You are looking at a specific version 20160614:172246 of this paper. See the latest version.

Paper 2016/611

Catching MPC Cheaters: Identification and Openability

Robert Cunningham and Benjamin Fuller and Sophia Yakoubov

Abstract

Secure multi-party computation (MPC) protocols do not completely prevent malicious parties from cheating and disrupting the computation. A coalition of malicious parties can repeatedly cause the computation to abort or provide an input that does not correspond to reality. In this work, we augment MPC with two new properties to discourage cheating. The first of these is a strengthening of identifiable abort where all parties who do not follow the protocol will be identified as cheaters by each honest party. The second is openability, which means that if a computation output is discovered to be untrue (e.g. by a real-world event contradicting it), a distinguished coalition of parties can recover the MPC inputs. We provide the first efficient MPC protocol achieving both of those properties. Our scheme extends the SPDZ protocol (Damgard et al., Crypto 2012). SPDZ leverages an offline (computation- independent) pre-processing phase to speed up the online computation. Our protocol is optimistic: it has the same communication and computation complexity in the online phase as SPDZ when no parties cheat. If cheating does occur, each honest party can additionally perform a local computation to identify all cheaters. We achieve identifiable abort by using a new locally identifiable secret sharing scheme (as defined by Ishai, Ostrovsky, and Zikas (TCC 2012)) which we call commitment enhanced secret sharing, or CESS. In CESS, each SPDZ input share is augmented with a linearly homomorphic commitment. When cheating occurs, each party can use the linear homomorphism to compute a commitment to the corresponding share of the output value. Parties whose claimed output share does not match their output share commitments are identified as cheaters. We achieve openability through the use of verifiable encryption and specialized zero-knowledge proofs. Openability relies on the availability of an auditable public transcript of the MPC execution, as introduced by Baum, Damgard, and Orlandi (SCN 2014).

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Keywords
multi-party computation
Contact author(s)
sophia yakoubov @ ll mit edu
History
2017-10-12: revised
2016-06-14: received
See all versions
Short URL
https://ia.cr/2016/611
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.