Fairness versus guaranteed output delivery in secure multiparty computation

Ran Cohen, Yehuda Lindell

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

22 Scopus citations

Abstract

In the setting of secure multiparty computation, a set of parties wish to compute a joint function of their private inputs. The computation should preserve security properties such as privacy, correctness, independence of inputs, fairness and guaranteed output delivery. In the case of no honest majority, fairness and guaranteed output delivery cannot always be obtained. Thus, protocols for secure multiparty computation are typically of two disparate types: protocols that assume an honest majority (and achieve all properties including fairness and guaranteed output delivery), and protocols that do not assume an honest majority (and achieve all properties except for fairness and guaranteed output delivery). In addition, in the two-party case, fairness and guaranteed output delivery are equivalent. As a result, the properties of fairness (which means that if corrupted parties receive output then so do the honest parties) and guaranteed output delivery (which means that corrupted parties cannot prevent the honest parties from receiving output in any case) have typically been considered to be the same. In this paper, we initiate a study of the relation between fairness and guaranteed output delivery in secure multiparty computation. We show that in the multiparty setting these properties are distinct and proceed to study under what conditions fairness implies guaranteed output delivery (the opposite direction always holds). We also show the existence of non-trivial functions for which complete fairness is achievable (without an honest majority) but guaranteed output delivery is not, and the existence of non-trivial functions for which complete fairness and guaranteed output delivery are achievable. Our study sheds light on the role of broadcast in fairness and guaranteed output delivery, and shows that these properties should sometimes be considered separately.

Original languageEnglish
Title of host publicationAdvances in Cryptology - ASIACRYPT 2014 - 20th International Conference on the Theory and Application of Cryptology and Information Security, Proceedings, Part II
EditorsPalash Sarkar, Tetsu Iwata
PublisherSpringer Verlag
Pages466-485
Number of pages20
ISBN (Electronic)9783662456071
DOIs
StatePublished - 2014
Event20th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2014 - Kaoshiung, Taiwan, Province of China
Duration: 7 Dec 201411 Dec 2014

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8874
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference20th International Conference on the Theory and Application of Cryptology and Information Security, ASIACRYPT 2014
Country/TerritoryTaiwan, Province of China
CityKaoshiung
Period7/12/1411/12/14

Bibliographical note

Publisher Copyright:
© International Association for Cryptologic Research 2014.

Funding

This research was supported by the israel science foundation (grant No. 189/11). The first author was also supported by the Ministry of Science, Technology and Space and by the National Cyber Bureau of Israel.

FundersFunder number
Israel Science Foundation
National Cyber Bureau of Israel
Ministry of Science, Technology and Space
Israel Science Foundation189/11

    Fingerprint

    Dive into the research topics of 'Fairness versus guaranteed output delivery in secure multiparty computation'. Together they form a unique fingerprint.

    Cite this