Graph coloring applied to secure computation in non-abelian groups. (English) Zbl 1278.94046
Summary: We study the natural problem of secure \(n\)-party computation (in the computationally unbounded attack model) of circuits over an arbitrary finite non-abelian group \((G,\cdot )\), which we call \(G\)-circuits. Besides its intrinsic interest, this problem is also motivating by a completeness result of Barrington, stating that such protocols can be applied for general secure computation of arbitrary functions. For flexibility, we are interested in protocols which only require black-box access to the group \(G\) (i.e. the only computations performed by players in the protocol are a group operation, a group inverse, or sampling a uniformly random group element). Our investigations focus on the passive adversarial model, where up to \(t\) of the \(n\) participating parties are corrupted.
Our results are as follows. We initiate a novel approach for the construction of black-box protocols for \(G\)-circuits based on \(k\)-of-\(k\) threshold secret-sharing schemes, which are efficiently implementable over any black-box (non-abelian) group \(G\). We reduce the problem of constructing such protocols to a combinatorial coloring problem in planar graphs. We then give three constructions for such colorings. Our first approach leads to a protocol with optimal resilience \(t<n/2\), but it requires exponential communication complexity \(O({\binom{2 t+1}{t}}^{2} \cdot N_{g})\) group elements and round complexity \(O(\binom{2 t + 1}{t} \cdot N_{g})\), for a \(G\)-circuit of size \(N _{g }\). Nonetheless, using this coloring recursively, we obtain another protocol to \(t\)-privately compute \(G\)-circuits with communication complexity \(\mathrm{Poly}(n)\cdot N_{g}\) for any \(t\in O(n ^{1 - \varepsilon })\) where \(\varepsilon \) is any positive constant. For our third protocol, there is a probability \(\delta \) (which can be made arbitrarily small) for the coloring to be flawed in term of security, in contrast to the first two techniques, where the colorings are always secure (we call this protocol probabilistic, and those earlier protocols deterministic). This third protocol achieves optimal resilience \(t<n/2\). It has communication complexity \(O(n ^{5.056}(n+\log\delta ^{ - 1})^{2}\cdot N _{g })\) and the number of rounds is \(O(n ^{2.528}\cdot (n+\log\delta ^{ - 1})\cdot N _{g })\).
Our results are as follows. We initiate a novel approach for the construction of black-box protocols for \(G\)-circuits based on \(k\)-of-\(k\) threshold secret-sharing schemes, which are efficiently implementable over any black-box (non-abelian) group \(G\). We reduce the problem of constructing such protocols to a combinatorial coloring problem in planar graphs. We then give three constructions for such colorings. Our first approach leads to a protocol with optimal resilience \(t<n/2\), but it requires exponential communication complexity \(O({\binom{2 t+1}{t}}^{2} \cdot N_{g})\) group elements and round complexity \(O(\binom{2 t + 1}{t} \cdot N_{g})\), for a \(G\)-circuit of size \(N _{g }\). Nonetheless, using this coloring recursively, we obtain another protocol to \(t\)-privately compute \(G\)-circuits with communication complexity \(\mathrm{Poly}(n)\cdot N_{g}\) for any \(t\in O(n ^{1 - \varepsilon })\) where \(\varepsilon \) is any positive constant. For our third protocol, there is a probability \(\delta \) (which can be made arbitrarily small) for the coloring to be flawed in term of security, in contrast to the first two techniques, where the colorings are always secure (we call this protocol probabilistic, and those earlier protocols deterministic). This third protocol achieves optimal resilience \(t<n/2\). It has communication complexity \(O(n ^{5.056}(n+\log\delta ^{ - 1})^{2}\cdot N _{g })\) and the number of rounds is \(O(n ^{2.528}\cdot (n+\log\delta ^{ - 1})\cdot N _{g })\).
MSC:
| 94A60 | Cryptography |
| 05C15 | Coloring of graphs and hypergraphs |
| 20F99 | Special aspects of infinite or finite groups |
| 68M12 | Network protocols |
| 68P25 | Data encryption (aspects in computer science) |
| 94A62 | Authentication, digital signatures and secret sharing |
Keywords:
multiparty computation; graph coloring; non-abelian group; black-box operations; planar graph; percolation theory; word problemReferences:
| [1] | Alon, N.; Spencer, J. H., The Probabilistic Method (2000), New York: Wiley-Interscience, New York · Zbl 0996.05001 |
| [2] | Bar-Ilan, J.; Beaver, D., Non-cryptographic fault-tolerant computing in a constant number of rounds of interaction, 8th Annual ACM Symposium on Principles of Distributed Computing, 201-209 (1989), New York: ACM, New York |
| [3] | Barrington, D. A., Bounded-width polynomial-size branching programs recognize exactly those languages in NC^1, 18th Annual ACM Symposium on Theory of Computing, 1-5 (1986), New York: ACM, New York |
| [4] | Ben-Or, M.; Goldwasser, S.; Wigderson, A., Completeness theorems for non-cryptographic fault-tolerant distributed computation, 20th Annual ACM Symposium on Theory of Computing, 1-10 (1988), New York: ACM, New York |
| [5] | Benaloh, J., Secret sharing homomorphisms: keeping shares of a secret, Advances in Cryptology: Crypto’86, 251-260 (1987), Berlin: Springer, Berlin · Zbl 0637.94013 |
| [6] | Bollobàs, B.; Riordan, O., Percolation (2006), Cambridge: Cambridge University Press, Cambridge · Zbl 1118.60001 |
| [7] | Chaum, D.; Crépeau, C.; Damgård, I., Multi-party unconditionally secure protocols, 20th Annual ACM Symposium on Theory of Computing, 11-19 (1988), New York: ACM, New York |
| [8] | Cramer, R.; Fehr, S.; Ishai, Y.; Kushilevitz, E., Efficient multi-party computation over rings, Advances in Cryptology: Eurocrypt’03, 596-613 (2003), Berlin: Springer, Berlin · Zbl 1038.94554 |
| [9] | Damgård, I.; Nielsen, J. B., Scalable and unconditionally secure multiparty computation, Advances in Cryptology—Crypto’07, 572-590 (2007), Berlin: Springer, Berlin · Zbl 1215.94041 |
| [10] | Damgård, I.; Fitzi, M.; Kiltz, E.; Nielsen, J. B.; Toft, T., Unconditionally secure constant-rounds multi-party computation for equality, comparison, bits and commitments, 3rd Theory of Cryptography Conference, 285-304 (2006), Berlin: Springer, Berlin · Zbl 1112.94026 |
| [11] | Damgård, I.; Ishai, Y.; Krøigaard, M., Perfectly secure multiparty computation and the computational overhead of cryptography, Advances in Cryptology—Eurocrypt’10, 445-465 (2010), Berlin: Springer, Berlin · Zbl 1280.94046 |
| [12] | Desmedt, Y.; Wang, Y.; Burmester, M., A complete characterization of tolerable adversary structures for secure point-to-point transmissions, 16th International Symposium on Algorithms and Computation, 277-287 (2005), Berlin: Springer, Berlin · Zbl 1173.68325 |
| [13] | Desmedt, Y.; Pieprzyk, J.; Steinfeld, R.; Wang, H., On secure multi-party computation in black-box groups, Advances in Cryptology—Crypto’07, 591-612 (2007), Berlin: Springer, Berlin · Zbl 1215.94042 |
| [14] | Diestel, R., Graph Theory (2000), Berlin: Springer, Berlin · Zbl 0957.05001 |
| [15] | Diffie, W.; Hellman, M. E., New directions in cryptography, IEEE Trans. Inf. Theory, 22, 6, 644-654 (1976) · Zbl 0435.94018 · doi:10.1109/TIT.1976.1055638 |
| [16] | El Gamal, T., A public-key cryptosystem and a signature scheme based on discrete logarithms, IEEE Trans. Inf. Theory, 31, 4, 469-472 (1985) · Zbl 0571.94014 · doi:10.1109/TIT.1985.1057074 |
| [17] | Frankel, Y.; Desmedt, Y.; Burmester, M., Non-existence of homomorphic general sharing schemes for some key spaces (extended abstract), Advances in Cryptology—Crypto’92, 549-557 (1993), Berlin: Springer, Berlin · Zbl 0809.94015 |
| [18] | Goldreich, O., Foundations of Cryptography: Basic Applications (2004), Cambridge: Cambridge University Press, Cambridge · Zbl 1068.94011 |
| [19] | Hammersley, J. M., Percolation processes: lower bounds for the critical probability, Ann. Math. Stat., 28, 3, 790-795 (1957) · Zbl 0091.13903 · doi:10.1214/aoms/1177706894 |
| [20] | Hirt, M.; Maurer, U., Complete characterization of adversaries tolerable in secure multi-party computation (extended abstract), 16th Annual ACM Symposium on Principles of Distributed Computing, 25-34 (1997), New York: ACM, New York · Zbl 1374.68070 |
| [21] | Kesten, H., Percolation Theory for Mathematicians (1982), Basel: Birkhäuser, Basel · Zbl 0522.60097 |
| [22] | Magliveras, S. S.; Stinson, D. R.; van Trung, T., New approaches to designing public key cryptosystems using one-way functions and trapdoors in finite groups, J. Cryptol., 15, 4, 285-297 (2002) · Zbl 1020.94010 · doi:10.1007/s00145-001-0018-3 |
| [23] | Myasnikov, A.; Shpilrain, V.; Ushakov, A., Group-Based Cryptography (2008), Basel: Birkhäuser, Basel · Zbl 1248.94004 |
| [24] | Paeng, S.-H.; Ha, K.-C.; Kim, J. H.; Chee, S.; Park, C., New public key cryptosystem using finite non Abelian groups, Advances in Cryptology—Crypto’01, 470-485 (2001), Berlin: Springer, Berlin · Zbl 1003.94525 |
| [25] | Rivest, R. L.; Shamir, A.; Adleman, L. M., A method for obtaining digital signatures and public key cryptosystems, Commun. ACM, 21, 2, 120-126 (1978) · Zbl 0368.94005 · doi:10.1145/359340.359342 |
| [26] | Shamir, A., How to share a secret, Commun. ACM, 22, 11, 612-613 (1979) · Zbl 0414.94021 · doi:10.1145/359168.359176 |
| [27] | Smirnov, S.; Werner, W., Critical exponents for two-dimensional percolation, Math. Res. Lett., 8, 729-744 (2001) · Zbl 1009.60087 |
| [28] | Sun, X.; Yao, A. C.-C.; Tartary, C., Graph design for secure multiparty computation over non-Abelian groups, Advances in Cryptology—Asiacrypt’08, 37-53 (2008), Berlin: Springer, Berlin · Zbl 1206.94093 |
| [29] | Wagner, N. R.; Magyarik, M. R., A public key encryption scheme based on the word problem, Advances in Cryptology—Crypto’84, 19-36 (1985), Berlin: Springer, Berlin |
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. In some cases that data have been complemented/enhanced by data from zbMATH Open. This attempts to reflect the references listed in the original paper as accurately as possible without claiming completeness or a perfect matching.
