{"title":"具有可识别中止和公平性的安全多方计算","authors":"Long Nie, ShaoWen Yao, J. Liu","doi":"10.1109/CSP58884.2023.00023","DOIUrl":null,"url":null,"abstract":"Dishonest majority considered in the SPDZ(the nickname of the protocol of Damgard et al. from Crypto 2012) protocols implies the impossibility of fairness(which means that corrupted parties can prevent the honest parties from learning output). The corrupted parties can learn the outputs of the honest parties and abort the protocol. Settling for the second best, there are many works focusing on the detection of the cheaters. We construct a SPDZ-like protocol which achieves fairness when at most $n/2$ parties behave maliciously and supports identifiable abort for dishonest majority. We suggest a sharing stage after the parties finish their computation. The parties share the returns of the computation in this stage. The correctness of the sharing is guaranteed by verifiable secret sharing and homomorphic signature. The honest parties can reconstruct the outputs of the cheaters in the setting of an honest majority. We can't prevent the corrupted parties from learning the outputs and aborting the protocol for dishonest majority. Therefore, the sharing stage does not harm to the honest parties. Instead, we provide the honest parties with the identities of all cheaters in this case.","PeriodicalId":255083,"journal":{"name":"2023 7th International Conference on Cryptography, Security and Privacy (CSP)","volume":"106 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-04-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Secure Multiparty Computation with Identifiable Abort and Fairness\",\"authors\":\"Long Nie, ShaoWen Yao, J. Liu\",\"doi\":\"10.1109/CSP58884.2023.00023\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Dishonest majority considered in the SPDZ(the nickname of the protocol of Damgard et al. from Crypto 2012) protocols implies the impossibility of fairness(which means that corrupted parties can prevent the honest parties from learning output). The corrupted parties can learn the outputs of the honest parties and abort the protocol. Settling for the second best, there are many works focusing on the detection of the cheaters. We construct a SPDZ-like protocol which achieves fairness when at most $n/2$ parties behave maliciously and supports identifiable abort for dishonest majority. We suggest a sharing stage after the parties finish their computation. The parties share the returns of the computation in this stage. The correctness of the sharing is guaranteed by verifiable secret sharing and homomorphic signature. The honest parties can reconstruct the outputs of the cheaters in the setting of an honest majority. We can't prevent the corrupted parties from learning the outputs and aborting the protocol for dishonest majority. Therefore, the sharing stage does not harm to the honest parties. Instead, we provide the honest parties with the identities of all cheaters in this case.\",\"PeriodicalId\":255083,\"journal\":{\"name\":\"2023 7th International Conference on Cryptography, Security and Privacy (CSP)\",\"volume\":\"106 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-04-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 7th International Conference on Cryptography, Security and Privacy (CSP)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSP58884.2023.00023\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 7th International Conference on Cryptography, Security and Privacy (CSP)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSP58884.2023.00023","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0
摘要
SPDZ(Damgard et al. from Crypto 2012的协议的昵称)协议中考虑的不诚实多数意味着公平的不可能性(这意味着腐败方可以阻止诚实方学习输出)。被破坏的一方可以学习到诚实方的输出,并终止协议。退而求其次,有很多研究都集中在检测作弊者上。我们构建了一个类似spz的协议,在最多$n/2$方恶意行为时实现公平,并支持对不诚实多数的可识别中止。我们建议在各方完成计算后的共享阶段。在这一阶段,各方共享计算的结果。通过可验证的秘密共享和同态签名来保证共享的正确性。诚实的各方可以在诚实多数的情况下重构作弊者的输出。我们无法阻止腐败的一方学习输出,并为不诚实的大多数人放弃协议。因此,共享阶段对诚实的当事人没有损害。相反,在这种情况下,我们向诚实的各方提供所有作弊者的身份。
Secure Multiparty Computation with Identifiable Abort and Fairness
Dishonest majority considered in the SPDZ(the nickname of the protocol of Damgard et al. from Crypto 2012) protocols implies the impossibility of fairness(which means that corrupted parties can prevent the honest parties from learning output). The corrupted parties can learn the outputs of the honest parties and abort the protocol. Settling for the second best, there are many works focusing on the detection of the cheaters. We construct a SPDZ-like protocol which achieves fairness when at most $n/2$ parties behave maliciously and supports identifiable abort for dishonest majority. We suggest a sharing stage after the parties finish their computation. The parties share the returns of the computation in this stage. The correctness of the sharing is guaranteed by verifiable secret sharing and homomorphic signature. The honest parties can reconstruct the outputs of the cheaters in the setting of an honest majority. We can't prevent the corrupted parties from learning the outputs and aborting the protocol for dishonest majority. Therefore, the sharing stage does not harm to the honest parties. Instead, we provide the honest parties with the identities of all cheaters in this case.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
