Paper 2018/482

SPDZ2k: Efficient MPC mod 2^k for Dishonest Majority

Ronald Cramer, Ivan Damgård, Daniel Escudero, Peter Scholl, and Chaoping Xing

Abstract

Most multi-party computation protocols allow secure computation of arithmetic circuits over a finite field, such as the integers modulo a prime. In the more natural setting of integer computations modulo $2^{k}$, which are useful for simplifying implementations and applications, no solutions with active security are known unless the majority of the participants are honest. We present a new scheme for information-theoretic MACs that are homomorphic modulo $2^k$, and are as efficient as the well-known standard solutions that are homomorphic over fields. We apply this to construct an MPC protocol for dishonest majority in the preprocessing model that has efficiency comparable to the well-known SPDZ protocol (Damgård et al., CRYPTO 2012), with operations modulo $2^k$ instead of over a field. We also construct a matching preprocessing protocol based on oblivious transfer, which is in the style of the MASCOT protocol (Keller et al., CCS 2016) and almost as efficient.

Note: Fixed a bug in the batch MAC check protocol, explained in Section 3.4. The online communication is now O(k+s) bits per opening, instead of O(k).

Metadata
Available format(s)
PDF
Publication info
A minor revision of an IACR publication in CRYPTO 2018
Contact author(s)
escudero @ cs au dk
History
2022-03-31: revised
2018-05-23: received
See all versions
Short URL
https://ia.cr/2018/482
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/482,
      author = {Ronald Cramer and Ivan Damgård and Daniel Escudero and Peter Scholl and Chaoping Xing},
      title = {{SPDZ2k}: Efficient {MPC} mod 2^k for Dishonest Majority},
      howpublished = {Cryptology {ePrint} Archive, Paper 2018/482},
      year = {2018},
      url = {https://eprint.iacr.org/2018/482}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.