About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Publication
PODC 1994
Conference paper
Asynchronous secure computations with optimal resilience
Abstract
We investigate the problem of multiparty computations in a fully connected, asynchronous network of n players, in which up to t Byzantine faults may occur. It was shown in [BCG93] that secure error-less multiparty computation is possible in this setting if and only if t < n/A. We show that when exponentially small probability of error is allowed, this task can be achieved even when the number of faults is in the range n/4 ≤ t < n/3. From the lower bounds of [BCG93] for the asynchronous fail-stop model it follows that the resilience, t < n/3, of our protocol is optimal. We describe an ([n/3] - 1)-resilient protocol that securely computes any function F. With overwhelming probability all the non-faulty players complete the execution of the protocol. Given that all the honest players terminate the protocol, they do so in time polynomial in n, in the boolean complexity of F, and in [log 1/e], where e is the error probability. Our protocol follows the scheme of [BGW88, RB89] for multiparty computations in synchronous networks, in which the intermediary results of a circuit for F are always kept shared among the players as a verifiable secret. As the asynchronous network makes it impossible to use a regular Verifiable Secret Sharing scheme for computations, we introduce a new secret sharing scheme called Ultimate Secret Sharing. This scheme guarantees that all the honest players will obtain their share of the secret, and it enables the players to verify that the shares are genuine.