An important research direction in secure multi-party computation (MPC) is to improve the efficiency of the protocol. One idea that has recently received attention is to consider a slightly weaker security model than full malicious security – the so-called setting of covert security. In covert security, the adversary may cheat but only is detected with certain probability. Several works in covert security consider the offline/online approach, where during a costly offline phase correlated randomness is computed, which is consumed in a fast online phase. State-of-the-art protocols focus on improving the efficiency by using a covert offline phase, but ignore the online phase. In particular, the online phase is usually assumed to guarantee security against malicious adversaries. In this work, we take a fresh look at the offline/online paradigm in the covert security setting. Our main insight is that by weakening the security of the online phase from malicious to covert, we can gain significant efficiency improvements during the offline phase. Concretely, we demonstrate our technique by applying it to the online phase of the well-known TinyOT protocol (Nielsen et al., CRYPTO ’12). The main observation is that by reducing the MAC length in the online phase of TinyOT to t bits, we can guarantee covert security with a detection probability of 1-12t. Since the computation carried out by the offline phase depends on the MAC length, shorter MACs result in a more efficient offline phase and thus speed up the overall computation. Our evaluation shows that our approach reduces the communication complexity of the offline protocol by at least 35% for a detection rate up to 78. In addition, we present a new generic composition result for analyzing the security of online/offline protocols in terms of concrete security.
|Title of host publication||Topics in Cryptology – CT-RSA 2023 - Cryptographers’ Track at the RSA Conference 2023, Proceedings|
|Publisher||Springer Science and Business Media Deutschland GmbH|
|Number of pages||27|
|State||Published - 2023|
|Event||Cryptographers’ Track at the RSA Conference, CT-RSA 2023 - San Francisco, United States|
Duration: 24 Apr 2023 → 27 Apr 2023
|Name||Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)|
|Conference||Cryptographers’ Track at the RSA Conference, CT-RSA 2023|
|Period||24/04/23 → 27/04/23|
Bibliographical notePublisher Copyright:
© 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.
- Covert Security
- Deterrence Composition
- Multi-Party Computation (MPC)