CryptoDB
On the Impossibility of Actively Secure Distributed Samplers
| Authors: |
|
|---|---|
| Download: | |
| Conference: | TCC 2025 |
| Abstract: | One-round secure computation is generally believed impossible due to the \emph{residual function attack}: any honest-but-curious participant can replay the protocol in their head changing their input, and learn, in this way, a new output. Inputless functionalities are among the few that are immune to this problem. This paper studies one-round, multi-party computation protocols (MPC) that implement the most natural inputless functionality: one that generates a random sample from a fixed distribution. These are called \emph{distributed samplers}. At Eurocrypt 2022, Abram, Scholl and Yakoubov showed how to build this primitive in the semi-honest model with dishonest majority. In this work, we give a lower bound for constructing distributed samplers with a malicious adversary in the standard model. More in detail, we show that for any construction in the stand-alone model with black-box simulation, even with a CRS and honest majority, the output of the sampling protocol must have low entropy. This essentially implies that this type of construction is useless in applications. Our proof is based on an entropic argument, drawing a new connection between computationally secure MPC, information theory and learning theory. |
BibTeX
@inproceedings{tcc-2025-36199,
title={On the Impossibility of Actively Secure Distributed Samplers},
publisher={Springer-Verlag},
author={Damiano Abram and Serge Fehr and Maciej Obremski and Peter Scholl},
year=2025
}