Adaptively Secure MPC with Sublinear Communication Complexity

Ran Cohen, Abhi Shelat, Daniel Wichs

Research output: Contribution to journalArticlepeer-review

Abstract

A central challenge in the study of MPC is to balance between security guarantees, hardness assumptions, and resources required for the protocol. In this work, we study the cost of tolerating adaptive corruptions in MPC protocols under various corruption thresholds. In the strongest setting, we consider adaptive corruptions of an arbitrary number of parties (potentially all) and achieve the following results: (1) A two-round secure function evaluation (SFE) protocol in the CRS model, assuming LWE and indistinguishability obfuscation (iO). The communication, the CRS size, and the online computation are sublinear in the size of the function. The iO assumption can be replaced by secure erasures. Previous results required either the communication or the CRS size to be polynomial in the function size. (2) Under the same assumptions, we construct a “Bob-optimized” 2PC (where Alice talks first, Bob second, and Alice learns the output). That is, the communication complexity and total computation of Bob are sublinear in the function size and in Alice’s input size. We prove impossibility of “Alice-optimized” protocols. (3) Assuming LWE, we bootstrap adaptively secure NIZK arguments to achieve proof size sublinear in the circuit size of the NP relation. On a technical level, our results are based on laconic function evaluation (LFE) (Quach, Wee, and Wichs, FOCS’18) and shed light on an interesting duality between LFE and FHE. Next, we analyze adaptive corruptions of all-but-one of the parties and show a two-round SFE protocol in the threshold-PKI model (where keys of a threshold FHE scheme are pre-shared among the parties) with communication complexity sublinear in the circuit size, assuming LWE and NIZK. Finally, we consider the honest-majority setting and show a two-round SFE protocol with guaranteed output delivery under the same constraints. Our results highlight that the asymptotic cost of adaptive security can be reduced to be comparable to, and in many settings almost match, that of static security, with only a little sacrifice to the concrete round complexity and asymptotic communication complexity.

Original languageEnglish
Article number11
JournalJournal of Cryptology
Volume36
Issue number2
DOIs
StatePublished - Apr 2023
Externally publishedYes

Bibliographical note

Publisher Copyright:
© 2023, International Association for Cryptologic Research.

Funding

Ran Cohen: Some of this work was done while the author was working at Boston University and Northeastern University, and supported by the Northeastern University Cybersecurity and Privacy Institute Post-doctoral fellowship, NSF grant TWC-1664445, NSF grant 1422965, and by the NSF MACS project. Abhi Shelat: Research supported by NSF grant TWC-1664445 and a Google Faculty fellowship. Daniel Wichs: Research supported by NSF grants CNS-1314722, CNS-1413964, CNS-1750795 and the Alfred P. Sloan Research Fellowship.

FundersFunder number
National Science Foundation1422965, TWC-1664445
Alfred P. Sloan Foundation
GoogleCNS-1750795, CNS-1413964, CNS-1314722
Boston University
Northeastern University

    Keywords

    • Adaptive security
    • Secure multiparty computation
    • Sublinear communication

    Fingerprint

    Dive into the research topics of 'Adaptively Secure MPC with Sublinear Communication Complexity'. Together they form a unique fingerprint.

    Cite this