Scalable and unconditionally secure multiparty computation
I Damgård, JB Nielsen - Annual International Cryptology Conference, 2007 - Springer
Annual International Cryptology Conference, 2007•Springer
We present a multiparty computation protocol that is unconditionally secure against adaptive
and active adversaries, with communication complexity O(Cn)k+O(Dn^2)k+\rmpoly(nκ),
where C is the number of gates in the circuit, n is the number of parties, k is the bit-length of
the elements of the field over which the computation is carried out, D is the multiplicative
depth of the circuit, and κ is the security parameter. The corruption threshold is t< n/3. For
passive security the corruption threshold is t< n/2 and the communication complexity is …
and active adversaries, with communication complexity O(Cn)k+O(Dn^2)k+\rmpoly(nκ),
where C is the number of gates in the circuit, n is the number of parties, k is the bit-length of
the elements of the field over which the computation is carried out, D is the multiplicative
depth of the circuit, and κ is the security parameter. The corruption threshold is t< n/3. For
passive security the corruption threshold is t< n/2 and the communication complexity is …
Abstract
We present a multiparty computation protocol that is unconditionally secure against adaptive and active adversaries, with communication complexity , where is the number of gates in the circuit, n is the number of parties, k is the bit-length of the elements of the field over which the computation is carried out, D is the multiplicative depth of the circuit, and κ is the security parameter. The corruption threshold is t < n/3. For passive security the corruption threshold is t < n/2 and the communication complexity is . These are the first unconditionally secure protocols where the part of the communication complexity that depends on the circuit size is linear in n. We also present a protocol with threshold t < n/2 and complexity based on a complexity assumption which, however, only has to hold during the execution of the protocol – that is, the protocol has so called everlasting security.
Springer
以上显示的是最相近的搜索结果。 查看全部搜索结果