IACR News item: 19 October 2023
Bar Alon, Amos Beimel, Eran Omri
ePrint Report
In secure multiparty computation (MPC), the goal is to allow a set of mutually distrustful parties to compute some function of their private inputs in a way that preserves security properties, even in the face of adversarial behavior by some of the parties. However, classical security definitions do not pose any privacy restrictions on the view of honest parties. Thus, if an attacker adversarially leaks private information to honest parties, it does not count as a violation of privacy. This is arguably undesirable, and in real-life scenarios, it is hard to imagine that possible users would agree to have their private information revealed, even if only to other honest parties.
To address this issue, Alon et al. [CRYPTO 20] introduced the notion of security with friends and foes (FaF security). In essence, $(t,h)$-FaF security requires that a malicious adversary corrupting up to $t$ parties cannot help a coalition of $h$ semi-honest parties to learn anything beyond what they can learn from their inputs and outputs (combined with the input and outputs of the malicious parties). They further showed that $(t,h)$-FaF security with $n$ parties is achievable for any functionality if $2t+h
In this paper, we focus on the special, yet already challenging, case of $(1,1)$-FaF security for three-party, 2-ary (two inputs), symmetric (all parties output the same value) functionalities. We provide several positive results, a lower bound on the round complexity, and an impossibility result. In particular, we prove the following. (1) we identify a large class of three-party Boolean symmetric 2-ary functionalities that can be computed with $(1,1)$-FaF full security, and (2) We identify a large class of three-party (possibly non-Boolean) symmetric 2-ary functionalities, for which no $O(\log\kappa)$-round protocol computes them with $(1,1)$-FaF full security. This matches the round complexity of our positive results for various interesting functionalities, such as equality of strings.
To address this issue, Alon et al. [CRYPTO 20] introduced the notion of security with friends and foes (FaF security). In essence, $(t,h)$-FaF security requires that a malicious adversary corrupting up to $t$ parties cannot help a coalition of $h$ semi-honest parties to learn anything beyond what they can learn from their inputs and outputs (combined with the input and outputs of the malicious parties). They further showed that $(t,h)$-FaF security with $n$ parties is achievable for any functionality if $2t+h
In this paper, we focus on the special, yet already challenging, case of $(1,1)$-FaF security for three-party, 2-ary (two inputs), symmetric (all parties output the same value) functionalities. We provide several positive results, a lower bound on the round complexity, and an impossibility result. In particular, we prove the following. (1) we identify a large class of three-party Boolean symmetric 2-ary functionalities that can be computed with $(1,1)$-FaF full security, and (2) We identify a large class of three-party (possibly non-Boolean) symmetric 2-ary functionalities, for which no $O(\log\kappa)$-round protocol computes them with $(1,1)$-FaF full security. This matches the round complexity of our positive results for various interesting functionalities, such as equality of strings.
Additional news items may be found on the IACR news page.