Paper 2011/136

A Full Proof of the BGW Protocol for Perfectly-Secure Multiparty Computation

Gilad Asharov and Yehuda Lindell

Abstract

In the setting of secure multiparty computation, a set of $n$ parties with private inputs wish to jointly compute some functionality of their inputs. One of the most fundamental results of secure computation was presented by Ben-Or, Goldwasser and Wigderson (BGW) in 1988. They demonstrated that any $n$-party functionality can be computed with \emph{perfect security}, in the private channels model. When the adversary is semi-honest this holds as long as $t<n/2$ parties are corrupted, and when the adversary is malicious this holds as long as $t<n/3$ parties are corrupted. Unfortunately, a full proof of these results was never published. In this paper, we remedy this situation and provide a full proof of security of the BGW protocol. This includes a full description of the protocol for the malicious setting, including the construction of a new subprotocol for the perfect multiplication protocol that seems necessary for the case of $n/4\leq t<n/3$.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
A minor revision of an IACR publication in Joc 2017
DOI
10.1007/s00145-015-9214-4
Keywords
perfect securitymultiparty computationBGW
Contact author(s)
lindell @ biu ac il
History
2018-01-08: last of 7 revisions
2011-03-21: received
See all versions
Short URL
https://ia.cr/2011/136
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2011/136,
      author = {Gilad Asharov and Yehuda Lindell},
      title = {A Full Proof of the BGW Protocol for Perfectly-Secure Multiparty Computation},
      howpublished = {Cryptology ePrint Archive, Paper 2011/136},
      year = {2011},
      doi = {10.1007/s00145-015-9214-4},
      note = {\url{https://eprint.iacr.org/2011/136}},
      url = {https://eprint.iacr.org/2011/136}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.