Commodity-Based 2PC for Arithmetic Circuits

Research output: Contribution to book/anthology/report/proceedingArticle in proceedingsResearchpeer-review

We revisit the framework of Commodity-based Cryptography presented by Beaver (STOC’97) with a focus on updating the framework to fit with modern multiparty computation (MPC) protocols. We study the possibility of replacing the well-known preprocessing model with a commodity-based setting, where a set of independent servers (some of which may be corrupt) provide clients with correlated randomness. From this, the clients then distill correct and secure correlated randomness that they can use during the online phase of the MPC protocol. Beaver showed how to do OT with semi-honest security in the commodity setting. We improve on Beaver’s result as follows: In a model where one of two clients and a constant fraction of the servers may be maliciously corrupted, we obtain unconditionally secure multiplication triples and oblivious linear evaluations (OLEs) such that the amortized communication cost of one triple/OLE is a constant number of field elements (when the field is sufficiently large). We also report on results from an implementation of the OLE protocol. Finally, we suggest an approach to practical realization of a commodity based system where servers need no memory and can be accessed asynchronously by clients, but still a maliciously corrupt client cannot get data he should not have access to.

Original languageEnglish
Title of host publicationCryptography and Coding - 17th IMA International Conference, IMACC 2019, Proceedings
EditorsMartin Albrecht
Number of pages24
Publication year2019
ISBN (print)9783030351984
Publication statusPublished - 2019
Event17th IMA International Conference on Cryptography and Coding, IMACC 2019 - Oxford, United Kingdom
Duration: 16 Dec 201918 Dec 2019


Conference17th IMA International Conference on Cryptography and Coding, IMACC 2019
LandUnited Kingdom
SeriesLecture Notes in Computer Science

    Research areas

  • Commodity-based cryptography, Information theoretic security, Oblivious linear evaluation, Secure two-party computation

See relations at Aarhus University Citationformats

ID: 175972537