Cryptology ePrint Archive: Report 2015/058

Universally Verifiable Multiparty Computation from Threshold Homomorphic Cryptosystems

Berry Schoenmakers and Meilof Veeningen

Abstract: Multiparty computation can be used for privacy-friendly outsourcing of computations on private inputs of multiple parties. A computation is outsourced to several computation parties; if not too many are corrupted (e.g., no more than half), then they cannot determine the inputs or produce an incorrect output. However, in many cases, these guarantees are not enough: we need correctness even if /all/ computation parties may be corrupted; and we need that correctness can be verified even by parties that did not participate in the computation. Protocols satisfying these additional properties are called ``universally verifiable''. In this paper, we propose a new security model for universally verifiable multiparty computation, and we present a practical construction, based on a threshold homomorphic cryptosystem. We also develop a multiparty protocol for jointly producing non-interactive zero-knowledge proofs, which may be of independent interest.

Category / Keywords: cryptographic protocols / multiparty computation, verifiability, Fiat-Shamir heuristic, threshold homomorphic cryptosystem

Date: received 26 Jan 2015, last revised 20 May 2015

Contact author: m veeningen at tue nl

Available format(s): PDF | BibTeX Citation

Note: Full version of the ACNS proceedings version

Version: 20150520:125756 (All versions of this report)

Short URL: ia.cr/2015/058

Discussion forum: Show discussion | Start new discussion