Abstract
In the setting of secure multiparty computation, a set of n parties with private inputs wish to jointly compute some functionality of their inputs. One of the most fundamental results of secure computation was presented by Ben-Or, Goldwasser, and Wigderson (BGW) in 1988. They demonstrated that any n-party functionality can be computed with perfect security, in the private channels model. When the adversary is semi-honest, this holds as long as t< n/ 2 parties are corrupted, and when the adversary is malicious, this holds as long as t< n/ 3 parties are corrupted. Unfortunately, a full proof of these results was never published. In this paper, we remedy this situation and provide a full proof of security of the BGW protocol. This includes a full description of the protocol for the malicious setting, including the construction of a new subprotocol for the perfect multiplication protocol that seems necessary for the case of n/ 4 ≤ t< n/ 3.
Original language | English |
---|---|
Pages (from-to) | 58-151 |
Number of pages | 94 |
Journal | Journal of Cryptology |
Volume | 30 |
Issue number | 1 |
DOIs | |
State | Published - 1 Jan 2017 |
Bibliographical note
Publisher Copyright:© 2015, International Association for Cryptologic Research.
Funding
This work was funded by the European Research Council under the European Union’s Seventh Framework Programme (FP/2007-2013)/ERC Grant Agreement No. 239868, and by the the israel science foundation (Grant No. 189/11).
Funders | Funder number |
---|---|
Seventh Framework Programme | FP/2007-2013 |
European Commission | 239868 |
Israel Science Foundation | 189/11 |
Keywords
- BGW
- Cryptographic protocols
- Multiparty computation
- Perfect security