Cryptology ePrint Archive: Report 2019/454

Non-Interactive MPC with Trusted Hardware Secure Against Residual Function Attacks

Ryan Karl and Timothy Burchfield and Jonathan Takeshita and Taeho Jung

Abstract: Secure multiparty computation (MPC) has been repeatedly optimized, and protocols with two communication rounds and strong security guarantees have been achieved. While progress has been made constructing non-interactive protocols with just one-round of online communication (i.e., non-interactive MPC or NI-MPC), since correct evaluation must be guaranteed with only one round, these protocols are by their nature vulnerable to the residual function attack in the standard model. This is because a party that receives a garbled circuit may repeatedly evaluate the circuit locally, while varying their own inputs and fixing the input of others to learn the values entered by other participants. We present the first MPC protocol with a one-round online phase that is secure against the residual function attack. We also present rigorous proofs of correctness and security in the covert adversary model, a reduction of the malicious model that is stronger than the semi-honest model and better suited for modeling the behaviour of parties in the real world, for our protocol. Furthermore, we rigorously analyze the communication and computational complexity of current state of the art protocols which require two rounds of communication or one-round during the online-phase with a reduced security requirement, and demonstrate that our protocol is comparable to or outperforms their complexity.

Category / Keywords: cryptographic protocols / Non-Interactive MPC, Communication round complexity, Trusted hardware

Original Publication (with minor differences): 15th EAI International Conference on Security and Privacy in Communication Networks

Date: received 3 May 2019, last revised 24 Jun 2019

Contact author: tjung at nd edu

Available format(s): PDF | BibTeX Citation

Note: Changed some typos, clarified several things based on reviewer comments.

Version: 20190625:021657 (All versions of this report)

Short URL: ia.cr/2019/454


[ Cryptology ePrint archive ]