# Completeness theorems for non-cryptographic fault-tolerant distributed computation

@inproceedings{BenOr1988CompletenessTF, title={Completeness theorems for non-cryptographic fault-tolerant distributed computation}, author={Michael Ben-Or and Shafi Goldwasser and Avi Wigderson}, booktitle={Symposium on the Theory of Computing}, year={1988} }

Every function of <italic>n</italic> inputs can be efficiently computed by a complete network of <italic>n</italic> processors in such a way that:<list><item>If no faults occur, no set of size <italic>t</italic> < <italic>n</italic>/2 of players gets any additional information (other than the function value),
</item><item>Even if Byzantine faults are allowed, no set of size <italic>t</italic> < <italic>n</italic>/3 can either disrupt the computation or get additional information.
</item></list…

## 2,402 Citations

### A zero-one law for Boolean privacy

- Mathematics, Computer ScienceSTOC '89
- 1989

An interesting “zero-one” law for private distributed computation of Boolean functions is derived, which implies that for Boolean functions, the strong and the weak notions of privacy are equivalent.

### Communication complexity of secure computation (extended abstract)

- Computer ScienceSTOC '92
- 1992

This paper begins the investigation of the communication complexity of unconditionally secure multi-party computation, and its relation with various fault-tolerance models, and presents upper and lower bounds on communication, as well as tradeoffs among resources.

### Communication preserving protocols for secure function evaluation

- Computer Science, MathematicsSTOC '01
- 2001

This work proposes a new methodology for designing secure protocols, utilizing the communication complexity tree (or branching program) representation of f, and exemplifies a protocol for the Millionaires problem, which is more efficient than previously known ones in either communication or computation.

### Randomized View Reconciliation in Permissionless Distributed Systems

- Computer ScienceIEEE/ACM Transactions on Networking
- 2020

This paper proposes a novel view reconciliation protocol whose time complexity is only <inline-formula> <tex-math notation="LaTeX">$\Theta ({\ln N}/{\ln \ln N})$ </tex- maths> time complexity, and aggressively exploit randomization.

### Simple and efficient asynchronous byzantine agreement with optimal resilience

- Computer SciencePODC '09
- 2009

This work presents a new ABA protocol which achieves a huge gain in communication complexity in comparison to the ABA of [5], while keeping all other properties in place.

### (Server-Aided) Two-Party Multiplication of Encrypted Shares Using (k, n) Threshold Secret Sharing With N ≥ k Servers

- Computer ScienceIEEE Access
- 2021

Two-party computation allows two clients to jointly compute an arbitrary function of their inputs without revealing these inputs to each other by implementing a different functionality, where each share is first encrypted with a different random number before being sent to a server.

### Mutual search

- Computer Science, MathematicsSODA '98
- 1998

A search problem called “mutual search” where k agents, arbitrarily distributed over n sites, are required to locate one another by posing queries of the form “Anybody at site i?” is introduced.

### Non-cryptographic fault-tolerant computing in constant number of rounds of interaction

- Computer Science, MathematicsPODC '89
- 1989

Any function can be evaluated in a constant number of rounds, using messages of size proportional to the size of a constant-depth, unbounded-fanin circuit describing the function, and a means to simulate unbounded fanin multiplicative (or AND) gates using constant rounds is provided.

### Brief announcement: breaking the O(nm) bit barrier, secure multiparty computation with a static adversary

- Computer SciencePODC '12
- 2012

A Nash equilibrium protocol is described that solves SMPC and requires each player to send Õ(⁄<i>n</i>+<i-m</i><i-mn</i>) messages and perform â‚¬(â‚n, m) computations to compute any function <i>f</i, where <i*m> is the size of a circuit to compute <i-i>.

### Fault-tolerant computation in the full information model

- Computer Science, Mathematics[1991] Proceedings 32nd Annual Symposium of Foundations of Computer Science
- 1991

It is proved for these protocols that for most functions, the influence of any t dishonest players on the outcome of the protocol is the minimum one possible (up to polylogarithmic factors).

## References

SHOWING 1-10 OF 15 REFERENCES

### How to share a secret

- Computer Science, MathematicsCACM
- 1979

This technique enables the construction of robust key management schemes for cryptographic systems that can function securely and reliably even when misfortunes destroy half the pieces and security breaches expose all but one of the remaining pieces.

### Polynomial algorithms for multiple processor agreement

- Computer ScienceSTOC '82
- 1982

It is proved that no matter what kind of information is exchanged, there is no way to reach agreement with fewer than t+1 rounds of exchange, where t is the upper bound on the number of faults.

### Reaching Agreement in the Presence of Faults

- Computer ScienceJACM
- 1980

It is shown that the problem is solvable for, and only for, n ≥ 3m + 1, where m is the number of faulty processors and n is the total number and this weaker assumption can be approximated in practice using cryptographic methods.

### Proofs that yield nothing but their validity and a methodology of cryptographic protocol design

- Computer Science, Mathematics27th Annual Symposium on Foundations of Computer Science (sfcs 1986)
- 1986

This paper demonstrates the generality and wide applicability of zero-knowledge proofs, a notion introduced by Goldwasser, Micali and Rackoff that efficiently demonstrate membership in the language without conveying any additional knowledge.

### How to Generate and Exchange Secrets (Extended Abstract)

- Computer Science, MathematicsFOCS
- 1986

A new tool for controlling the knowledge transfer process in cryptographic protocol design is introduced and it is applied to solve a general class of problems which include most of the two-party cryptographic problems in the literature.

### How to play ANY mental game

- Computer Science, MathematicsSTOC
- 1987

We present a polynomial-time algorithm that, given as a input the description of a game with incomplete information and any number of players, produces a protocol for playing the game that leaks no…

### How to generate and exchange secrets

- Computer Science, Mathematics27th Annual Symposium on Foundations of Computer Science (sfcs 1986)
- 1986

It is shown how two parties A and B can interactively generate a random integer N = p¿q such that its secret, i.e., the prime factors, is hidden from either party individually but is recoverable jointly if desired.

### New Directions in Cryptography

- Computer Science, MathematicsIEEE Trans. Inf. Theory
- 1976

This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.

### Review of 'Error-Correcting Codes, 2nd edn.' (Peterson, W. W., and Weldon, E. J., Jr.; 1972)

- Computer ScienceIEEE Trans. Inf. Theory
- 1973