## Cryptology ePrint Archive: Report 2015/058

Universally Verifiable Multiparty Computation from Threshold Homomorphic Cryptosystems

Berry Schoenmakers and Meilof Veeningen

Abstract: Multiparty computation can be used for privacy-friendly outsourcing of computations on private inputs of multiple parties. A computation is outsourced to several computation parties; if not too many are corrupted (e.g., no more than half), then they cannot determine the inputs or produce an incorrect output. However, in many cases, these guarantees are not enough: we need correctness even if /all/ computation parties may be corrupted; and we need that correctness can be verified even by parties that did not participate in the computation. Protocols satisfying these additional properties are called universally verifiable''. In this paper, we propose a new security model for universally verifiable multiparty computation, and we present a practical construction, based on a threshold homomorphic cryptosystem. We also develop a multiparty protocol for jointly producing non-interactive zero-knowledge proofs, which may be of independent interest.

Category / Keywords: cryptographic protocols / multiparty computation, verifiability, Fiat-Shamir heuristic, threshold homomorphic cryptosystem

Date: received 26 Jan 2015, last revised 20 May 2015

Contact author: m veeningen at tue nl

Available format(s): PDF | BibTeX Citation

Note: Full version of the ACNS proceedings version

Short URL: ia.cr/2015/058

[ Cryptology ePrint archive ]