 20160916:074254 (All versions of this report) Short URL: ia.cr/2014/075 Discussion forum: Show discussion | Start new discussion