Player Simulation and General Adversary Structures in Perfect Multiparty Computation

Hirt, Martin; Maurer, Ueli

doi:10.1007/s001459910003

Cited by 174 publications

(131 citation statements)

References 48 publications

Supporting

Mentioning

128

Contrasting

Unclassified

Order By: Relevance

“…After providing background results and definitions relating to secret sharing in Section 2, in Section 3 we formally define error decodable secret sharing, and describe an adversary model that allows us to simultaneously generalise both Kurosawa's notion of error decodable secret sharing, and the error correction properties of ReedSolomon codes. We give necessary and sufficient conditions on the adversary structures for a secret-sharing scheme to be error decodable in this model, analogous to conditions previously given in [7,8,11,16,19] (for example) for various related primitives.…”

Section: Introductionmentioning

confidence: 93%

See 1 more Smart Citation

Error decodable secret sharing and one-round perfectly secure message transmission for general adversary structures

2010

View full text Add to dashboard Cite

An error decodable secret-sharing scheme is a secret-sharing scheme with the additional property that the secret can be recovered from the set of all shares, even after a coalition of participants corrupts the shares they possess. In this paper we consider schemes that can tolerate corruption by sets of participants belonging to a monotone coalition structure, thus generalising both a related notion studied by Kurosawa, and the well-known error-correction properties of threshold schemes based on Reed-Solomon codes. We deduce a necessary and sufficient condition for the existence of such schemes, and we show how to reduce the storage requirements of a technique of Kurosawa for constructing error-decodable secret-sharing schemes with efficient decoding algorithms.In addition, we explore the connection between one-round perfectly secure message transmission (PSMT) schemes with general adversary structures and secret-sharing schemes, and we exploit this connection to investigate factors affecting the performance of one-round PSMT schemes such as the number of channels required, the communication overhead, and the efficiency of message recovery.

show abstract

Section: Introductionmentioning

confidence: 93%

“…Kurosawa demonstrates that a secret-sharing scheme realising an access structure Σ is error decodable precisely when the access structure satisfies a condition known as Q 3 , first defined by Hirt and Maurer in the context of secure multiparty computation [11].…”

Section: Kurosawa's Error Decodable Secret-sharing Schemesmentioning

confidence: 99%

Error decodable secret sharing and one-round perfectly secure message transmission for general adversary structures

2010

View full text Add to dashboard Cite

show abstract

“…Hirt and Maurer [42] considered a more general scenario in which there is an access structure, and the adversary can control any set of parties not in the access structure. That is, they require that any set not in the access structure cannot learn information not implied by the inputs of the parties in the set and the output of the function.…”

Section: Extensions To Other Modelsmentioning

confidence: 99%

“…That is, they require that any set not in the access structure cannot learn information not implied by the inputs of the parties in the set and the output of the function. Similarly to the requirement that 2t < n in the protocol we described above, secure computation against honest-but-curious parties is possible for general functions iff the union of every two sets not in the access structure does not cover the entire set of parties [42]. For every such access structure A, Cramer et al [28] showed that using every linear secret-sharing scheme realizing A, one can construct a protocol for computing any arithmetic circuit such that any set not in the access structure cannot learn any information; the complexity of the protocol is linear in the size of the circuit.…”

Section: Extensions To Other Modelsmentioning

confidence: 99%

Secret-Sharing Schemes: A Survey

Beimel

2011

Lecture Notes in Computer Science

468

298

View full text Add to dashboard Cite

Abstract. A secret-sharing scheme is a method by which a dealer distributes shares to parties such that only authorized subsets of parties can reconstruct the secret. Secret-sharing schemes are important tools in cryptography and they are used as a building box in many secure protocols, e.g., general protocol for multiparty computation, Byzantine agreement, threshold cryptography, access control, attribute-based encryption, and generalized oblivious transfer. In this survey, we will describe the most important constructions of secret-sharing schemes, explaining the connections between secret-sharing schemes and monotone formulae and monotone span programs. The main problem with known secret-sharing schemes is the large share size: it is exponential in the number of parties. We conjecture that this is unavoidable. We will discuss the known lower bounds on the share size. These lower bounds are fairly weak and there is a big gap between the lower and upper bounds. For linear secret-sharing schemes, which is a class of schemes based on linear algebra that contains most known schemes, super-polynomial lower bounds on the share size are known. We will describe the proofs of these lower bounds. We will also present two results connecting secret-sharing schemes for a Hamiltonian access structure to the NP vs. coNP problem and to a major open problem in cryptography -constructing oblivious-transfer protocols from one-way functions.

show abstract

“…Fault model: We model faults in the network by a fictitious centralized entity called the adversary which has unbounded computing power [9,1]. A single "snapshot" of faults in the network can be described as a set of nodes B ⊆ V \{S,R} 4 , which means that all the nodes in B are faulty.…”

Section: Model and Definitionsmentioning

confidence: 99%

Interplay between (Im)perfectness, Synchrony and Connectivity: The Case of Reliable Message Transmission

Mehta

Agrawal

Srinathan

2012

Distributed Computing and Networking

View full text Add to dashboard Cite

Abstract. We consider the distributed setting where a subset of nodes are under the control of a malicious adversary with unbounded computational power. The problem of simulating a directed reliable channel from a sender S to a receiver R in the absence of a true physical point to point channel is fundamental to the area of Distributed Computing and is popularly known as 'Unconditionally Reliable Message Transmission' (URMT). In this work, we distinguish between two variants of URMT -Monte Carlo and Las Vegas. The former allows R to output an incorrect message with negligibly small probability, whereas the latter only allows R to abort the protocol with a small probability, but never to output an incorrect message. We establish a novel hierarchy with respect to the connectivity requirements for URMT protocols to be possible over directed networks, under two extremes w.r.t. timing model: synchronous and asynchronous. We show that the minimum connectivity requirements for the existence of Las Vegas URMT protocols over synchronous networks is same as that of Monte Carlo URMT protocols over asynchronous networks -a surprising equivalence between two very different models. Furthermore, the higher connectivity requirements for Las Vegas URMT over asynchronous networks match exactly with that of zero-error (perfect) protocols over (a)synchronous networks. We also show that for the 'easier' randomized variant (ones having less minimum connectivity requirements than perfect ones) the number of critical edges are higher than that of the perfect protocols, in the worst case. Hence, establishing an interesting interplay for the case of URMT.

show abstract

Player Simulation and General Adversary Structures in Perfect Multiparty Computation

Cited by 174 publications

References 48 publications

Error decodable secret sharing and one-round perfectly secure message transmission for general adversary structures

Error decodable secret sharing and one-round perfectly secure message transmission for general adversary structures

Secret-Sharing Schemes: A Survey

Interplay between (Im)perfectness, Synchrony and Connectivity: The Case of Reliable Message Transmission

Contact Info

Product

Resources

About