Completeness theorems for non-cryptographic fault-tolerant distributed computation

@inproceedings{BenOr1988CompletenessTF,
  title={Completeness theorems for non-cryptographic fault-tolerant distributed computation},
  author={Michael Ben-Or and Shafi Goldwasser and Avi Wigderson},
  booktitle={Symposium on the Theory of Computing},
  year={1988}
}
Every function of <italic>n</italic> inputs can be efficiently computed by a complete network of <italic>n</italic> processors in such a way that:<list><item>If no faults occur, no set of size <italic>t</italic> < <italic>n</italic>/2 of players gets any additional information (other than the function value), </item><item>Even if Byzantine faults are allowed, no set of size <italic>t</italic> < <italic>n</italic>/3 can either disrupt the computation or get additional information. </item></list… 
View on ACM
dl.acm.org
2,377 Citations
Highly Influential Citations
196
Background Citations
797
Methods Citations
408
Results Citations
38

2,377 Citations

Optimal algorithms for Byzantine agreement

For both synchronous and asynchronous networks whose lines do not guarantee private communication, the authors may use cryptography to obtain algorithms optimal both in fault tolerance and running time against computationally bounded adversaries.

A zero-one law for Boolean privacy

An interesting “zero-one” law for private distributed computation of Boolean functions is derived, which implies that for Boolean functions, the strong and the weak notions of privacy are equivalent.

Communication complexity of secure computation (extended abstract)

This paper begins the investigation of the communication complexity of unconditionally secure multi-party computation, and its relation with various fault-tolerance models, and presents upper and lower bounds on communication, as well as tradeoffs among resources.

Communication preserving protocols for secure function evaluation

This work proposes a new methodology for designing secure protocols, utilizing the communication complexity tree (or branching program) representation of f, and exemplifies a protocol for the Millionaires problem, which is more efficient than previously known ones in either communication or computation.

Efficient private bidding and auctions with an oblivious third party

A novel and efficient protocol for bargaining between two parties and secure and efficient auctions in the absence of a fully trusted auction service is described, which combines homomorphic encryption with the φ-hiding assumption and which may be of independent interest.

Secure Distributed Matrix Computation with Discrete Fourier Transform

This work focuses on secure distributed matrix multiplication (SDMM), considering two matrices, and proposes a novel polynomial coding scheme using the properties of finite field discrete Fourier transform, which achieves an upload cost significantly lower than the existing results in the literature.

Randomized View Reconciliation in Permissionless Distributed Systems

This paper proposes a novel view reconciliation protocol whose time complexity is only <inline-formula> <tex-math notation="LaTeX">$\Theta ({\ln N}/{\ln \ln N})$ </tex- maths> time complexity, and aggressively exploit randomization.

Simple and efficient asynchronous byzantine agreement with optimal resilience

This work presents a new ABA protocol which achieves a huge gain in communication complexity in comparison to the ABA of [5], while keeping all other properties in place.

(Server-Aided) Two-Party Multiplication of Encrypted Shares Using (k, n) Threshold Secret Sharing With N ≥ k Servers

Two-party computation allows two clients to jointly compute an arbitrary function of their inputs without revealing these inputs to each other by implementing a different functionality, where each share is first encrypted with a different random number before being sent to a server.

Mutual search

A search problem called “mutual search” where k agents, arbitrarily distributed over n sites, are required to locate one another by posing queries of the form “Anybody at site i?” is introduced.
...

References

SHOWING 1-10 OF 15 REFERENCES

How to share a secret

  • A. Shamir
  • Computer Science, Mathematics
    CACM
  • 1979
This technique enables the construction of robust key management schemes for cryptographic systems that can function securely and reliably even when misfortunes destroy half the pieces and security breaches expose all but one of the remaining pieces.

Polynomial algorithms for multiple processor agreement

It is proved that no matter what kind of information is exchanged, there is no way to reach agreement with fewer than t+1 rounds of exchange, where t is the upper bound on the number of faults.

Reaching Agreement in the Presence of Faults

It is shown that the problem is solvable for, and only for, n ≥ 3m + 1, where m is the number of faulty processors and n is the total number and this weaker assumption can be approximated in practice using cryptographic methods.

Proofs that yield nothing but their validity and a methodology of cryptographic protocol design

This paper demonstrates the generality and wide applicability of zero-knowledge proofs, a notion introduced by Goldwasser, Micali and Rackoff that efficiently demonstrate membership in the language without conveying any additional knowledge.

How to Generate and Exchange Secrets (Extended Abstract)

  • A. Yao
  • Computer Science, Mathematics
    FOCS
  • 1986
A new tool for controlling the knowledge transfer process in cryptographic protocol design is introduced and it is applied to solve a general class of problems which include most of the two-party cryptographic problems in the literature.

How to play ANY mental game

We present a polynomial-time algorithm that, given as a input the description of a game with incomplete information and any number of players, produces a protocol for playing the game that leaks no

How to generate and exchange secrets

  • A. Yao
  • Computer Science, Mathematics
    27th Annual Symposium on Foundations of Computer Science (sfcs 1986)
  • 1986
It is shown how two parties A and B can interactively generate a random integer N = p¿q such that its secret, i.e., the prime factors, is hidden from either party individually but is recoverable jointly if desired.

The knowledge complexity of interactive proof-systems

A computational complexity theory of the “knowledge” contained in a proof is developed and examples of zero-knowledge proof systems are given for the languages of quadratic residuosity and 'quadratic nonresiduosity.

New Directions in Cryptography

This paper suggests ways to solve currently open problems in cryptography, and discusses how the theories of communication and computation are beginning to provide the tools to solve cryptographic problems of long standing.

Error-Correcting Codes