DeepAI AI Chat
Log In Sign Up

Fair Coin Flipping: Tighter Analysis and the Many-Party Case

by   Niv Buchbinder, et al.

In a multi-party fair coin-flipping protocol, the parties output a common (close to) unbiased bit, even when some adversarial parties try to bias the output. In this work we focus on the case of an arbitrary number of corrupted parties. Cleve [STOC 1986] has shown that in any such m-round coin-flipping protocol, the corrupted parties can bias the honest parties' common output bit by Θ(1/m). For more than two decades, the best known coin-flipping protocol was the one of Awerbuch et al. [Manuscript 1985], who presented a t-party, m-round protocol with bias Θ(t/√(m)). This was changed by the breakthrough result of Moran et al. [TCC 2009], who constructed an m-round, two-party coin-flipping protocol with optimal bias Θ(1/m). Haitner and Tsfadia [STOC 2014] constructed an m-round, three-party coin-flipping protocol with bias O(log^3m / m). Still for the case of more than three parties, the best known protocol remained the Θ(t/√(m))-bias protocol of Awerbuch et al. We make a step towards eliminating the above gap, presenting a t-party, m-round coin-flipping protocol, with bias O(t^4 · 2^t ·√(log m)/m^1/2+1/(2^t-1-2)) for any t≤12 loglog m. This improves upon the Θ(t/√(m))-bias protocol of Awerbuch et al., and in particular, for t∈ O(1) it is an 1/m^1/2 + Θ(1)-bias protocol. For the three-party case, it is an O(√(log m)/m)-bias protocol, improving over the O(log^3m / m)-bias protocol of Haitner and Tsfadia. Our protocol generalizes that of Haitner and Tsfadia, by presenting an appropriate recovery protocol for the remaining parties to interact in, in the case that some parties abort or are caught cheating. We prove the fairness of the new protocol by presenting a new paradigm for analyzing fairness of coin-flipping protocols.


page 1

page 2

page 3

page 4


An Almost-Optimally Fair Three-Party Coin-Flipping Protocol

In a multiparty fair coin-flipping protocol, the parties output a common...

A Tight Lower Bound on Adaptively Secure Full-Information Coin Flip

In a distributed coin-flipping protocol, Blum [ACM Transactions on Compu...

Quantum Weak Coin Flipping

We investigate weak coin flipping, a fundamental cryptographic primitive...

On the Complexity of Fair Coin Flipping

A two-party coin-flipping protocol is ϵ-fair if no efficient adversary c...

Improved Summation from Shuffling

A protocol by Ishai et al. (FOCS 2006) showing how to implement distribu...

SWIFT: Super-fast and Robust Privacy-Preserving Machine Learning

Performing ML computation on private data while maintaining data privacy...

A symmetric protocol to establish service level agreements

We present a symmetrical protocol to repeatedly negotiate a desired serv...