A major challenge in the study of cryptography is characterizing the necessary and sufficient assumptions required to carry out a given cryptographic task. The focus of this work is the necessity of a broadcast channel for securely computing symmetric functionalities (where all the parties receive the same output) when one third of the parties, or more, might be corrupted. Assuming all parties are connected via a peer-to-peer network, but no broadcast channel (nor a secure setup phase) is available, we prove the following characterization: 1) A symmetric $n$-party functionality can be securely computed facing $n/3\le t<n/2$ corruptions (\ie honest majority), if and only if it is \emph{$(n-2t)$-dominated}; a functionality is $k$-dominated, if \emph{any} $k$-size subset of its input variables can be set to \emph{determine} its output. 2) Assuming the existence of one-way functions, a symmetric $n$-party functionality can be securely computed facing $t\ge n/2$ corruptions (\ie no honest majority), if and only if it is $1$-dominated and can be securely computed with broadcast. It follows that, in case a third of the parties might be corrupted, broadcast is necessary for securely computing non-dominated functionalities (in which "small" subsets of the inputs cannot determine the output), including, as interesting special cases, the Boolean XOR and coin-flipping functionalities.
翻译:加密研究的一大挑战是将执行特定加密任务所需的必要和充分的假设定性为进行某种加密任务所需的必要和充分的假设。 这项工作的重点是,当三分之一的当事方或三分之一以上的当事方可能腐败时,必须有一个安全计算对称功能的广播频道( 所有各方都得到相同的输出) 。 假设所有当事方都通过同侪网络连接,但没有任何广播频道( 或安全设置阶段), 我们证明它的特性如下:1) 假设存在一线功能,可以安全地计算出美元/ 美元/ tn/2美元的对称功能, 面对美元/ 美元/ 美元/ 美元/ 诚实多数的腐败( 诚实多数的多数) ; 功能为美元- 以美元/ 美元/ 美元为主; 如果其输入变量大小的子集可以设定为\ emph{ { { { dedeterminate} 其输出。 2 假设存在一线功能, 以美元/ tn- 美元/ t 美元/ t 格式的对等特殊功能进行对称( 美元/ dismli/ dismality) 功能, 只能算算算算算算算算算算算出 的, 只有只有美元/ 美元/ calyal- col- col- colmatical- colmatical- col- colmaticalbus), 如果它只能只能算算算算算算算算算算成的, 。
相关内容
微信扫码咨询专知VIP会员