Paper 2021/1319

Maliciously-Secure MrNISC in the Plain Model

Rex Fernando, Aayush Jain, and Ilan Komargodski


A recent work of Benhamouda and Lin (TCC~'20) identified a dream version of secure multiparty computation (MPC), termed **Multiparty reusable Non-Interactive Secure Computation** (MrNISC), that combines at the same time several fundamental aspects of secure computation with standard simulation security into one primitive: round-optimality, succinctness, concurrency, and adaptivity. In more detail, MrNISC is essentially a two-round MPC protocol where the first round of messages serves as a reusable commitment to the private inputs of participating parties. Using these commitments, any subset of parties can later compute any function of their choice on their respective inputs by broadcasting one message each. Anyone who sees these parties' commitments and evaluation messages (even an outside observer) can learn the function output and nothing else. Importantly, the input commitments can be computed without knowing anything about other participating parties (neither their identities nor their number) and they are reusable across any number of computations. By now, there are several known MrNISC protocols from either (bilinear) group-based assumptions or from LWE. They all satisfy semi-malicious security (in the plain model) and require trusted setup assumptions in order to get malicious security. We are interested in maliciously secure MrNISC protocols **in the plain model, without trusted setup**. Since the standard notion of polynomial simulation is un-achievable in less than four rounds, we focus on MrNISC with **super-polynomial**-time simulation (SPS). Our main result is the first maliciously secure SPS MrNISC in the plain model. The result is obtained by generically compiling any semi-malicious MrNISC and the security of our compiler relies on several well-founded assumptions, including an indistinguishability obfuscator and a time-lock puzzle (all of which need to be sub-exponentially hard). As a special case we also obtain the first 2-round maliciously secure SPS MPC based on well-founded assumptions. This MPC is also concurrently self-composable and its first message is short (i.e., its size is independent of the number of the participating parties) and reusable throughout any number of computations.

Note: Editorial changes.

Available format(s)
Cryptographic protocols
Publication info
Preprint. Minor revision.
secure multi-party computationtwo roundsMrNISCsuper-polynomial simulation
Contact author(s)
rex1fernando @ gmail com
aayushjain1728 @ gmail com
ilank @ cs huji ac il
2022-02-16: last of 5 revisions
2021-09-30: received
See all versions
Short URL
Creative Commons Attribution


      author = {Rex Fernando and Aayush Jain and Ilan Komargodski},
      title = {Maliciously-Secure MrNISC in the Plain Model},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1319},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.