research-article

An almost-optimally fair three-party coin-flipping protocol

Authors:

Iftach Haitner,

Eliad TsfadiaAuthors Info & Claims

STOC '14: Proceedings of the forty-sixth annual ACM symposium on Theory of computing

Pages 408 - 416

https://doi.org/10.1145/2591796.2591842

Published: 31 May 2014 Publication History

Abstract

In a multiparty fair coin-flipping protocol, the parties output a common (close to) unbiased bit, even when some corrupted parties try to bias the output. Cleve [STOC 1986] has shown that in the case of dishonest majority (i.e., at least half of the parties can be corrupted), in any m-round coin-flipping protocol, the corrupted parties can bias the honest parties' common output bit by Ω^(1/m). For more than two decades, the best known coin-flipping protocols against dishonest majority had bias [EQUATION], where ℓ is the number of corrupted parties. This was changed by a recent breakthrough result of Moran et al. [TCC 2009], who constructed an m-round, two-party coin-flipping protocol with optimal bias Θ(1/m). In a subsequent work, Beimel et al. [Crypto 2010] extended this result to the multiparty case in which less than 2/3 of the parties can be corrupted. Still for the case of 2/3 (or more) corrupted parties, the best known protocol had bias [EQUATION]. In particular, this was the state of affairs for the natural three-party case.

We make a step towards eliminating the above gap, presenting an m-round, three-party coin-flipping protocol, with bias O(log²m)/m. Our approach (which we also apply for the two-party case) does not follow the "threshold round" paradigm used in the work of Moran et al. and Beimel et al., but rather is a variation of the majority protocol of Cleve, used to obtain the aforementioned [EQUATION]-bias protocol.

Supplementary Material

MP4 File (p408-sidebyside.mp4)

Download
204.92 MB

References

[1]

D. Aharonov, A. Ta-Shma, U. Vazirani, and A. C. Yao. Quantum bit escrow. In STOC: ACM Symposium on Theory of Computing (STOC), 2000.

Digital Library

[2]

W. Aiello, Y. Ishai, and O. Reingold. Priced oblivious transfer: How to sell digital goods. In Advances in Cryptology -- EUROCRYPT 2001, 2001.

Digital Library

[3]

N. Alon and M. Naor. Coin-flipping games immune against linear-sized coalitions. SIAM Journal on Computing, pages 46--54, 1993.

Digital Library

[4]

A. Ambainis. A new protocol and lower bounds for quantum coin flipping. J. Comput. Syst. Sci., 68(2): 398--416, 2004.

Digital Library

[5]

A. Ambainis, H. Buhrman, Y. Dodis, and H. Röhrig. Multiparty quantum coin flipping. In Proceedings of the 18th Annual IEEE Conference on Computational Complexity, pages 250--259, 2004.

Digital Library

[6]

A. Beimel, E. Omri, and I. Orlov. Protocols for multiparty coin toss with dishonest majority. In Advances in Cryptology -- CRYPTO 2010, pages 538--557, 2010.

Digital Library

[7]

A. Beimel, Y. Lindell, E. Omri, and I. Orlov. 1/p-secure multiparty computation without honest majority and the best of both worlds. pages 277--296, 2011.

Digital Library

[8]

M. Ben-Or and N. Linial. Collective coin flipping. ADVCR: Advances in Computing Research, 5, 1989.

[9]

M. Ben-Or, S. Goldwasser, and A. Wigderson. Completeness theorems for non-cryptographic fault-tolerant distributed computation. In Proceedings of the 20th Annual ACM Symposium on Theory of Computing (STOC), 1988.

Digital Library

[10]

I. Berman, I. Haitner, and A. Tentes. Coin flipping of any constant bias implies one-way functions. In Proceedings of the 46th Annual ACM Symposium on Theory of Computing (STOC).

Digital Library

[11]

M. Blum. How to exchange (secret) keys. ACM Transactions on Computer Systems, 1983.

Digital Library

[12]

R. Canetti. Security and composition of multiparty cryptographic protocols. Journal of Cryptology, 13(1): 143--202, 2000.

Digital Library

[13]

R. Cleve. Limits on the security of coin flips when half the processors are faulty. In Proceedings of the 20th Annual ACM Symposium on Theory of Computing (STOC), pages 364--369, 1986.

Digital Library

[14]

R. Cleve and R. Impagliazzo. Martingales, collective coin flipping and discrete control processes. Manuscript, 1993.

[15]

D. Dachman-Soled, Y. Lindell, M. Mahmoody, and T. Malkin. On the black-box complexity of optimally fair coin tossing. In tcc11, pages 450--467, 2011.

Digital Library

[16]

S. Even, O. Goldreich, and A. Lempel. A randomized protocol for signing contracts. Communications of the ACM, 28(6):637--647, 1985.

Digital Library

[17]

U. Feige. Noncryptographic selection protocols. In Proceedings of the 40th Annual Symposium on Foundations of Computer Science (FOCS), 1999.

Digital Library

[18]

C. Gentry, C. Peikert, and V. Vaikuntanathan. Trapdoors for hard lattices and new cryptographic constructions. In Proceedings of the 40th Annual ACM Symposium on Theory of Computing (STOC), pages 197--206, 2008.

Digital Library

[19]

O. Goldreich. Foundations of Cryptography -- VOLUME 2: Basic Applications. Cambridge University Press, 2004.

Digital Library

[20]

O. Goldreich, S. Micali, and A. Wigderson. Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems. Journal of the ACM, pages 691--729, 1991. Preliminary version in FOCS'86.

Digital Library

[21]

S. D. Gordon and J. Katz. Partial fairness in secure two-party computation. pages 157--176, 2010.

Digital Library

[22]

S. D. Gordon, C. Hazay, J. Katz, and Y. Lindell. Complete fairness in secure two-party computation. pages 413--422, 2008.

Digital Library

[23]

S. D. Gordon, C. Hazay, J. Katz, and Y. Lindell. Complete fairness in secure two-party computation. Journal of the ACM, 58(6):24, 2011.

Digital Library

[24]

I. Haitner. Implementing oblivious transfer using collection of dense trapdoor permutations. In Theory of Cryptography, First Theory of Cryptography Conference, TCC 2004, pages 394--409, 2004.

[25]

I. Haitner and E. Omri. Coin Flipping with Constant Bias Implies One-Way Functions. pages 110--119, 2011.

Digital Library

[26]

I. Haitner and E. Tsfadia. An almostoptimally fair three-party coin-flipping protocol. www.cs.tau.ac.il/~iftachh/papers/3PartyCF/QuasiOptimalCF_Full.pdf, 2014. Manuscript.

[27]

I. Haitner, M. Nguyen, S. J. Ong, O. Reingold, and S. Vadhan. Statistically hiding commitments and statistical zero-knowledge arguments from any one-way function. SIAM Journal on Computing, pages 1153--1218, 2009.

Digital Library

[28]

R. Impagliazzo and M. Luby. One-way functions are essential for complexity based cryptography. In Proceedings of the 30th Annual Symposium on Foundations of Computer Science (FOCS), pages 230--235, 1989.

Digital Library

[29]

Y. Kalai. Smooth projective hashing and two-message oblivious transfer. In Advances in Cryptology -- EUROCRYPT 2005, 2005.

Digital Library

[30]

J. Katz. On achieving the "best of both worlds" in secure multiparty computation. pages 11--20, 2007.

Digital Library

[31]

H. K. Maji, M. Prabhakaran, and A. Sahai. On the Computational Complexity of Coin Flipping. In Proceedings of the 51th Annual Symposium on Foundations of Computer Science (FOCS), pages 613--622, 2010.

Digital Library

[32]

T. Moran and M. Naor. Basing cryptographic protocols on tamper-evident seals. In ICALP: Annual International Colloquium on Automata, Languages and Programming, 2005.

Digital Library

[33]

T. Moran, M. Naor, and G. Segev. An optimally fair coin toss. In Theory of Cryptography, Fifth Theory of Cryptography Conference, TCC 2009, pages 1--18, 2009.

Digital Library

[34]

M. Naor. Bit commitment using pseudorandomness. Journal of Cryptology, pages 151--158, 1991.

Digital Library

[35]

M. Naor and B. Pinkas. Efficient oblivious transfer protocols. In SODA, pages 448--457, 2001.

Digital Library

[36]

A. Russell and D. Zuckerman. Perfect information leader election in log* n + 0 (1) rounds. In Proceedings of the 39th Annual Symposium on Foundations of Computer Science (FOCS), 1999.

Digital Library

[37]

M. Saks. A robust noncryptographic protocol for collective coin flipping. SIJDM: SIAM Journal on Discrete Mathematics, 2, 1989.

Digital Library

Cited By

Thyagarajan SSoni PWu K(2024)Game-Theoretically Fair Distributed SamplingAdvances in Cryptology – CRYPTO 202410.1007/978-3-031-68397-8_7(207-239)Online publication date: 16-Aug-2024
https://doi.org/10.1007/978-3-031-68397-8_7
Raghuraman SYang Y(2023)Just How Fair is an Unreactive World?Advances in Cryptology – ASIACRYPT 202310.1007/978-981-99-8736-8_14(420-450)Online publication date: 4-Dec-2023
https://dl.acm.org/doi/10.1007/978-981-99-8736-8_14
Hsu CHarn LXia ZXu H(2022)Practical Undeniable Multiparty Drawing-Straw Protocol in Asynchronous Networks for Resource-Constrained Information SystemsSecurity and Communication Networks10.1155/2022/68414282022Online publication date: 1-Jan-2022
https://dl.acm.org/doi/10.1155/2022/6841428
Show More Cited By

Index Terms

An almost-optimally fair three-party coin-flipping protocol
1. Theory of computation

Recommendations

An Almost-Optimally Fair Three-Party Coin-Flipping Protocol

In a multiparty fair coin-flipping protocol, the parties output a common (close to) unbiased bit, even when some corrupted parties try to bias the output. Cleve [in Proceedings of the 20th Annual ACM Symposium on Theory of Computing (STOC), ACM, New York, ...
Almost-Optimally Fair Multiparty Coin-Tossing with Nearly Three-Quarters Malicious
Abstract
An $α$ -fair coin-tossing protocol allows a set of mutually distrustful parties to generate a uniform bit, such that no efficient adversary can bias the output bit by more than $α$ . Cleve (in: Proceedings of the 18th annual ACM symposium on theory of ... $(\sqrt{})$ $^{^{}}$ $\frac{}{}$ $(^{})$ $(\sqrt{})$ $(^{})$
Fair coin flipping: tighter analysis and the many-party case
SODA '17: Proceedings of the Twenty-Eighth Annual ACM-SIAM Symposium on Discrete Algorithms

In a multi-party fair coin-flipping protocol, the parties output a common (close to) unbiased bit, even when some corrupted parties try to bias the output. In this work we focus on the case of dishonest majority, ie at least half of the parties can be ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

STOC '14: Proceedings of the forty-sixth annual ACM symposium on Theory of computing

May 2014

984 pages

ISBN:9781450327107

DOI:10.1145/2591796

Program Chair:
David Shmoys
Cornell University

Copyright © 2014 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGACT: ACM Special Interest Group on Algorithms and Computation Theory

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 31 May 2014

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

United States-Israel Binational Science Foundation
Israeli Centers for Research Excellence
Israel Science Foundation
Check Point Institute for Information Security

Conference

STOC '14

Sponsor:

SIGACT

STOC '14: Symposium on Theory of Computing

May 31 - June 3, 2014

New York, New York

Acceptance Rates

STOC '14 Paper Acceptance Rate 91 of 319 submissions, 29%;

Overall Acceptance Rate 1,469 of 4,586 submissions, 32%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

17
Total Citations
View Citations
132
Total Downloads

Downloads (Last 12 months)4
Downloads (Last 6 weeks)1

Reflects downloads up to 21 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Thyagarajan SSoni PWu K(2024)Game-Theoretically Fair Distributed SamplingAdvances in Cryptology – CRYPTO 202410.1007/978-3-031-68397-8_7(207-239)Online publication date: 16-Aug-2024
https://doi.org/10.1007/978-3-031-68397-8_7
Raghuraman SYang Y(2023)Just How Fair is an Unreactive World?Advances in Cryptology – ASIACRYPT 202310.1007/978-981-99-8736-8_14(420-450)Online publication date: 4-Dec-2023
https://dl.acm.org/doi/10.1007/978-981-99-8736-8_14
Hsu CHarn LXia ZXu H(2022)Practical Undeniable Multiparty Drawing-Straw Protocol in Asynchronous Networks for Resource-Constrained Information SystemsSecurity and Communication Networks10.1155/2022/68414282022Online publication date: 1-Jan-2022
https://dl.acm.org/doi/10.1155/2022/6841428
Beimel AHaitner IMakriyannis NOmri E(2022)Tighter Bounds on MultiParty Coin Flipping via Augmented Weak Martingales and Differentially Private SamplingSIAM Journal on Computing10.1137/18M121078251:4(1126-1171)Online publication date: 1-Jan-2022
https://dl.acm.org/doi/10.1137/18M1210782
Haitner IMakriyannis NOmri E(2022)On the complexity of fair coin flippingTheoretical Computer Science10.1016/j.tcs.2022.02.010914(23-38)Online publication date: May-2022
https://doi.org/10.1016/j.tcs.2022.02.010
Komargodski IMatsuo SShi EWu K(2022)$$\log ^*$$-Round Game-Theoretically-Fair Leader ElectionAdvances in Cryptology – CRYPTO 202210.1007/978-3-031-15982-4_14(409-438)Online publication date: 12-Oct-2022
https://doi.org/10.1007/978-3-031-15982-4_14
Cohen RHaitner IOmri ERotem L(2021)From Fairness to Full Security in Multiparty ComputationJournal of Cryptology10.1007/s00145-021-09415-x35:1Online publication date: 7-Dec-2021
https://doi.org/10.1007/s00145-021-09415-x
Maji HWang M(2021)Computational Hardness of Optimal Fair Computation: Beyond MinicryptAdvances in Cryptology – CRYPTO 202110.1007/978-3-030-84245-1_2(33-63)Online publication date: 11-Aug-2021
https://doi.org/10.1007/978-3-030-84245-1_2
Dachman-Soled D(2020)Revisiting Fairness in MPC: Polynomial Number of Parties and General Adversarial StructuresTheory of Cryptography10.1007/978-3-030-64378-2_21(595-620)Online publication date: 9-Dec-2020
https://doi.org/10.1007/978-3-030-64378-2_21
Maji HWang M(2020)Black-Box Use of One-Way Functions is Useless for Optimal Fair Coin-TossingAdvances in Cryptology – CRYPTO 202010.1007/978-3-030-56880-1_21(593-617)Online publication date: 17-Aug-2020
https://dl.acm.org/doi/10.1007/978-3-030-56880-1_21
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents