Generalized Pseudorandom Secret Sharing and Efficient Straggler-Resilient Secure Computation

Fabrice Benhamouda; Elette Boyle; Niv Gilboa; Shai Halevi; Yuval Ishai; Ariel Nof

doi:10.1007/978-3-030-90453-1_5

Generalized Pseudorandom Secret Sharing and Efficient Straggler-Resilient Secure Computation

Fabrice Benhamouda, Elette Boyle, Niv Gilboa, Shai Halevi, Yuval Ishai, Ariel Nof

Department of Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

6 Scopus citations

Abstract

Secure multiparty computation (MPC) enables n parties, of which up to t may be corrupted, to perform joint computations on their private inputs while revealing only the outputs. Optimizing the asymptotic and concrete costs of MPC protocols has become an important line of research. Much of this research focuses on the setting of an honest majority, where n≥ 2 t+ 1, which gives rise to concretely efficient protocols that are either information-theoretic or make a black-box use of symmetric cryptography. Efficiency can be further improved in the case of a strong honest majority, where n> 2 t+ 1. Motivated by the goal of minimizing the communication and latency costs of MPC with a strong honest majority, we make two related contributions. Generalized pseudorandom secret sharing (PRSS). Linear correlations serve as an important resource for MPC protocols and beyond. PRSS enables secure generation of many pseudorandom instances of such correlations without interaction, given replicated seeds of a pseudorandom function. We extend the PRSS technique of Cramer et al. (TCC 2005) for sharing degree-d polynomials to new constructions leveraging a particular class of combinatorial designs. Our constructions yield a dramatic efficiency improvement when the degree d is higher than the security threshold t, not only for standard degree-d correlations but also for several useful generalizations. In particular, correlations for locally converting between slot configurations in “share packing” enable us to avoid the concrete overhead of prior works.Cheap straggler resilience. In reality, communication is not fully synchronous: protocol executions suffer from variance in communication delays and occasional node or message-delivery failures. We explore the benefits of PRSS-based MPC with a strong honest majority toward robustness against such failures, in turn yielding improved latency delays. In doing so we develop a novel technique for defending against a subtle “double-dipping” attack, which applies to the best existing protocols, with almost no extra cost in communication or rounds. Combining the above tools requires further work, including new methods for batch verification via distributed zero-knowledge proofs (Boneh et al., CRYPTO 2019) that apply to packed secret sharing. Overall, our work demonstrates new advantages of the strong honest majority setting, and introduces new tools—in particular, generalized PRSS—that we believe will be of independent use within other cryptographic applications.

Original language	English
Title of host publication	Theory of Cryptography - 19th International Conference, TCC 2021, Proceedings
Editors	Kobbi Nissim, Brent Waters, Brent Waters
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	129-161
Number of pages	33
ISBN (Print)	9783030904524
DOIs	https://doi.org/10.1007/978-3-030-90453-1_5
State	Published - 2021
Event	19th International Conference on Theory of Cryptography, TCC 2021 - Raleigh, United States Duration: 8 Nov 2021 → 11 Nov 2021

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	13043 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	19th International Conference on Theory of Cryptography, TCC 2021
Country/Territory	United States
City	Raleigh
Period	8/11/21 → 11/11/21

Bibliographical note

Publisher Copyright:
© 2021, International Association for Cryptologic Research.

Funding

Acknowledgements. We thank Tuvi Etzion for helpful pointers to the literature on covering designs. E. Boyle supported by ISF grant 1861/16, AFOSR Award FA9550-17–1–0069, and ERC Project HSS (852952). N. Gilboa supported by ISF grant 2951/20, ERC grant 876110, and a grant by the BGU Cyber Center. Y. Ishai supported by ERC Project NTSC (742754), NSF-BSF grant 2015782, BSF grant 2018393, and ISF grant 2774/20. A. Nof supported by ERC Project NTSC (742754).

Funders	Funder number
NSF-BSF	2015782
NTSC	742754
Air Force Office of Scientific Research	FA9550-17–1–0069
Bonfils-Stanton Foundation	2018393, 2774/20
Bishop Grosseteste University
Hospital for Special Surgery	852952, 876110, 2951/20
Engineering Research Centers
Israel Science Foundation	1861/16

Access to Document

10.1007/978-3-030-90453-1_5

Cite this

Benhamouda, F., Boyle, E., Gilboa, N., Halevi, S., Ishai, Y., & Nof, A. (2021). Generalized Pseudorandom Secret Sharing and Efficient Straggler-Resilient Secure Computation. In K. Nissim, B. Waters, & B. Waters (Eds.), Theory of Cryptography - 19th International Conference, TCC 2021, Proceedings (pp. 129-161). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 13043 LNCS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-90453-1_5

Benhamouda, Fabrice ; Boyle, Elette ; Gilboa, Niv et al. / Generalized Pseudorandom Secret Sharing and Efficient Straggler-Resilient Secure Computation. Theory of Cryptography - 19th International Conference, TCC 2021, Proceedings. editor / Kobbi Nissim ; Brent Waters ; Brent Waters. Springer Science and Business Media Deutschland GmbH, 2021. pp. 129-161 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{88e612a1c61a40099bc311d90a149ea1,

title = "Generalized Pseudorandom Secret Sharing and Efficient Straggler-Resilient Secure Computation",

abstract = "Secure multiparty computation (MPC) enables n parties, of which up to t may be corrupted, to perform joint computations on their private inputs while revealing only the outputs. Optimizing the asymptotic and concrete costs of MPC protocols has become an important line of research. Much of this research focuses on the setting of an honest majority, where n≥ 2 t+ 1, which gives rise to concretely efficient protocols that are either information-theoretic or make a black-box use of symmetric cryptography. Efficiency can be further improved in the case of a strong honest majority, where n> 2 t+ 1. Motivated by the goal of minimizing the communication and latency costs of MPC with a strong honest majority, we make two related contributions. Generalized pseudorandom secret sharing (PRSS). Linear correlations serve as an important resource for MPC protocols and beyond. PRSS enables secure generation of many pseudorandom instances of such correlations without interaction, given replicated seeds of a pseudorandom function. We extend the PRSS technique of Cramer et al. (TCC 2005) for sharing degree-d polynomials to new constructions leveraging a particular class of combinatorial designs. Our constructions yield a dramatic efficiency improvement when the degree d is higher than the security threshold t, not only for standard degree-d correlations but also for several useful generalizations. In particular, correlations for locally converting between slot configurations in “share packing” enable us to avoid the concrete overhead of prior works.Cheap straggler resilience. In reality, communication is not fully synchronous: protocol executions suffer from variance in communication delays and occasional node or message-delivery failures. We explore the benefits of PRSS-based MPC with a strong honest majority toward robustness against such failures, in turn yielding improved latency delays. In doing so we develop a novel technique for defending against a subtle “double-dipping” attack, which applies to the best existing protocols, with almost no extra cost in communication or rounds. Combining the above tools requires further work, including new methods for batch verification via distributed zero-knowledge proofs (Boneh et al., CRYPTO 2019) that apply to packed secret sharing. Overall, our work demonstrates new advantages of the strong honest majority setting, and introduces new tools—in particular, generalized PRSS—that we believe will be of independent use within other cryptographic applications.",

author = "Fabrice Benhamouda and Elette Boyle and Niv Gilboa and Shai Halevi and Yuval Ishai and Ariel Nof",

note = "Publisher Copyright: {\textcopyright} 2021, International Association for Cryptologic Research.; 19th International Conference on Theory of Cryptography, TCC 2021 ; Conference date: 08-11-2021 Through 11-11-2021",

year = "2021",

doi = "10.1007/978-3-030-90453-1_5",

language = "אנגלית",

isbn = "9783030904524",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "129--161",

editor = "Kobbi Nissim and Brent Waters and Brent Waters",

booktitle = "Theory of Cryptography - 19th International Conference, TCC 2021, Proceedings",

address = "גרמניה",

}

Benhamouda, F, Boyle, E, Gilboa, N, Halevi, S, Ishai, Y & Nof, A 2021, Generalized Pseudorandom Secret Sharing and Efficient Straggler-Resilient Secure Computation. in K Nissim, B Waters & B Waters (eds), Theory of Cryptography - 19th International Conference, TCC 2021, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 13043 LNCS, Springer Science and Business Media Deutschland GmbH, pp. 129-161, 19th International Conference on Theory of Cryptography, TCC 2021, Raleigh, United States, 8/11/21. https://doi.org/10.1007/978-3-030-90453-1_5

Generalized Pseudorandom Secret Sharing and Efficient Straggler-Resilient Secure Computation. / Benhamouda, Fabrice; Boyle, Elette; Gilboa, Niv et al.
Theory of Cryptography - 19th International Conference, TCC 2021, Proceedings. ed. / Kobbi Nissim; Brent Waters; Brent Waters. Springer Science and Business Media Deutschland GmbH, 2021. p. 129-161 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 13043 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Generalized Pseudorandom Secret Sharing and Efficient Straggler-Resilient Secure Computation

AU - Benhamouda, Fabrice

AU - Boyle, Elette

AU - Gilboa, Niv

AU - Halevi, Shai

AU - Ishai, Yuval

AU - Nof, Ariel

PY - 2021

Y1 - 2021

N2 - Secure multiparty computation (MPC) enables n parties, of which up to t may be corrupted, to perform joint computations on their private inputs while revealing only the outputs. Optimizing the asymptotic and concrete costs of MPC protocols has become an important line of research. Much of this research focuses on the setting of an honest majority, where n≥ 2 t+ 1, which gives rise to concretely efficient protocols that are either information-theoretic or make a black-box use of symmetric cryptography. Efficiency can be further improved in the case of a strong honest majority, where n> 2 t+ 1. Motivated by the goal of minimizing the communication and latency costs of MPC with a strong honest majority, we make two related contributions. Generalized pseudorandom secret sharing (PRSS). Linear correlations serve as an important resource for MPC protocols and beyond. PRSS enables secure generation of many pseudorandom instances of such correlations without interaction, given replicated seeds of a pseudorandom function. We extend the PRSS technique of Cramer et al. (TCC 2005) for sharing degree-d polynomials to new constructions leveraging a particular class of combinatorial designs. Our constructions yield a dramatic efficiency improvement when the degree d is higher than the security threshold t, not only for standard degree-d correlations but also for several useful generalizations. In particular, correlations for locally converting between slot configurations in “share packing” enable us to avoid the concrete overhead of prior works.Cheap straggler resilience. In reality, communication is not fully synchronous: protocol executions suffer from variance in communication delays and occasional node or message-delivery failures. We explore the benefits of PRSS-based MPC with a strong honest majority toward robustness against such failures, in turn yielding improved latency delays. In doing so we develop a novel technique for defending against a subtle “double-dipping” attack, which applies to the best existing protocols, with almost no extra cost in communication or rounds. Combining the above tools requires further work, including new methods for batch verification via distributed zero-knowledge proofs (Boneh et al., CRYPTO 2019) that apply to packed secret sharing. Overall, our work demonstrates new advantages of the strong honest majority setting, and introduces new tools—in particular, generalized PRSS—that we believe will be of independent use within other cryptographic applications.

AB - Secure multiparty computation (MPC) enables n parties, of which up to t may be corrupted, to perform joint computations on their private inputs while revealing only the outputs. Optimizing the asymptotic and concrete costs of MPC protocols has become an important line of research. Much of this research focuses on the setting of an honest majority, where n≥ 2 t+ 1, which gives rise to concretely efficient protocols that are either information-theoretic or make a black-box use of symmetric cryptography. Efficiency can be further improved in the case of a strong honest majority, where n> 2 t+ 1. Motivated by the goal of minimizing the communication and latency costs of MPC with a strong honest majority, we make two related contributions. Generalized pseudorandom secret sharing (PRSS). Linear correlations serve as an important resource for MPC protocols and beyond. PRSS enables secure generation of many pseudorandom instances of such correlations without interaction, given replicated seeds of a pseudorandom function. We extend the PRSS technique of Cramer et al. (TCC 2005) for sharing degree-d polynomials to new constructions leveraging a particular class of combinatorial designs. Our constructions yield a dramatic efficiency improvement when the degree d is higher than the security threshold t, not only for standard degree-d correlations but also for several useful generalizations. In particular, correlations for locally converting between slot configurations in “share packing” enable us to avoid the concrete overhead of prior works.Cheap straggler resilience. In reality, communication is not fully synchronous: protocol executions suffer from variance in communication delays and occasional node or message-delivery failures. We explore the benefits of PRSS-based MPC with a strong honest majority toward robustness against such failures, in turn yielding improved latency delays. In doing so we develop a novel technique for defending against a subtle “double-dipping” attack, which applies to the best existing protocols, with almost no extra cost in communication or rounds. Combining the above tools requires further work, including new methods for batch verification via distributed zero-knowledge proofs (Boneh et al., CRYPTO 2019) that apply to packed secret sharing. Overall, our work demonstrates new advantages of the strong honest majority setting, and introduces new tools—in particular, generalized PRSS—that we believe will be of independent use within other cryptographic applications.

UR - http://www.scopus.com/inward/record.url?scp=85120081452&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-90453-1_5

DO - 10.1007/978-3-030-90453-1_5

M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???

AN - SCOPUS:85120081452

SN - 9783030904524

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 129

EP - 161

BT - Theory of Cryptography - 19th International Conference, TCC 2021, Proceedings

A2 - Nissim, Kobbi

A2 - Waters, Brent

PB - Springer Science and Business Media Deutschland GmbH

T2 - 19th International Conference on Theory of Cryptography, TCC 2021

Y2 - 8 November 2021 through 11 November 2021

ER -

Benhamouda F, Boyle E, Gilboa N, Halevi S, Ishai Y, Nof A. Generalized Pseudorandom Secret Sharing and Efficient Straggler-Resilient Secure Computation. In Nissim K, Waters B, Waters B, editors, Theory of Cryptography - 19th International Conference, TCC 2021, Proceedings. Springer Science and Business Media Deutschland GmbH. 2021. p. 129-161. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-90453-1_5

Generalized Pseudorandom Secret Sharing and Efficient Straggler-Resilient Secure Computation

Abstract

Publication series

Conference

Bibliographical note

Funding

Access to Document

Other files and links

Fingerprint

Cite this