Multiparty Computation for Dishonest Majority: from Passive to Active Security at Low Cost

Опубликовано 17 августа 2016, 20:36

Multiparty computation protocols have been known for more than twenty years now, but due to their lack of efficiency their use is still limited in real-world applications. In this talk we present some recent developments in the area of efficient two and multi party computation aimed to fill the gap between theory and practice. We propose a new protocol to securely evaluate reactive arithmetic circuits, that offers security against an active adversary in the universally composable security framework. Instead of the 'do-and-compile' approach (where the parties use zero-knowledge proofs to show that they are following the protocol) our key ingredient is an efficient version of the 'cut-and-choose' technique, that allow us to achieve active security for just a (small) constant amount of work more than for passive security.