Cryptology ePrint Archive: Report 2017/1088

Promise Zero Knowledge and its Applications to Round Optimal MPC

Saikrishna Badrinarayanan and Vipul Goyal and Abhishek Jain and Yael Tauman Kalai and Dakshita Khurana and Amit Sahai

Abstract: We devise a new partitioned simulation technique for MPC where the simulator uses different strategies for simulating the view of aborting adversaries and non-aborting adversaries. The protagonist of this technique is a new notion of promise zero knowledge (ZK) where the ZK property only holds against non-aborting verifiers. We show that unlike standard ZK, promise ZK can be realized in three rounds in the simultaneous-message model under standard assumptions.

We demonstrate the following applications of our new technique:

-> We construct the first round-optimal (i.e., four round) MPC protocol for general functions based on polynomially hard LWE and DDH. Previously, such protocols required sub-exponential-time hardness assumptions.

-> We further show how to overcome the four-round barrier for MPC by constructing a three-round protocol for ``list coin-tossing'' -- a slight relaxation of coin-tossing that suffices for most conceivable applications -- based on injective one-way functions. This result generalizes to randomized input-less functionalities assuming polynomially hard LWE.

Previously, four round MPC protocols required sub-exponential hardness assumptions and no multi-party three-round protocols with polynomial simulation were known for any relaxed security notions against malicious adversaries.

In order to base security on polynomial-time standard assumptions, we also develop a new leveled rewinding security technique that can be viewed as a polynomial-time alternative to leveled complexity leveraging for achieving ``non-malleability'' across different primitives. This technique may be of independent interest.

Category / Keywords: cryptographic protocols / Zero knowledge, MPC, Coin Tossing

Date: received 9 Nov 2017, last revised 7 Dec 2017

Contact author: saikrishna at cs ucla edu

Available format(s): PDF | BibTeX Citation

Version: 20171208:000019 (All versions of this report)

Short URL: ia.cr/2017/1088

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]