Parallel coin-tossing and constant-round secure two-party computation

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

36 Scopus citations


In this paper we show that any two-party functionality can be securely computed in a constant number of rounds, where security is obtained against malicious adversaries that may arbitrarily deviate from the protocol specification. This is in contrast to Yao's constant-round protocol that ensures security only in the face of semi-honest adversaries, and to its malicious adversary version that requires a polynomial number of rounds. In order to obtain our result, we present a constant-round protocol for secure coin-tossing of polynomially many coins (in parallel). We then show how this protocol can be used in conjunction with other existing constructions in order to obtain a constant-round protocol for securely computing any two-party functionality. On the subject of coin-tossing, we also present a constant-round perfect coin-tossing protocol, where by "perfect" we mean that the resulting coins are guaranteed to be statistically close to uniform (and not just pseudorandom).

Original languageEnglish
Title of host publicationAdvances in Cryptology, CRYPTO 2001 - 21st Annual International Cryptology Conference, Proceedings
EditorsJoe Kilian
PublisherSpringer Verlag
Number of pages19
ISBN (Print)3540424563, 9783540424567
StatePublished - 2001
Externally publishedYes
Event21st Annual International Cryptology Conference, CRYPTO 2001 - Santa Barbara, CA, United States
Duration: 19 Aug 200123 Aug 2001

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume2139 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference21st Annual International Cryptology Conference, CRYPTO 2001
Country/TerritoryUnited States
CitySanta Barbara, CA


Dive into the research topics of 'Parallel coin-tossing and constant-round secure two-party computation'. Together they form a unique fingerprint.

Cite this