# Completeness theorems for non-cryptographic fault-tolerant distributed computation

@inproceedings{BenOr1988CompletenessTF, title={Completeness theorems for non-cryptographic fault-tolerant distributed computation}, author={Michael Ben-Or and Shafi Goldwasser and Avi Wigderson}, booktitle={Symposium on the Theory of Computing}, year={1988} }

Every function of <italic>n</italic> inputs can be efficiently computed by a complete network of <italic>n</italic> processors in such a way that:<list><item>If no faults occur, no set of size <italic>t</italic> < <italic>n</italic>/2 of players gets any additional information (other than the function value),
</item><item>Even if Byzantine faults are allowed, no set of size <italic>t</italic> < <italic>n</italic>/3 can either disrupt the computation or get additional information.
</item></list…

## 2,377 Citations

### Optimal algorithms for Byzantine agreement

- Computer ScienceSTOC '88
- 1988

For both synchronous and asynchronous networks whose lines do not guarantee private communication, the authors may use cryptography to obtain algorithms optimal both in fault tolerance and running time against computationally bounded adversaries.

### A zero-one law for Boolean privacy

- Mathematics, Computer ScienceSTOC '89
- 1989

An interesting “zero-one” law for private distributed computation of Boolean functions is derived, which implies that for Boolean functions, the strong and the weak notions of privacy are equivalent.

### Communication complexity of secure computation (extended abstract)

- Computer ScienceSTOC '92
- 1992

This paper begins the investigation of the communication complexity of unconditionally secure multi-party computation, and its relation with various fault-tolerance models, and presents upper and lower bounds on communication, as well as tradeoffs among resources.

### Communication preserving protocols for secure function evaluation

- Computer Science, MathematicsSTOC '01
- 2001

This work proposes a new methodology for designing secure protocols, utilizing the communication complexity tree (or branching program) representation of f, and exemplifies a protocol for the Millionaires problem, which is more efficient than previously known ones in either communication or computation.

### Efficient private bidding and auctions with an oblivious third party

- Computer ScienceCCS '99
- 1999

A novel and efficient protocol for bargaining between two parties and secure and efficient auctions in the absence of a fully trusted auction service is described, which combines homomorphic encryption with the φ-hiding assumption and which may be of independent interest.

### Secure Distributed Matrix Computation with Discrete Fourier Transform

- Computer ScienceIEEE Transactions on Information Theory
- 2022

This work focuses on secure distributed matrix multiplication (SDMM), considering two matrices, and proposes a novel polynomial coding scheme using the properties of finite field discrete Fourier transform, which achieves an upload cost significantly lower than the existing results in the literature.

### Randomized View Reconciliation in Permissionless Distributed Systems

- Computer ScienceIEEE/ACM Transactions on Networking
- 2020

This paper proposes a novel view reconciliation protocol whose time complexity is only <inline-formula> <tex-math notation="LaTeX">$\Theta ({\ln N}/{\ln \ln N})$ </tex- maths> time complexity, and aggressively exploit randomization.

### Simple and efficient asynchronous byzantine agreement with optimal resilience

- Computer SciencePODC '09
- 2009

This work presents a new ABA protocol which achieves a huge gain in communication complexity in comparison to the ABA of [5], while keeping all other properties in place.

### (Server-Aided) Two-Party Multiplication of Encrypted Shares Using (k, n) Threshold Secret Sharing With N ≥ k Servers

- Computer ScienceIEEE Access
- 2021

Two-party computation allows two clients to jointly compute an arbitrary function of their inputs without revealing these inputs to each other by implementing a different functionality, where each share is first encrypted with a different random number before being sent to a server.

### Mutual search

- Computer Science, MathematicsSODA '98
- 1998

A search problem called “mutual search” where k agents, arbitrarily distributed over n sites, are required to locate one another by posing queries of the form “Anybody at site i?” is introduced.

## References

SHOWING 1-10 OF 15 REFERENCES

### How to share a secret

- Computer Science, MathematicsCACM
- 1979

This technique enables the construction of robust key management schemes for cryptographic systems that can function securely and reliably even when misfortunes destroy half the pieces and security breaches expose all but one of the remaining pieces.

### Polynomial algorithms for multiple processor agreement

- Computer ScienceSTOC '82
- 1982

It is proved that no matter what kind of information is exchanged, there is no way to reach agreement with fewer than t+1 rounds of exchange, where t is the upper bound on the number of faults.

### Reaching Agreement in the Presence of Faults

- Computer ScienceJACM
- 1980

It is shown that the problem is solvable for, and only for, n ≥ 3m + 1, where m is the number of faulty processors and n is the total number and this weaker assumption can be approximated in practice using cryptographic methods.

### Proofs that yield nothing but their validity and a methodology of cryptographic protocol design

- Computer Science, Mathematics27th Annual Symposium on Foundations of Computer Science (sfcs 1986)
- 1986

This paper demonstrates the generality and wide applicability of zero-knowledge proofs, a notion introduced by Goldwasser, Micali and Rackoff that efficiently demonstrate membership in the language without conveying any additional knowledge.

### How to Generate and Exchange Secrets (Extended Abstract)

- Computer Science, MathematicsFOCS
- 1986

A new tool for controlling the knowledge transfer process in cryptographic protocol design is introduced and it is applied to solve a general class of problems which include most of the two-party cryptographic problems in the literature.

### How to play ANY mental game

- Computer Science, MathematicsSTOC
- 1987

We present a polynomial-time algorithm that, given as a input the description of a game with incomplete information and any number of players, produces a protocol for playing the game that leaks no…

### How to generate and exchange secrets

- Computer Science, Mathematics27th Annual Symposium on Foundations of Computer Science (sfcs 1986)
- 1986

It is shown how two parties A and B can interactively generate a random integer N = p¿q such that its secret, i.e., the prime factors, is hidden from either party individually but is recoverable jointly if desired.

### The knowledge complexity of interactive proof-systems

- Mathematics, Computer ScienceSTOC '85
- 1985

A computational complexity theory of the “knowledge” contained in a proof is developed and examples of zero-knowledge proof systems are given for the languages of quadratic residuosity and 'quadratic nonresiduosity.

### New Directions in Cryptography

- Computer Science, MathematicsIEEE Trans. Inf. Theory
- 1976

This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.