Cryptology ePrint Archive: Report 2015/797

What Security Can We Achieve within 4 Rounds?

Carmit Hazay and Muthuramakrishnan Venkitasubramaniam

Abstract: Katz and Ostrovsky (Crypto 2004) proved that five rounds are necessary for stand-alone general black-box constructions of secure two-party protocols and at least four rounds are necessary if only one party needs to receive the output. Recently, Ostrovsky, Richelson and Scafuro (Crypto 2015) proved optimality of this result by showing how to realize arbitrary functionalities in four rounds where only one party receives the output via a black-box construction (and an extension to five rounds where both parties receive the output). In this paper we study the question of what security is achievable for stand-alone two-party protocols within four rounds.

We first provide a four-round two-party protocol for coin-tossing that achieves 1/p-simulation security (i.e. simulation fails with probability at most 1/p+\ngl), in the presence of malicious corruptions. Next, we provide a four-round two-party protocol for general functionalities, where both parties receive the output, that achieves 1/p-security in the presence of malicious adversaries corrupting one of the parties, and full security in the presence of non-aborting malicious adversaries corrupting the other party.

Next, we provide a three-round oblivious-transfer protocol, that achieves 1/p-simulation security against arbitrary malicious senders, while simultaneously guaranteeing a meaningful notion of privacy against malicious corruptions of either party.

Finally, we show that the simulation-based security guarantees for our three-round protocols are optimal by proving that 1/p-simulation security is impossible to achieve against both parties in three rounds or less when requiring some minimal guarantees on the privacy of their inputs.

Category / Keywords: Secure Computation, Coin-Tossing, Oblivious Transfer, Round Complexity

Original Publication (with minor differences): SCN 2016

Date: received 8 Aug 2015, last revised 24 Aug 2016

Contact author: carmit hazay at biu ac il

Available format(s): PDF | BibTeX Citation

Note: The revised version of October 17,2015 includes a new protocol for oblivious transfer that achieves the strongest security notion achievable in three rounds, namely, it provides full privacy against both parties and 1/p security against a malicious sender. It also includes a new result that proves optimality of this new construction by providing a matching lower bound.

Version: 20160824:192718 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]