Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content

Improved Single-Round Secure Multiplication Using Regenerating Codes

  • Conference paper
  • First Online:
Advances in Cryptology – ASIACRYPT 2021 (ASIACRYPT 2021)

Abstract

In 2016, Guruswami and Wootters showed Shamir’s secret-sharing scheme defined over an extension field has a regenerating property. Namely, we can compress each share to an element of the base field by applying a linear form, such that the secret is determined by a linear combination of the compressed shares. Immediately it seemed like an application to improve the complexity of unconditionally secure multiparty computation must be imminent; however, thus far, no result has been published.

We present the first application of regenerating codes to MPC, and show that its utility lies in reducing the number of rounds. Concretely, we present a protocol that obliviously evaluates a depth-d arithmetic circuit in \(d + O(1)\) rounds, in the amortized setting of parallel evaluations, with \(o(n^2)\) ring elements communicated per multiplication. Our protocol makes use of function-dependent preprocessing, and is secure against the maximal adversary corrupting \(t < n/2\) parties. All existing approaches in this setting have complexity \(\varOmega (n^2)\).

Moreover, we extend some of the theory on regenerating codes to Galois rings. It was already known that the repair property of MDS codes over fields can be fully characterized in terms of its dual code. We show this characterization extends to linear codes over Galois rings, and use it to show the result of Guruswami and Wootters also holds true for Shamir’s scheme over Galois rings.

Work done while Daniel Escudero was at Aarhus University.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 99.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 129.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    When Mary Wootters presented this result to the community in an invited talk of the Beyond TCS workshop affiliated to CRYPTO 2018, she posed the question to the community of what its implications to MPC are. It generated a bit of a buzz, with several members of the community working on it even during the conference, however no result has been published thus far. We remark that other applications to regenerating codes to, for example, leakage-resilience of secret-sharing schemes [3] or side-channel countermeasures have been proposed, but none of these study positive effects in MPC constructions [5].

  2. 2.

    We could try to get around this using computationally secure pseudorandom secret sharing, but this requires an exponential number of keys in n.

  3. 3.

    The communication of the king-based protocol is O(n) field elements for the maximal adversary \(n = 2t+1\). By incorporating a constant-rate RMFE we can achieve a communication of O(n) bits, which is asymptotically optimal [10].

  4. 4.

    We call a single-round protocol one that only requires one round per multiplication layer in the circuit.

  5. 5.

    We only regard 1-dimensional repair of the 0-th coordinate, since we specifically target applications to MPC. In the literature on regenerating codes, the definition typically includes all coordinates and allows for larger messages to be sent.

  6. 6.

    Also note that product sharings do not give error detection, so if we did not insist on a maximal adversary and wanted to use random double sharings, we would have to employ different techniques to get active security.

  7. 7.

    The idea of re-encoding is based on [4], but we have developed an improved encoding that allows us to decrease the number of rounds for a multiplication, and that also allows for a simpler input phase. We explain the differences between the two approaches in Sect. 5.

  8. 8.

    This is precisely what goes wrong if one uses traditional multiplication triples: The error on each honest party’s share will depend on the honest parties’ inputs, which the adversary cannot simulate.

References

  1. Abspoel, M., Cramer, R., Damgård, I., Escudero, D., Yuan, C.: Efficient information-theoretic secure multiparty computation over \(\mathbb{Z}/p^k\mathbb{Z}\) via Galois rings. In: Hofheinz, D., Rosen, A. (eds.) TCC 2019. LNCS, vol. 11891, pp. 471–501. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-36030-6_19

    Chapter  Google Scholar 

  2. Ben-Efraim, A., Nielsen, M., Omri, E.: Turbospeedz: double your online SPDZ! improving SPDZ using function dependent preprocessing. In: Deng, R.H., Gauthier-Umaña, V., Ochoa, M., Yung, M. (eds.) ACNS 2019. LNCS, vol. 11464, pp. 530–549. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-21568-2_26

    Chapter  Google Scholar 

  3. Benhamouda, F., Degwekar, A., Ishai, Y., Rabin, T.: On the local leakage resilience of linear secret sharing schemes. J. Cryptol. 34(2), 1–65 (2021)

    Article  MathSciNet  Google Scholar 

  4. Cascudo, I., Cramer, R., Xing, C., Yuan, C.: Amortized complexity of information-theoretically secure MPC revisited. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10993, pp. 395–426. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96878-0_14

    Chapter  Google Scholar 

  5. Chabanne, H., Maghrebi, H., Prouff, E.: Linear repairing codes and side-channel attacks. IACR Trans. Cryptographic Hardware Embedded Syst. 2018(1), 118–141 (2018)

    Article  Google Scholar 

  6. Choudhuri, A.R., Goel, A., Green, M., Jain, A., Kaptchuk, G.: Fluid MPC: secure multiparty computation with dynamic participants. Cryptology ePrint Archive, Report 2020/754 (2020). https://eprint.iacr.org/2020/754

  7. Cramer, R., Damgård, I., Nielsen, J.B.: Secure Multiparty Computation and Secret Sharing. Cambridge University Press, Cambridge (2015). ISBN 9781107043053. www.cambridge.org/de/academic/subjects/computer-science/cryptography-cryptology-and-coding/secure-multiparty-computation-and-secret-sharing?format=HB&isbn=9781107043053

  8. Cramer, R., Rambaud, M., Xing, C.: Asymptotically-good arithmetic secret sharing over \({Z}/(p^\ell {Z})\) with strong multiplication and its applications to efficient MPC. Cryptology ePrint Archive, Report 2019/832 (2019). https://eprint.iacr.org/2019/832

  9. Damgård, I., Nielsen, J.B.: Scalable and unconditionally secure multiparty computation. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 572–590. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74143-5_32

    Chapter  Google Scholar 

  10. Damgård, I., Larsen, K.G., Nielsen, J.B.: Communication lower bounds for statistically secure MPC, with or without preprocessing. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019. LNCS, vol. 11693, pp. 61–84. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26951-7_3

    Chapter  Google Scholar 

  11. Escudero, D., Dalskov, A.: Honest majority MPC with abort with minimal online communication. Cryptology ePrint Archive, Report 2020/1556 (2020). https://eprint.iacr.org/2020/1556

  12. Guruswami, V., Wootters, M.: Repairing Reed-Solomon codes. CoRR, abs/1509.04764 (2015). Note, we specifically refer to the version published on arXiv

    Google Scholar 

  13. Guruswami, V., Wootters, M.: Repairing Reed-Solomon codes. In: Wichs, D., Mansour, Y. (eds.) Proceedings of the 48th Annual ACM SIGACT Symposium on Theory of Computing, STOC 2016, Cambridge, MA, USA, 18–21 June 2016, pp. 216–226. ACM (2016). https://doi.org/10.1145/2897518.2897525

  14. Ishai, Y., Kushilevitz, E.: On the hardness of information-theoretic multiparty computation. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 439–455. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24676-3_26

    Chapter  Google Scholar 

  15. Quintin, G., Barbier, M., Chabot, C.: On generalized Reed-Solomon codes over commutative and noncommutative rings. IEEE Trans. Inf. Theory 59(9), 5882–5897 (2013)

    Article  MathSciNet  Google Scholar 

  16. Rashmi, K.V., Shah, N.B., Kumar, P.V.: Optimal exact-regenerating codes for distributed storage at the MSR and MBR points via a product-matrix construction. IEEE Trans. Inf. Theory 57(8), 5227–5239 (2011)

    Article  MathSciNet  Google Scholar 

  17. Rashmi, K.V., Shah, N.B., Ramchandran, K., Kumar, P.V.: Regenerating codes for errors and erasures in distributed storage. In: 2012 IEEE International Symposium on Information Theory Proceedings, pp. 1202–1206. IEEE (2012)

    Google Scholar 

  18. Tamo, I., Ye, M., Barg, A.: Optimal repair of Reed-Solomon codes: achieving the cut-set bound. In: 2017 IEEE 58th Annual Symposium on Foundations of Computer Science (FOCS), pp. 216–227. IEEE (2017)

    Google Scholar 

  19. Wan, Z.-X.: Lectures on Finite Fields and Galois Rings. World Scientific Publishing Company (2003). ISBN 978-9812385048. https://doi.org/10.1142/5350

  20. Wigderson, A., Or, M.B., Goldwasser, S.: Completeness theorems for noncryptographic fault-tolerant distributed computations. In: Proceedings of the 20th Annual Symposium on the Theory of Computing (STOC 1988), pp. 1–10 (1988)

    Google Scholar 

Download references

Acknowledgments

We thank the anonymous Asiacrypt 2021 reviewers for their valuable feedback. Chaoping Xing’s research work is partially supported by the NSFC under grant 12031011, Huawei-SJTU joint projects and the National Key Research and Development Project 2020YFA0712300. During his time in Aarhus University, Daniel Escudero was supported by the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme under grant agreement No 669255 (MPCPRO).

This paper was prepared for information purposes by the Artificial Intelligence Research group of JPMorgan Chase & Co and its affiliates (“JP Morgan”), and is not a product of the Research Department of JP Morgan. JP Morgan makes no representation and warranty whatsoever and disclaims all liability, for the completeness, accuracy or reliability of the information contained herein. This document is not intended as investment research or investment advice, or a recommendation, offer or solicitation for the purchase or sale of any security, financial instrument, financial product or service, or to be used in any way for evaluating the merits of participating in any transaction, and shall not constitute a solicitation under any jurisdiction or to any person, if such solicitation under such jurisdiction or to such person would be unlawful. 2021 JPMorgan Chase & Co. All rights reserved.

Author information

Authors and Affiliations

Authors

Corresponding authors

Correspondence to Mark Abspoel , Ronald Cramer , Ivan Damgård or Chaoping Xing .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2021 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Abspoel, M., Cramer, R., Escudero, D., Damgård, I., Xing, C. (2021). Improved Single-Round Secure Multiplication Using Regenerating Codes. In: Tibouchi, M., Wang, H. (eds) Advances in Cryptology – ASIACRYPT 2021. ASIACRYPT 2021. Lecture Notes in Computer Science(), vol 13091. Springer, Cham. https://doi.org/10.1007/978-3-030-92075-3_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-92075-3_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-92074-6

  • Online ISBN: 978-3-030-92075-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics