An Efficient Framework for Unconditionally Secure Multiparty Computation.

Threshold unconditionally secure multiparty computation (MPC) allows a set of $n$ mutually distrusting parties to securely compute an agreed function $f$ over some finite field in the presence of a computationally unbounded adversary, who can maliciously corrupt any $t$ out of the $n$ parties. Most of the known efficient MPC protocols are designed in the offline–online framework introduced in a seminal work by Beaver in CRYPTO 1991. In this framework, the parties generate shared random and private multiplication-triples during the offline phase, which are used later in the online phase for securely evaluating the multiplication gates in the circuit representing $f$ . The efficiency of the MPC protocols in this framework then relies on efficient ways of implementing the offline phase. In this paper, we propose a new and simple framework for generating shared and private random multiplication triples with unconditional security. The existing protocols approach this problem by first producing shared pairs of private and random values, followed by securely computing the shared product of each pair of values. The latter task involves a multiplication protocol for shared values that are typically communication intensive. Our framework takes a completely different approach and shuns the use of multiplication protocol. Namely, we ask the parties to verifiably share random multiplication triples and then securely extract shared random multiplication triples unknown to the adversary, from the shared triples. Realizing our framework in the asynchronous and hybrid network setting,1 we present the first ever MPC protocols with a linear (in the number of parties) communication overhead per multiplication gate in the circuit representing $f$ . These are significant improvements over the best known existing MPC protocols in the asynchronous and hybrid network setting with communication complexity $ \\mathcal {O}(n^{2})$ and $ \\mathcal {O}(n^{3})$ , respectively. Our framework when applied to the synchronous setting results in round-efficient MPC protocols.1In a hybrid network, it is assumed that the network is synchronous up to a certain “point” and asynchronous after that point onward. We assume a hybrid network with just one synchronous round in the beginning.