Title | Topology-Hiding Computation Beyond Semi-Honest Adversaries |
---|---|

Booktitle | Theory of Cryptography |

Volume | 11240 |

Pages | 3-35 |

Year | 2018 |

URL | Search for the paper |

DOI | 10.1007/978-3-030-03810-6_1 (link) |

Author | Rio LaVigne |

Author | Chen-Da Liu-Zhang |

Author | Ueli Maurer |

Author | Tal Moran |

Author | Marta Mularczyk |

Author | Daniel Tschudi |

Abstract | Topology-hiding communication protocols allow a set of parties, connected by an incomplete network with unknown communication graph, where each party only knows its neighbors, to construct a complete communication network such that the network topology remains hidden even from a powerful adversary who can corrupt parties. This communication network can then be used to perform arbitrary tasks, for example secure multi-party computation, in a topology-hiding manner. Previously proposed protocols could only tolerate passive corruption. This paper proposes protocols that can also tolerate fail-corruption (i.e., the adversary can crash any party at any point in time) and so-called semi-malicious corruption (i.e., the adversary can control a corrupted party’s randomness), without leaking more than an arbitrarily small fraction of a bit of information about the topology. A small-leakage protocol was recently proposed by Ball et al. [Eurocrypt’18], but only under the unrealistic set-up assumption that each party has a trusted hardware module containing secret correlated pre-set keys, and with the further two restrictions that only passively corrupted parties can be crashed by the adversary, and semi-malicious corruption is not tolerated. Since leaking a small amount of information is unavoidable, as is the need to abort the protocol in case of failures, our protocols seem to achieve the best possible goal in a model with fail-corruption.Further contributions of the paper are applications of the protocol to obtain secure MPC protocols, which requires a way to bound the aggregated leakage when multiple small-leakage protocols are executed in parallel or sequentially. Moreover, while previous protocols are based on the DDH assumption, a new so-called PKCR public-key encryption scheme based on the LWE assumption is proposed, allowing to base topology-hiding computation on LWE. Furthermore, a protocol using fully-homomorphic encryption achieving very low round complexity is proposed. |

@article{tcc-2018-29011, title={Topology-Hiding Computation Beyond Semi-Honest Adversaries}, booktitle={Theory of Cryptography}, series={Theory of Cryptography}, publisher={Springer}, volume={11240}, pages={3-35}, doi={10.1007/978-3-030-03810-6_1}, author={Rio LaVigne and Chen-Da Liu-Zhang and Ueli Maurer and Tal Moran and Marta Mularczyk and Daniel Tschudi}, year=2018 }