Paper 2021/1175

Adaptive Security of Multi-Party Protocols, Revisited

Martin Hirt, Chen-Da Liu-Zhang, and Ueli Maurer

Abstract

The goal of secure multi-party computation (MPC) is to allow a set of parties to perform an arbitrary computation task, where the security guarantees depend on the set of parties that are corrupted. The more parties are corrupted, the less is guaranteed, and typically the guarantees are completely lost when the number of corrupted parties exceeds a certain corruption bound. Early and also many recent protocols are only statically secure in the sense that they provide no security guarantees if the adversary is allowed to choose adaptively which parties to corrupt. Security against an adversary with such a strong capability is often called adaptive security and a significant body of literature is devoted to achieving adaptive security, which is known as a difficult problem. In particular, a main technical obstacle in this context is the so-called ``commitment problem'', where the simulator is unable to consistently explain the internal state of a party with respect to its pre-corruption outputs. As a result, protocols typically resort to the use of cryptographic primitives like non-committing encryption, incurring a substantial efficiency loss. This paper provides a new, clean-slate treatment of adaptive security in MPC, exploiting the specification concept of constructive cryptography (CC). A new natural security notion, called CC-adaptive security, is proposed, which is technically weaker than standard adaptive security but nevertheless captures security against a fully adaptive adversary. Known protocol examples separating between adaptive and static security are also insecure in our notion. Moreover, our notion avoids the commitment problem and thereby the need to use non-committing or equivocal tools. We exemplify this by showing that the protocols by Cramer, Damgard and Nielsen (EUROCRYPT'01) for the honest majority setting, and (the variant without non-committing encryption) by Canetti, Lindell, Ostrovsky and Sahai (STOC'02) for the dishonest majority setting, achieve CC-adaptive security. The latter example is of special interest since all UC-adaptive protocols in the dishonest majority setting require some form of non-committing or equivocal encryption.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
A minor revision of an IACR publication in TCC 2021
Keywords
Multi-party protocolsdefinitionscomposability
Contact author(s)
cliuzhan @ andrew cmu edu
hirt @ inf ethz ch
maurer @ inf ethz ch
History
2022-01-30: revised
2021-09-14: received
See all versions
Short URL
https://ia.cr/2021/1175
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/1175,
      author = {Martin Hirt and Chen-Da Liu-Zhang and Ueli Maurer},
      title = {Adaptive Security of Multi-Party Protocols, Revisited},
      howpublished = {Cryptology ePrint Archive, Paper 2021/1175},
      year = {2021},
      note = {\url{https://eprint.iacr.org/2021/1175}},
      url = {https://eprint.iacr.org/2021/1175}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.