An efficient protocol for secure two-party computation in the presence of malicious adversaries

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

266 Scopus citations

Abstract

We show an efficient secure two-party protocol, based on Yao's construction, which provides security against malicious adversaries. Yao's original protocol is only secure in the presence of semi-honest adversaries. Security against malicious adversaries can be obtained by applying the compiler of Goldreich, Micali and Wigderson (the "GMW compiler"). However, this approach does not seem to be very practical as it requires using generic zero-knowledge proofs. Our construction is based on applying cut-and-choose techniques to the original circuit and inputs. Security is proved according to the ideal/real simulation paradigm, and the proof is in the standard model (with no random oracle model or common reference string assumptions). The resulting protocol is computationally efficient: the only usage of asymmetric cryptography is for running O(1) oblivious transfers for each input bit (or for each bit of a statistical security parameter, whichever is larger). Our protocol combines techniques from folklore (like cut-and-choose) along with new techniques for efficiently proving consistency of inputs. We remark that a naive implementation of the cut-and-choose technique with Yao's protocol does not yield a secure protocol. This is the first paper to show how to properly implement these techniques, and to provide a full proof of security. Our protocol can also be interpreted as a constant-round black-box reduction of secure two-party computation to oblivious transfer and perfectly-hiding commitments, or a black-box reduction of secure two-party computation to oblivious transfer alone, with a number of rounds which is linear in a statistical security parameter. These two reductions are comparable to Kilian's reduction, which uses OT alone but incurs a number of rounds which is linear in the depth of the circuit [18].

Original languageEnglish
Title of host publicationAdvances in Cryptology - EUROCRYPT 2007 - 26th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings
Pages52-78
Number of pages27
StatePublished - 2007
Event26th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2007 - Barcelona, Spain
Duration: 20 May 200724 May 2007

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4515 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference26th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2007
Country/TerritorySpain
CityBarcelona
Period20/05/0724/05/07

Fingerprint

Dive into the research topics of 'An efficient protocol for secure two-party computation in the presence of malicious adversaries'. Together they form a unique fingerprint.

Cite this