Secure Two-Party Computation with Fairness - A Necessary Design Principle

@article{Lindell2017SecureTC,
  title={Secure Two-Party Computation with Fairness - A Necessary Design Principle},
  author={Yehuda Lindell and Tal Rabin},
  journal={IACR Cryptol. ePrint Arch.},
  year={2017},
  volume={2017},
  pages={952}
}
Protocols for secure two-party computation enable a pair of mutually distrustful parties to carry out a joint computation of their private inputs without revealing anything but the output. One important security property that has been considered is that of fairness which guarantees that if one party learns the output then so does the other. In the case of two-party computation, fairness is not always possible, and in particular two parties cannot fairly toss a coin (Cleve, 1986). Despite this… 
Revisiting Fairness in MPC: Polynomial Number of Parties and General Adversarial Structures
TLDR
Fairness in secure multiparty computation when the number of parties n = poly(λ) grows polynomially in the security parameter, λ is investigated.
From Fairness to Full Security in Multiparty Computation
In the setting of secure multiparty computation (MPC), a set of mutually distrusting parties wish to jointly compute a function in a correct and private manner. An MPC protocol is called fully secure
On Fully Secure MPC with Solitary Output
We study the possibility of achieving full security, with guaranteed output delivery, for secure multiparty computation of functionalities where only one party receives output, to which we refer as
On the Structure of Unconditional UC Hybrid Protocols
TLDR
Light is shed on the power of an incomplete g in the presence of a trusted setup by showing a characterization of \(f \sqsubseteq g\) for incomplete g.
SECURELY COMPUTING PIECEWISE CONSTANT CODES
TLDR
This work shows that many piecewise constant codes admit exact coverings by polynomial-cardinality collections of hyperplanes, and proves that any boolean function whose “on-set” has been covered in just this manner can be evaluated by two parties with malicious security.
SECURELY COMPUTING PIECEWISE CONSTANT CODES new algebraic complexity classes for boolean functions, and applications
TLDR
This work shows that many piecewise constant codes admit exact coverings by polynomial-cardinality collections of hyperplanes, and proves that any boolean function whose “on-set” has been covered in just this manner can be evaluated by two parties with malicious security.

References

SHOWING 1-10 OF 29 REFERENCES
Complete Fairness in Secure Two-Party Computation
TLDR
This paper shows feasibility of obtaining complete fairness when computing any function over polynomial-size domains that does not contain an “embedded XOR” and proves a lower bound showing that any completely fair protocol for such functions must have round complexity super-logarithmic in the security parameter.
Complete Characterization of Fairness in Secure Two-Party Computation of Boolean Functions
TLDR
In a surprising result, Gordon et al. (JACM 2011) showed that some interesting functions can be computed with fairness in the two-party setting, and re-opened the question of understanding which Boolean functions can been computed with fairness, and which cannot.
Towards Characterizing Complete Fairness in Secure Two-Party Computation
  • Gilad Asharov
  • Computer Science, Mathematics
    IACR Cryptol. ePrint Arch.
  • 2014
TLDR
It is shown that there exist some non-trivial (deterministic, finite-domain) boolean functions that can be computed fairly in the two party setting, and this raises the fundamental question of characterizing complete fairness in secure two-party computation.
On the Limitations of Universally Composable Two-Party Computation Without Set-Up Assumptions
TLDR
The feasibility of universally composable two-party function evaluation in the plain model is studied and it is shown that in this setting, very few functions can be securely computed in the framework of universal composability.
Universally Composable Commitments
We propose a new security measure for commitment protocols, called Universally Composable (UC) Commitment. The measure guarantees that commitment protocols behave like an "ideal commitment service,"
Simple and fast optimistic protocols for fair electronic exchange
TLDR
Fair exchanges that are optimistic are reviewed, that is, relying on a trusted party that does not participate at all in an honest execution and yet guarantees the fairness of all executions.
A Full Characterization of Functions that Imply Fair Coin Tossing and Ramifications to Fairness
TLDR
This paper focuses on the class of deterministic Boolean functions with finite domain, and asks which functions in this class is it possible to information-theoretically toss an unbiased coin, given a protocol for securely computing the function with fairness.
Foundations of Secure Interactive Computing
TLDR
Relative resilience provides modular proof techniques that other approaches lack: one may compare a sequence of protocols ranging from the real-world protocol to the ideal protocol, proving the relative resilience of each successive protocol with greater clarity and less complexity.
Complete Fairness in Multi-Party Computation Without an Honest Majority
TLDR
This work demonstrates the first completely-fair protocols for non-trivial functions in this setting and provides evidence that achieving fairness is "harder" in the multi-party setting, at least with regard to round complexity.
Verifiable secret sharing and multiparty protocols with honest majority
TLDR
A verifiable secret sharing protocol is presented, and it is shown that any multiparty protocol, or game with incomplete information, can be achieved if a majority of the players are honest.
...
...