Broadcast-Optimal Two Round MPC with Asynchronous Peer-to-Peer Channels

Ivan Damgård; Divya Ravi; Luisa Siniscalchi; Sophia Yakoubov

doi:10.1007/978-3-031-44469-2_5

Broadcast-Optimal Two Round MPC with Asynchronous Peer-to-Peer Channels

Ivan Damgård, Divya Ravi^*, Luisa Siniscalchi, Sophia Yakoubov

^*Corresponding author for this work

Aarhus University

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

Abstract

In this paper we continue the study of two-round broadcast-optimal MPC, where broadcast is used in one of the two rounds, but not in both. We consider the realistic scenario where the round that does not use broadcast is asynchronous. Since a first asynchronous round (even when followed by a round of broadcast) does not admit any secure computation, we introduce a new notion of asynchrony which we call (t_d,t_m)-asynchrony. In this new notion of asynchrony, an adversary can delay or drop up to td of a given party’s incoming messages; we refer to t_d as the deafness threshold. Similarly, the adversary can delay or drop up to t_m of a given party’s outgoing messages; we refer to tm as the muteness threshold.

We determine which notions of secure two-round computation are achievable when the first round is (t_d, t_m)-asynchronous, and the second round is over broadcast. Similarly, we determine which notions of secure two-round computation are achievable when the first round is over broadcast, and the second round is (fully) asynchronous. We consider the cases where a PKI is available, when only a CRS is available but private communication in the first round is possible, and the case when only a CRS is available and no private communication is possible before the parties have had a chance to exchange public keys.

Original language	English
Title of host publication	Proceedings of the 8th International Conference on Cryptology and Information Security in Latin America, LATINCRYPT 2023
Volume	14168
Publisher	Springer
Publication date	2023
Pages	87-106
ISBN (Print)	978-3-031-44468-5
ISBN (Electronic)	978-3-031-44469-2
DOIs	https://doi.org/10.1007/978-3-031-44469-2_5
Publication status	Published - 2023
Event	8th International Conference on Cryptology and Information Security in Latin America - Quito, Ecuador Duration: 3 Oct 2023 → 6 Oct 2023

Conference

Conference	8th International Conference on Cryptology and Information Security in Latin America
Country/Territory	Ecuador
City	Quito
Period	03/10/2023 → 06/10/2023

Series	Progress in Cryptology – Latincrypt 2023

Access to Document

10.1007/978-3-031-44469-2_5

OpenUrl availability

Full text

Cite this

@inproceedings{31187249391a4adfa0998c91b22ce749,

title = "Broadcast-Optimal Two Round MPC with Asynchronous Peer-to-Peer Channels",

abstract = "In this paper we continue the study of two-round broadcast-optimal MPC, where broadcast is used in one of the two rounds, but not in both. We consider the realistic scenario where the round that does not use broadcast is asynchronous. Since a first asynchronous round (even when followed by a round of broadcast) does not admit any secure computation, we introduce a new notion of asynchrony which we call (td,tm)-asynchrony. In this new notion of asynchrony, an adversary can delay or drop up to td of a given party{\textquoteright}s incoming messages; we refer to td as the deafness threshold. Similarly, the adversary can delay or drop up to tm of a given party{\textquoteright}s outgoing messages; we refer to tm as the muteness threshold.We determine which notions of secure two-round computation are achievable when the first round is (td, tm)-asynchronous, and the second round is over broadcast. Similarly, we determine which notions of secure two-round computation are achievable when the first round is over broadcast, and the second round is (fully) asynchronous. We consider the cases where a PKI is available, when only a CRS is available but private communication in the first round is possible, and the case when only a CRS is available and no private communication is possible before the parties have had a chance to exchange public keys.",

author = "Ivan Damg{\aa}rd and Divya Ravi and Luisa Siniscalchi and Sophia Yakoubov",

year = "2023",

doi = "10.1007/978-3-031-44469-2_5",

language = "English",

isbn = "978-3-031-44468-5",

volume = "14168",

series = "Progress in Cryptology – Latincrypt 2023",

pages = "87--106",

booktitle = "Proceedings of the 8th International Conference on Cryptology and Information Security in Latin America, LATINCRYPT 2023",

publisher = "Springer",

note = "8th International Conference on Cryptology and Information Security in Latin America, LATINCRYPT ; Conference date: 03-10-2023 Through 06-10-2023",

}

Damgård, I, Ravi, D, Siniscalchi, L & Yakoubov, S 2023, Broadcast-Optimal Two Round MPC with Asynchronous Peer-to-Peer Channels. in Proceedings of the 8th International Conference on Cryptology and Information Security in Latin America, LATINCRYPT 2023. vol. 14168, Springer, Progress in Cryptology – Latincrypt 2023, pp. 87-106, 8th International Conference on Cryptology and Information Security in Latin America, Quito, Ecuador, 03/10/2023. https://doi.org/10.1007/978-3-031-44469-2_5

Broadcast-Optimal Two Round MPC with Asynchronous Peer-to-Peer Channels. / Damgård, Ivan; Ravi, Divya; Siniscalchi, Luisa et al.
Proceedings of the 8th International Conference on Cryptology and Information Security in Latin America, LATINCRYPT 2023. Vol. 14168 Springer, 2023. p. 87-106 (Progress in Cryptology – Latincrypt 2023).

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

TY - GEN

T1 - Broadcast-Optimal Two Round MPC with Asynchronous Peer-to-Peer Channels

AU - Damgård, Ivan

AU - Ravi, Divya

AU - Siniscalchi, Luisa

AU - Yakoubov, Sophia

PY - 2023

Y1 - 2023

N2 - In this paper we continue the study of two-round broadcast-optimal MPC, where broadcast is used in one of the two rounds, but not in both. We consider the realistic scenario where the round that does not use broadcast is asynchronous. Since a first asynchronous round (even when followed by a round of broadcast) does not admit any secure computation, we introduce a new notion of asynchrony which we call (td,tm)-asynchrony. In this new notion of asynchrony, an adversary can delay or drop up to td of a given party’s incoming messages; we refer to td as the deafness threshold. Similarly, the adversary can delay or drop up to tm of a given party’s outgoing messages; we refer to tm as the muteness threshold.We determine which notions of secure two-round computation are achievable when the first round is (td, tm)-asynchronous, and the second round is over broadcast. Similarly, we determine which notions of secure two-round computation are achievable when the first round is over broadcast, and the second round is (fully) asynchronous. We consider the cases where a PKI is available, when only a CRS is available but private communication in the first round is possible, and the case when only a CRS is available and no private communication is possible before the parties have had a chance to exchange public keys.

AB - In this paper we continue the study of two-round broadcast-optimal MPC, where broadcast is used in one of the two rounds, but not in both. We consider the realistic scenario where the round that does not use broadcast is asynchronous. Since a first asynchronous round (even when followed by a round of broadcast) does not admit any secure computation, we introduce a new notion of asynchrony which we call (td,tm)-asynchrony. In this new notion of asynchrony, an adversary can delay or drop up to td of a given party’s incoming messages; we refer to td as the deafness threshold. Similarly, the adversary can delay or drop up to tm of a given party’s outgoing messages; we refer to tm as the muteness threshold.We determine which notions of secure two-round computation are achievable when the first round is (td, tm)-asynchronous, and the second round is over broadcast. Similarly, we determine which notions of secure two-round computation are achievable when the first round is over broadcast, and the second round is (fully) asynchronous. We consider the cases where a PKI is available, when only a CRS is available but private communication in the first round is possible, and the case when only a CRS is available and no private communication is possible before the parties have had a chance to exchange public keys.

U2 - 10.1007/978-3-031-44469-2_5

DO - 10.1007/978-3-031-44469-2_5

M3 - Article in proceedings

SN - 978-3-031-44468-5

VL - 14168

T3 - Progress in Cryptology – Latincrypt 2023

SP - 87

EP - 106

BT - Proceedings of the 8th International Conference on Cryptology and Information Security in Latin America, LATINCRYPT 2023

PB - Springer

T2 - 8th International Conference on Cryptology and Information Security in Latin America

Y2 - 3 October 2023 through 6 October 2023