Characterization of Secure Multiparty Computation Without Broadcast

by   Ran Cohen, et al.

A major challenge in the study of cryptography is characterizing the necessary and sufficient assumptions required to carry out a given cryptographic task. The focus of this work is the necessity of a broadcast channel for securely computing symmetric functionalities (where all the parties receive the same output) when one third of the parties, or more, might be corrupted. Assuming all parties are connected via a peer-to-peer network, but no broadcast channel (nor a secure setup phase) is available, we prove the following characterization: 1) A symmetric n-party functionality can be securely computed facing n/3≤ t<n/2 corruptions (honest majority), if and only if it is (n-2t)-dominated; a functionality is k-dominated, if any k-size subset of its input variables can be set to determine its output. 2) Assuming the existence of one-way functions, a symmetric n-party functionality can be securely computed facing t≥ n/2 corruptions (no honest majority), if and only if it is 1-dominated and can be securely computed with broadcast. It follows that, in case a third of the parties might be corrupted, broadcast is necessary for securely computing non-dominated functionalities (in which "small" subsets of the inputs cannot determine the output), including, as interesting special cases, the Boolean XOR and coin-flipping functionalities.


page 1

page 2

page 3

page 4


Communication Lower Bounds for Cryptographic Broadcast Protocols

Broadcast protocols enable a set of n parties to agree on the input of a...

Universally Composable Simultaneous Broadcast against a Dishonest Majority and Applications

Simultaneous broadcast (SBC) protocols [Chor et al., FOCS 1985] constitu...

Constant-Round Linear-Broadcast Secure Computation with Penalties

It is known that Bitcoin enables achieving fairness in secure computatio...

Earn While You Reveal: Private Set Intersection that Rewards Participants

In Private Set Intersection protocols (PSIs), a non-empty result always ...

An Almost-Optimally Fair Three-Party Coin-Flipping Protocol

In a multiparty fair coin-flipping protocol, the parties output a common...

MPC for Tech Giants (GMPC): Enabling Gulliver and the Lilliputians to Cooperate Amicably

In this work, we introduce the Gulliver multi-party computation model (G...

Multiparty Interactive Coding over Networks of Intersecting Broadcast Links

We consider computations over networks with multiple broadcast channels ...

Please sign up or login with your details

Forgot password? Click here to reset