Paper 2021/378

Multiparty Reusable Non-Interactive Secure Computation from LWE

Fabrice Benhamouda, Aayush Jain, Ilan Komargodski, and Huijia Lin

Abstract

Motivated by the goal of designing versatile and flexible secure computation protocols that at the same time require as little interaction as possible, we present new multiparty reusable Non-Interactive Secure Computation (mrNISC) protocols. This notion, recently introduced by Benhamouda and Lin (TCC 2020), is essentially two-round Multi-Party Computation (MPC) protocols where the first round of messages serves as a reusable commitment to the private inputs of participating parties. Using these commitments, any subset of parties can later compute any function of their choice on their respective inputs by just sending a single message to a stateless evaluator, conveying the result of the computation but nothing else. Importantly, the input commitments can be computed without knowing anything about other participating parties (neither their identities nor their number) and they are reusable across any number of desired computations. We give a construction of mrNISC that achieves standard simulation security, as classical multi-round MPC protocols achieve. Our construction relies on the Learning With Errors (LWE) assumption with polynomial modulus, and on the existence of a pseudorandom function (PRF) in $\mathsf{NC}^1$. We achieve semi-malicious security in the plain model and malicious security by further relying on trusted setup (which is unavoidable for mrNISC). In comparison, the only previously known constructions of mrNISC were either using bilinear maps or using strong primitives such as program obfuscation. We use our mrNISC to obtain new Multi-Key FHE (MKFHE) schemes with threshold decryption: $\bullet$ In the CRS model, we obtain threshold MKFHE for $\mathsf{NC}^1$ based on LWE with only $\textit{polynomial}$ modulus and PRFs in $\mathsf{NC}^1$, whereas all previous constructions rely on LWE with super-polynomial modulus-to-noise ratio. $\bullet$ In the plain model, we obtain threshold levelled MKFHE for $\mathsf{P}$ based on LWE with $\textit{polynomial}$ modulus, PRF in $\mathsf{NC}^1$, and NTRU, and another scheme for constant number of parties from LWE with sub-exponential modulus-to-noise ratio. The only known prior construction of threshold MKFHE (Ananth et al., TCC 2020) in the plain model restricts the set of parties who can compute together at the onset.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
A major revision of an IACR publication in EUROCRYPT 2021
Keywords
Multiparty computationnon-interactive secure computationLWE
Contact author(s)
fabrice benhamouda @ gmail com
aayushjain @ cs ucla edu
ilank @ cs huji ac il
rachel @ cs washington edu
History
2021-03-22: received
Short URL
https://ia.cr/2021/378
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2021/378,
      author = {Fabrice Benhamouda and Aayush Jain and Ilan Komargodski and Huijia Lin},
      title = {Multiparty Reusable Non-Interactive Secure Computation from LWE},
      howpublished = {Cryptology ePrint Archive, Paper 2021/378},
      year = {2021},
      note = {\url{https://eprint.iacr.org/2021/378}},
      url = {https://eprint.iacr.org/2021/378}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.