Cryptology ePrint Archive: Report 2017/1230

Overdrive: Making SPDZ Great Again

Marcel Keller and Valerio Pastro and Dragos Rotaru

Abstract: SPDZ denotes a multiparty computation scheme in the preprocessing model based on somewhat homomorphic encryption (SHE) in the form of BGV. At CCS '16, Keller et al. presented MASCOT, a replacement of the preprocessing phase using oblivious transfer instead of SHE, improving by two orders of magnitude on the SPDZ implementation by Damgård et al. (ESORICS '13). In this work, we show that using SHE is faster than MASCOT in many aspects:

- We present a protocol that uses semi-homomorphic (addition-only) encryption. For two parties, our BGV-based implementation is 6 times faster than MASCOT on a LAN and 20 times faster in a WAN setting. The latter is roughly the reduction in communication.

- We show that using the proof of knowledge in the original work by Damgård et al. (Crypto '12) is more efficient in practice than the one used in the implementation mentioned above by about one order of magnitude.

- We present an improvement to the verification of the aforementioned proof of knowledge that increases the performance with a growing number of parties, doubling it for 16 parties.

Category / Keywords: cryptographic protocols / Multiparty computation, somewhat homomorphic encryption, BGV, zero-knowledge proofs of knowledge

Original Publication (with minor differences): IACR-EUROCRYPT-2018

Date: received 21 Dec 2017, last revised 9 Feb 2018

Contact author: dragos rotaru at bristol ac uk

Available format(s): PDF | BibTeX Citation

Version: 20180209:141652 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]