Paper 2018/909

Two-Round MPC: Information-Theoretic and Black-Box

Sanjam Garg, Yuval Ishai, and Akshayaram Srinivasan


We continue the study of protocols for secure multiparty computation (MPC) that require only two rounds of interaction. The recent works of Garg and Srinivasan (Eurocrypt 2018) and Benhamouda and Lin (Eurocrypt 2018) essentially settle the question by showing that such protocols are implied by the minimal assumption that a two-round oblivious transfer (OT) protocol exists. However, these protocols inherently make a non-black-box use of the underlying OT protocol, which results in poor concrete efficiency. Moreover, no analogous result was known in the information-theoretic setting, or alternatively based on one-way functions, given an OT correlations setup or an honest majority. Motivated by these limitations, we study the possibility of obtaining information-theoretic and ``black-box'' implementations of two-round MPC protocols. We obtain the following results: - Two-round MPC from OT correlations. Given an OT correlations setup, we get protocols that make a black-box use of a pseudorandom generator (PRG) and are secure against a malicious adversary corrupting an arbitrary number of parties. For a semi-honest adversary, we get similar information-theoretic protocols for branching programs. - New NIOT constructions. Towards realizing OT correlations, we extend the DDH-based non-interactive OT (NIOT) protocol of Bellare and Micali (Crypto '89) to the malicious security model, and present new NIOT constructions from the Quadratic Residuosity Assumption (QRA) and the Learning With Errors (LWE) assumption. - Two-round black-box MPC with strong PKI setup. Combining the two previous results, we get two-round MPC protocols that make a black-box use of any DDH-hard or QRA-hard group. The protocols can offer security against a malicious adversary, and require a PKI setup that depends on the number of parties and the size of computation, but not on the inputs or the identities of the participating parties. - Two-round honest-majority MPC from secure channels. Given secure point-to-point channels, we get protocols that make a black-box use of a pseudorandom generator (PRG), as well as information-theoretic protocols for branching programs. These protocols can tolerate a semi-honest adversary corrupting a strict minority of the parties, where in the information-theoretic case the complexity is quasi-polynomial in the number of parties.

Available format(s)
Publication info
A minor revision of an IACR publication in TCC 2018
Contact author(s)
sanjamg @ berkeley edu
yuvali @ cs technion ac il
akshayaram @ berkeley edu
2018-09-25: revised
2018-09-25: received
See all versions
Short URL
Creative Commons Attribution


      author = {Sanjam Garg and Yuval Ishai and Akshayaram Srinivasan},
      title = {Two-Round MPC: Information-Theoretic and Black-Box},
      howpublished = {Cryptology ePrint Archive, Paper 2018/909},
      year = {2018},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.