{"title":"异步安全计算","authors":"M. Ben-Or, R. Canetti, Oded Goldreich","doi":"10.1145/167088.167109","DOIUrl":null,"url":null,"abstract":"We initiate a study of security in asynchronous networks. We consider a completely asynchronous network where every two parties are connected via a private channel, and some of the parties may be faulty. We start by defining secure computation in this model. Our definition adapts the underlying principles of defining security (i.e., comparing the computation to a computation in the presence of a trusted party) to the asynchronous model. In particular, our definition takes into account the fact that the computation must be completed even if we never hear from the faulty parties. Next, we show that whatever can be securely computed in an asynchronous network in the presence of a trusted party, can be securely computed in a network in which no such trusted party exists. We distinguish two types of faults. In case of Fail-Stop faults, our construction is valid as long as the faulty parties constitute less than a thzr-d of the parties in the network. In case of general (i.e., Byzantine) faults, our construction requires that the faulty parties are less than a fourth fraction. In both cases, the resilience of our construction is optimal. Our construction generalizes known synchronous constructions by Ben-Or, Goldwasser and Wigderson. In addition, we introduce and implement several new asynchronous primitives. Among these, we note an errorless asynchronous verifiable secret sharing scheme, an asynchronous agreement on a large set that is contained in the dynamical y growing inputs of all non-faulty parties, and an on-line error-correcting procedure. * email: benor@cs.huji.ac.il t ~~ail.. canetti@tx .technion.ac.il %email: odedrfiks.technion. ac.il. Supported by grant no. 8900312 from the United States — Israel Binational Science Foundation, Jerusalem, Israel Permission to copy without fee all or part of this material ia granted provided that the copies are not made or distributed for direct commercial advantage, the ACM copyright notice and the title of the publication and its date appaar, and notice is given that copying is by permission of the Association for Computing Machinery. To copy otherwiee, or to republish, requiree a fee and/or specific permission. 25th ACM STOC ‘93-5 /93/CA, USA G 1993 ACM 0-89791 -591 -7/93 /0005 [0052 . ..$1 .50 Computer Science Dept. of Computer Science","PeriodicalId":280602,"journal":{"name":"Proceedings of the twenty-fifth annual ACM symposium on Theory of Computing","volume":"15 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1993-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"212","resultStr":"{\"title\":\"Asynchronous secure computation\",\"authors\":\"M. Ben-Or, R. Canetti, Oded Goldreich\",\"doi\":\"10.1145/167088.167109\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We initiate a study of security in asynchronous networks. We consider a completely asynchronous network where every two parties are connected via a private channel, and some of the parties may be faulty. We start by defining secure computation in this model. Our definition adapts the underlying principles of defining security (i.e., comparing the computation to a computation in the presence of a trusted party) to the asynchronous model. In particular, our definition takes into account the fact that the computation must be completed even if we never hear from the faulty parties. Next, we show that whatever can be securely computed in an asynchronous network in the presence of a trusted party, can be securely computed in a network in which no such trusted party exists. We distinguish two types of faults. In case of Fail-Stop faults, our construction is valid as long as the faulty parties constitute less than a thzr-d of the parties in the network. In case of general (i.e., Byzantine) faults, our construction requires that the faulty parties are less than a fourth fraction. In both cases, the resilience of our construction is optimal. Our construction generalizes known synchronous constructions by Ben-Or, Goldwasser and Wigderson. In addition, we introduce and implement several new asynchronous primitives. Among these, we note an errorless asynchronous verifiable secret sharing scheme, an asynchronous agreement on a large set that is contained in the dynamical y growing inputs of all non-faulty parties, and an on-line error-correcting procedure. * email: benor@cs.huji.ac.il t ~~ail.. canetti@tx .technion.ac.il %email: odedrfiks.technion. ac.il. Supported by grant no. 8900312 from the United States — Israel Binational Science Foundation, Jerusalem, Israel Permission to copy without fee all or part of this material ia granted provided that the copies are not made or distributed for direct commercial advantage, the ACM copyright notice and the title of the publication and its date appaar, and notice is given that copying is by permission of the Association for Computing Machinery. To copy otherwiee, or to republish, requiree a fee and/or specific permission. 25th ACM STOC ‘93-5 /93/CA, USA G 1993 ACM 0-89791 -591 -7/93 /0005 [0052 . ..$1 .50 Computer Science Dept. of Computer Science\",\"PeriodicalId\":280602,\"journal\":{\"name\":\"Proceedings of the twenty-fifth annual ACM symposium on Theory of Computing\",\"volume\":\"15 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1993-06-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"212\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the twenty-fifth annual ACM symposium on Theory of Computing\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/167088.167109\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the twenty-fifth annual ACM symposium on Theory of Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/167088.167109","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 212
摘要
我们开始研究异步网络的安全性。我们考虑一个完全异步的网络,其中每两方都通过专用通道连接,其中一些方可能出现故障。我们首先在这个模型中定义安全计算。我们的定义将定义安全性的基本原则(即,将计算与存在可信方的计算进行比较)应用于异步模型。特别是,我们的定义考虑了这样一个事实,即即使我们从未收到错误方的消息,计算也必须完成。接下来,我们将展示在存在可信方的异步网络中可以安全计算的任何内容,在不存在此类可信方的网络中也可以安全计算。我们区分出两种类型的断层。在Fail-Stop故障的情况下,我们的构造是有效的,只要故障方占网络各方的比例小于1 / 3。在一般(即拜占庭)故障的情况下,我们的构造要求故障方小于四分之一。在这两种情况下,我们的建筑的弹性都是最佳的。我们的构造推广了Ben-Or, Goldwasser和Wigderson已知的同步构造。此外,我们还引入并实现了几个新的异步原语。其中,我们注意到一个无错误异步可验证秘密共享方案,一个包含在所有无错误方的动态y增长输入中的大集合上的异步协议,以及一个在线纠错过程。*邮箱:benor@cs.huji.ac.il t ~~ail..canetti@tx .technion.ac。电子邮件:odedrfiks.technion。ac.il。资助项目:8900312(美国-以色列两国科学基金会,耶路撒冷,以色列)允许免费复制本材料的全部或部分,前提是这些副本不是为了直接的商业利益而制作或分发的,ACM版权声明和出版物的标题及其日期,并通知复制是由计算机械协会许可的。复制他人,或重新发布,需要支付费用和/或特定许可。25 ACM STOC ' 93-5 /93/CA, USA G 1993 ACM 0-89791 -591 -7/93 /0005[0052 .…]$ 1.50计算机科学计算机科学系
We initiate a study of security in asynchronous networks. We consider a completely asynchronous network where every two parties are connected via a private channel, and some of the parties may be faulty. We start by defining secure computation in this model. Our definition adapts the underlying principles of defining security (i.e., comparing the computation to a computation in the presence of a trusted party) to the asynchronous model. In particular, our definition takes into account the fact that the computation must be completed even if we never hear from the faulty parties. Next, we show that whatever can be securely computed in an asynchronous network in the presence of a trusted party, can be securely computed in a network in which no such trusted party exists. We distinguish two types of faults. In case of Fail-Stop faults, our construction is valid as long as the faulty parties constitute less than a thzr-d of the parties in the network. In case of general (i.e., Byzantine) faults, our construction requires that the faulty parties are less than a fourth fraction. In both cases, the resilience of our construction is optimal. Our construction generalizes known synchronous constructions by Ben-Or, Goldwasser and Wigderson. In addition, we introduce and implement several new asynchronous primitives. Among these, we note an errorless asynchronous verifiable secret sharing scheme, an asynchronous agreement on a large set that is contained in the dynamical y growing inputs of all non-faulty parties, and an on-line error-correcting procedure. * email: benor@cs.huji.ac.il t ~~ail.. canetti@tx .technion.ac.il %email: odedrfiks.technion. ac.il. Supported by grant no. 8900312 from the United States — Israel Binational Science Foundation, Jerusalem, Israel Permission to copy without fee all or part of this material ia granted provided that the copies are not made or distributed for direct commercial advantage, the ACM copyright notice and the title of the publication and its date appaar, and notice is given that copying is by permission of the Association for Computing Machinery. To copy otherwiee, or to republish, requiree a fee and/or specific permission. 25th ACM STOC ‘93-5 /93/CA, USA G 1993 ACM 0-89791 -591 -7/93 /0005 [0052 . ..$1 .50 Computer Science Dept. of Computer Science
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
