Paper 2022/257

Guaranteed Output in O(n) Rounds for Round-Robin Sampling Protocols

Ran Cohen
Jack Doerner
Yashvanth Kondi
abhi shelat
Abstract

We introduce a notion of round-robin secure sampling that captures several protocols in the literature, such as the "powers-of-tau" setup protocol for pairing-based polynomial commitments and zk-SNARKs, and certain verifiable mixnets. Due to their round-robin structure, protocols of this class inherently require sequential broadcast rounds, where is the number of participants. We describe how to compile them generically into protocols that require only broadcast rounds. Our compiled protocols guarantee output delivery against any dishonest majority. This stands in contrast to prior techniques, which require sequential broadcasts in most cases (and sometimes many more). Our compiled protocols permit a certain amount of adversarial bias in the output, as all sampling protocols with guaranteed output must, due to Cleve's impossibility result (STOC'86). We show that in the context of the aforementioned applications, this bias is harmless.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
A major revision of an IACR publication in EUROCRYPT 2022
Keywords
multiparty computation guaranteed output delivery round compression distributed sampling setup ceremonies powers of tau SNARKs mixnets
Contact author(s)
j @ ckdoerner net
History
2022-09-28: last of 2 revisions
2022-03-02: received
See all versions
Short URL
https://ia.cr/2022/257
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2022/257,
      author = {Ran Cohen and Jack Doerner and Yashvanth Kondi and abhi shelat},
      title = {Guaranteed Output in $O(\sqrt{n})$ Rounds for Round-Robin Sampling Protocols},
      howpublished = {Cryptology {ePrint} Archive, Paper 2022/257},
      year = {2022},
      url = {https://eprint.iacr.org/2022/257}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.