Paper 2010/029

On Achieving the "Best of Both Worlds" in Secure Multiparty Computation

Yuval Ishai, Jonathan Katz, Eyal Kushilevitz, Yehuda Lindell, and Erez Petrank


Two settings are traditionally considered for secure multiparty computation, depending on whether or not a majority of the parties are assumed to be honest. Protocols designed under this assumption provide ``full security'' (and, in particular, guarantee output delivery and fairness) when this assumption holds; unfortunately, these protocols are completely insecure if this assumption is violated. On the other hand, protocols tolerating an arbitrary number of corruptions do not guarantee fairness or output delivery even if only a \emph{single} party is dishonest. It is natural to wonder whether it is possible to achieve the ``best of both worlds'': namely, a single protocol that simultaneously achieves the best possible security in both the above settings. Here, we rule out this possibility (at least for general functionalities) but show some positive results regarding what \emph{can} be achieved.

Available format(s)
Publication info
Published elsewhere. This is a full version of the combination of two papers by the authors. The first paper by Ishai, Kushilevitz, Lindell and Petrank appeared at CRYPTO 2006 and the second paper by Katz appeared at STOC 2007.
secure computationguaranteed output deliveryprivacy
Contact author(s)
lindell @ cs biu ac il
2010-01-22: received
Short URL
Creative Commons Attribution


      author = {Yuval Ishai and Jonathan Katz and Eyal Kushilevitz and Yehuda Lindell and Erez Petrank},
      title = {On Achieving the "Best of Both Worlds" in Secure Multiparty Computation},
      howpublished = {Cryptology ePrint Archive, Paper 2010/029},
      year = {2010},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.