Cryptology ePrint Archive: Report 2021/366

Multiparty Computation with Covert Security and Public Verifiability

Peter Scholl and Mark Simkin and Luisa Siniscalchi

Abstract: Multiparty computation protocols (MPC) are said to be \emph{secure against covert adversaries} if the honest parties are guaranteed to detect any misbehavior by the malicious parties with a constant probability. Protocols that, upon detecting a cheating attempt, additionally allow the honest parties to compute certificates, which enable third parties to be convinced of the malicious behavior of the accused parties, are called \emph{publicly verifiable}. In this work, we make several contributions to the domain of MPC with security against covert adversaries.

We identify a subtle flaw in a protocol of Goyal, Mohassel, and Smith (Eurocrypt 2008) and show how to modify their original construction to obtain security against covert adversaries.

We present generic compilers that transform arbitrary passively secure preprocessing protocols, i.e. protocols where the parties have no private inputs, into protocols that are secure against covert adversaries and publicly verifiable. Using our compiler, we construct the first efficient variants of the BMR and the SPDZ protocols that are secure and publicly verifiable against a covert adversary that corrupts all but one party and also construct variants with covert security and identifiable abort.

We observe that an existing impossibility result by Ishai, Ostrovsky, and Seyalioglu (TCC 2012) can be used to show that there exist certain functionalities that cannot be realized by parties, that have oracle-access to broadcast and arbitrary two-party functionalities, with information-theoretic security against a covert adversary.

Category / Keywords: cryptographic protocols / Covert Security, MPC protocols, Public Verifiability

Date: received 18 Mar 2021

Contact author: luisa siniscalchi88 at gmail com,simkin@cs au dk,peter scholl@cs au dk

Available format(s): PDF | BibTeX Citation

Version: 20210322:192938 (All versions of this report)

Short URL: ia.cr/2021/366


[ Cryptology ePrint archive ]