Replying to Avatar nick

# Secure Multi-Party Computation

[excerpt from https://eprint.iacr.org/2002/040.pdf]

"Consider an ideal world in which an external trusted party

is willing to help the parties carry out their computation. An ideal computation takes place in this ideal world by having the parties simply send their inputs to the trusted party, who then computes the desired function and passes each party its prescribed output.

Notice that all of the following security properties (and more) are ensured in such an ideal computation:

- Privacy: No party should learn anything more than its prescribed output. That is, the only information that should be learned about other parties’ inputs is what can be derived from the output itself.

- Correctness: Each party is guaranteed that the output that it receives is correct.

- Independence of Inputs: The corrupted parties must choose their inputs independently of the honest parties’ inputs.

- Guaranteed output delivery: Corrupted parties should not be able to prevent honest parties from receiving their output. In other words, the adversary should not be able to carry out a denial of service attack.

- Fairness: Corrupted parties should receive their output if and only if honest parties do.

The security of a real protocol is established by comparing the outcome of the protocol to the outcome of an ideal computation. Specifically, a real protocol that is run by the parties (in a world where no trusted party exists) is said to be secure, if an adversary controlling a coalition of corrupted parties can do no more harm in a real execution that in the above ideal execution.

Since the adversary is unable to cause any harm in an ideal execution, this means that security is also guaranteed in a real protocol execution.

We remark that the above informal description is “overly ideal” in the following sense. It is a known fact that unless an honest majority is assumed, it is impossible to obtain generic protocols for secure multi-party computation that guarantee output delivery and fairness"

From Secure Multi-Party Computation Without Agreement, Goldwasser & Lindell

Avatar
Gigi 1y ago

cc nostr:npub1aljazgxlpnpfp7n5sunlk3dvfp72456x6nezjw4sd850q879rxqsthg9jp #SovEng

Reply to this note

Please Login to reply.

Discussion

No replies yet.