## Cryptology ePrint Archive: Report 2014/304

Actively Private and Correct MPC Scheme in $t < n/2$ from Passively Secure Schemes with Small Overhead

Dai Ikarashi and Ryo Kikuchi and Koki Hamada and Koji Chida

Abstract: Recently, several efforts to implement and use an unconditionally secure multi-party computation (MPC) scheme have been put into practice. These implementations are {\em passively} secure MPC schemes in which an adversary must follow the MPC schemes. Although passively secure MPC schemes are efficient, passive security has the strong restriction concerning the behavior of the adversary. We investigate how secure we can construct MPC schemes while maintaining comparable efficiency with the passive case, and propose a construction of an {\em actively} secure MPC scheme from passively secure ones. Our construction is secure in the $t < n/2$ setting, which is the same as the passively secure one. Our construction operates not only the theoretical minimal set for computing arbitrary circuits, that is, addition and multiplication, but also high-level operations such as shuffling and sorting. We do not use the broadcast channel in the construction. Therefore, privacy and correctness are achieved but {\em robustness} is absent; if the adversary cheats, a protocol may not be finished but anyone can detect the cheat (and may stop the protocol) without leaking secret information. Instead of this, our construction requires $O((c_B n + n^2)\kappa)$ communication that is comparable to one of the best known passively secure MPC schemes, $O((c_M n + n^2)\log n)$, where $\kappa$ denote the security parameter, $c_B$ denotes the sum of multiplication gates and high-level operations, and $c_M$ denotes the number of multiplication gates. Furthermore, we implemented our construction and confirmed that its efficiency is comparable to the current astest passively secure implementation.

Category / Keywords: cryptographic protocols / Multi-party computation, Unconditional security, Active adversary

Date: received 30 Apr 2014, last revised 18 May 2014

Contact author: kikuchi ryo at lab ntt co jp

Available format(s): PDF | BibTeX Citation

Note: Correcting an error in Section 1.2.

Short URL: ia.cr/2014/304

[ Cryptology ePrint archive ]