Paper 2010/098

A Zero-One Law for Deterministic 2-Party Secure Computation

Hemanta K. Maji, Manoj Prabhakaran, and Mike Rosulek

Abstract

We use security in the Universal Composition framework as a means to study the ``cryptographic complexity'' of 2-party secure computation tasks (functionalities). We say that a functionality $F$ {\em reduces to} another functionality $G$ if there is a UC-secure protocol for $F$ using ideal access to $G$. This reduction is a natural and fine-grained way to compare the relative complexities of cryptographic tasks. There are two natural ``extremes'' of complexity under the reduction: the {\em trivial} functionalities, which can be reduced to any other functionality; and the {\em complete} functionalities, to which any other functionality can be reduced. In this work we show that under a natural computational assumption (the existence of a protocol for oblivious transfer secure against semi-honest adversaries), there is a {\bf zero-one law} for the cryptographic complexity of 2-party deterministic functionalities. Namely, {\em every such functionality is either trivial or complete.} No other qualitative distinctions exist among functionalities, under this computational assumption. While nearly all previous work classifying multi-party computation functionalities has been restricted to the case of secure function evaluation, our results are the first to consider completeness of arbitrary {\em reactive} functionalities, which receive input and give output repeatedly throughout several rounds of interaction. One important technical contribution in this work is to initiate the comprehensive study of the cryptographic properties of reactive functionalities. We model these functionalities as finite automata and develop an automata-theoretic methodology for classifying and studying their cryptographic properties. Consequently, we completely characterize the reactive behaviors that lead to cryptographic non-triviality. Another contribution of independent interest is to optimize the hardness assumption used by Canetti et al.\ (STOC 2002) in showing that the common random string functionality is complete (a result independently obtained by Damgård et al.\ (TCC 2010)).

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Published elsewhere. Unknown where it was published
Keywords
multi-party computationcryptographic complexityuniversal compositioncompletenessreactive functionalities
Contact author(s)
mikero @ cs umt edu
History
2010-03-01: received
Short URL
https://ia.cr/2010/098
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2010/098,
      author = {Hemanta K.  Maji and Manoj Prabhakaran and Mike Rosulek},
      title = {A Zero-One Law for Deterministic 2-Party Secure Computation},
      howpublished = {Cryptology ePrint Archive, Paper 2010/098},
      year = {2010},
      note = {\url{https://eprint.iacr.org/2010/098}},
      url = {https://eprint.iacr.org/2010/098}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.