Ashish Choudhury

Between a Rock and a Hard Place: Interpolating between MPC and FHE

We present a computationally secure MPC protocol for threshold adversaries which is parametrized by a value L. When L = 2 we obtain a classical form of MPC protocol in which interaction is required for multiplications, as L increases interaction is reduced, in that one requires interaction only after computing a higher degree function. When L approaches infinity one obtains the FHE based protocol of Gentry, which requires no interaction. Thus one can trade communication for computation in a simple way. Our protocol is based on an interactive protocol for “bootstrapping” a somewhat homomorphic encryption (SHE) scheme. The key contribution is that our presented protocol is highly communication efficient enabling us to obtain reduced communication when compared to traditional MPC protocols for relatively small values of L.

Brief announcement: optimal amortized secret sharing with cheater identification

We consider the problem of <i>k</i>-out-of-<i>n</i> secret sharing, capable of identifying up to <i>t</i> cheaters, with probability at least (1 - ε), for a given error parameter ε. In any such secret sharing scheme, <i>t</i> < <i>k</i>/2 and the lower bound of |<i>V</i>_<i>i</i>| ≥ |<i>S</i>| - 1 / ε + 1 holds. Here <i>V</i>_<i>i</i> denotes the set of all possible <i>i</i>^<i>th</i> share, that can be assigned to the <i>i</i>^<i>th</i> party and <i>S</i> denotes the set of all possible secrets. To the best of our knowledge, there does not exist any computationally efficient secret sharing scheme with <i>k</i> = 2<i>t</i>+1 (the minimum value of <i>k</i>), where |<i>V</i>_<i>i</i>| exactly matches the lower bound. We show that it is possible to match this bound in the <i>amortized</i> sense.

Asynchronous MPC with a strict honest majority using non-equivocation

Multiparty computation (MPC) among n parties can tolerate up to tsynchronous communication setting; however, in an asynchronous communication setting, the resiliency bound decreases to only t < n/3 active corruptions. We improve the resiliency bound for asynchronous MPC (AMPC) to match synchronous MPC using non-equivocation. Non-equivocation is a message authentication mechanism to restrict a corrupted sender from making conflicting statements to different (honest) parties. It can be implemented using an increment-only counter and a digital signature oracle, realizable with trusted hardware modules readily available in commodity computers and smartphone devices. A non-equivocation mechanism can also be transferable and allows a receiver to verifiably transfer the authenticated statement to other parties. In this work, using transferable non-equivocation, we present an AMPC protocol tolerating t < n/2 faults. From a practical point of view, our AMPC protocol requires fewer setup assumptions than the previous AMPC protocol with t < n/2 by Beerliova-Trubiniova, Hirt and Nielsen [PODC 2010]: unlike their AMPC protocol, it does not require any synchronous broadcast round at the beginning of the protocol and avoids the threshold homomorphic encryption setup assumption. Moreover, our AMPC protocol is also efficient and provides a gain of Θ(n) in the communication complexity per multiplication gate, over the AMPC protocol of Beerliova-Trubiniova et al. In the process, using non-equivocation, we also define the first asynchronous verifiable secret sharing (AVSS) scheme with t < n/2, which is of independent interest to threshold cryptography.

Communication efficient perfectly secure VSS and MPC in asynchronous networks with optimal resilience

Verifiable Secret Sharing (VSS) is a fundamental primitive used in many distributed cryptographic tasks, such as Multiparty Computation (MPC) and Byzantine Agreement (BA). It is a two phase (sharing, reconstruction) protocol. The VSS and MPC protocols are carried out among n parties, where t out of n parties can be under the influence of a Byzantine (active) adversary, having unbounded computing power. It is well known that protocols for perfectly secure VSS and perfectly secure MPC exist in an asynchronous network iff n≥4t+1. Hence, we call any perfectly secure VSS (MPC) protocol designed over an asynchronous network with n=4t+1 as optimally resilient VSS (MPC) protocol. A secret is d-shared among the parties if there exists a random degree-d polynomial whose constant term is the secret and each honest party possesses a distinct point on the degree-d polynomial. Typically VSS is used as a primary tool to generate t-sharing of secret(s). In this paper, we present an optimally resilient, perfectly secure Asynchronous VSS (AVSS) protocol that can generate d-sharing of a secret for any d, where t≤d≤2t. This is the first optimally resilient, perfectly secure AVSS of its kind in the literature. Specifically, our AVSS can generate d-sharing of l≥1 secrets from

Efficient Asynchronous Verifiable Secret Sharing and Multiparty Computation

{\mathbb F}

Reducing the Overhead of MPC over a Large Population

concurrently, with a communication cost of

Optimally Resilient Asynchronous MPC with Linear Communication Complexity

{\cal O}(\ell n^2 \log{|{\mathbb F}|})

Asynchronous Byzantine Agreement with optimal resilience

bits, where

On the trade-off between network connectivity, round complexity, and communication complexity of reliable message transmission

{\mathbb F}

Breaking the

is a finite field. Communication complexity wise, the best known optimally resilient, perfectly secure AVSS is reported in [2]. The protocol of [2] can generate t-sharing of l secrets concurrently, with the same communication complexity as our AVSS. However, the AVSS of [2] and [4] (the only known optimally resilient perfectly secure AVSS, other than [2]) does not generate d-sharing, for any d>t. Interpreting in a different way, we may also say that our AVSS shares l(d+1−t) secrets simultaneously with a communication cost of