Practically Efficient Secure Small Party Computation over the Internet

Abstract

Secure Multi-party Computation (MPC) with small population has drawn focus specifically due to customization in techniques and resulting efficiency that the constructions can offer. Practically efficient constructions have been witnessed in the setting of both honest majority and dishonest majority. In this work, we investigate the efficiency of a wide range of security notions in the small party domain with 5 parties and 4 parties. Being constant-round, our protocols are best suited for real-time, high latency networks such as the Internet. All our constructions are backed with experimental results. In the setting of ve parties with honest majority, we present efficient constructions with unanimous abort (where either all honest parties obtain the output or none of them do) and fairness (where the adversary obtains its output only if all honest parties also receive it) in a minimal setting of pairwise-private channels. With the presence of an additional broadcast channel (known to be necessary), we present a construction with the strongest security of guaranteed output delivery (where any adversarial behaviour cannot prevent the honest parties from receiving the output). The broadcast communication is minimal and independent of circuit size. In terms of performance (communication and run time), our protocols incur minimal overhead over the best known selective abort protocol of Chandran et al. (ACM CCS 2016) while retaining their round complexity. Further, our protocols for fairness and unanimous abort can be extended to n-parties with at most p n corruptions, similar to Chandran et al. In the setting of four parties, surpassing the traditional honest majority model, we achieve stronger security goals in a mixed model where minority of the parties are actively corrupt and additionally some parties are passively corrupt, thus giving an overall dishonest majority. We present the first efficient constructions that tolerate a mixed adversary corrupting 1 party actively and 1 party passively and achieve the security goals of guaranteed output delivery and fairness. Our constructions adhere to the feasibility result of Hirt et al. (CRYPTO'13). Going beyond the most popular honest-majority setting of three parties with one corruption, our results demonstrate feasibility of attaining stronger security notions at an expense not too far from the least desired security of selective abort.