Y. Ishai and E. Kushilevitz. Randomizing polynomials: A new representation with applications to round-e#cient secure computation. In Proc. 41st FOCS, pp. 294--304, 2000.  Home/Search   Document Details and Download   Summary   Related Articles   Check

.... is leaked by the output of the function is revealed (a formal de nition is given in Section 2) Since the initial results showing that mpc was feasible [34, 24, 7, 12] a number of works have focused on improving the eciency of these protocols and in particular their round complexity (e.g. [1, 6, 29, 28, 22, 30, 15]) Known results for generic mpc secure against malicious adversaries in the computational setting may be summarized as follows (results are stated for the setting when a broadcast channel is available; we discuss the setting without a broadcast channel in Section 2.1) Secure two party ....

Y. Ishai and E. Kushilevitz. Randomizing polynomials: A new representation with applications to round-ecient secure computation. In 41nd IEEE Symposium on the Foundations of Computer Science, Redondo Beach, CA, Nov. 2000. IEEE.

....any function from m bits to m bits can be represented by a polynomial over a nite eld GF (2 ) but its degree could go as high as 2 1. So one would like to focus on those functions that can be represented by low degree polynomials. This turns out to have several interesting applications [15, 8, 14, 12]. The scheme proposed in [15] is much more ecient than the conventional way of going through oblivious circuit evaluation, but its security is based on two assumptions. One assumption is the existence of a secure Oblivious Transfer protocol while the other, proposed by themselves, is the ....

Y. Ishai and E. Kushilevitz, Randomizing polynomials: a new representation with applications to round-ecient secure computaion, in: Proc. 41st Ann. IEEE Symp. Foundations of Computer Science, 2000, pp. 294-304.

....if at most t n=2 players are corrupted [RB89,Bea91b,CDD 99] 1. 2 Previous work on eciency In the past, both the round complexity and the communication complexity of secure multi party protocol were subject to many investigations: Protocols with low round complexity [BB89,BFKR90,FKN94,IK00] su er either from an unacceptably high communication complexity (even quadratic in the number of multiplication gates) or tolerate only a very small number of cheaters. First steps towards better communication complexity were taken by Franklin and Yung [FY92] and Gennaro, Rabin, and Rabin ....

Y. Ishai and E. Kushilevitz. Randomizing polynomials: A new representation with applications to round-ecient secure computation. In Proc. 41st IEEE Symposium on the Foundations of Computer Science (FOCS), Oct. 2000.

....of the works in the area, used a representation of f by an algebraic circuit. Feige et al. 14] and [26] used a representation of f as a product of matrices over a large enough field. Beaver et al. 8] used the representation of f as a low degree polynomial. A recent work by Ishai and Kushilevitz [27] introduced a representation of functions via randomizing polynomials and used it to construct round efficient secure multiparty protocols. Communication complexity and privacy The question of whether it is possible to preserve the communication complexity when constructing protocols for secure ....

Y. Ishai and E. Kushilevitz, Randomizing Polynomials: A new Representation with Applications to Round-Efficient Secure Computation, Proceedings of the IEEE Symposium on Foundations of Computer Science, 2000, pp. 294--304.

....of the works in the area, used a representation of f by an algebraic circuit. Feige et al. 10] and [16] used a representation of f as a product of matrices over a large enough field. Beaver et al. 5] used the representation of f as a low degree polynomial. A recent work by Ishai and Kushilevitz [17] introduced a representation of functions via randomizing polynomials and used it to construct round efficient secure multiparty protocols. A methodology for designing secure protocols: The underlying model in our work is the communication complexity tree (or branching program) computing f . We ....

Y. Ishai and E. Kushilevitz, Randomizing Polynomials: A new Representation with Applications to Round-Efficient Secure Computation, Proc. of the IEEE Symp. on Found. of Computer Science, 2000, pp. 294--304.

....if at most t n=2 players are corrupted [RB89,Bea91b,CDD 99] 1. 2 Previous work on eciency In the past, both the round complexity and the communication complexity of secure multiparty protocol were subject to many investigations: Protocols with low round complexity [BB89,BFKR90,FKN94,IK00] su er either from an unacceptably high communication complexity (even quadratic in the number of multiplication gates) or tolerate only a very small number of cheaters. First steps towards better communication complexity were taken by Franklin and Yung [FY92] and Gennaro, Rabin, and Rabin ....

Y. Ishai and E. Kushilevitz. Randomizing polynomials: A new representation with applications to round-ecient secure computation. In Proc. 41st IEEE Symposium on the Foundations of Computer Science (FOCS), Oct. 2000.

No context found.

Y. Ishai and E. Kushilevitz. Randomizing polynomials: A new representation with applications to round-e#cient secure computation. In Proc. 41st FOCS, pp. 294--304, 2000.

No context found.

Y. Ishai and E. Kushilevitz. Randomizing Polynomials: A New Representation with Applications to Round-Ecient Secure Computation. In Proc. of 41st FOCS, pages 294-304, 2000.

No context found.

Y. Ishai and E. Kushilevitz. Randomizing polynomials: A new representation with applications to round-e#cient secure computation. In Proc. of 41th FOCS, pp. 294-304, 2000.

....Ishai 1# and Eyal Kushilevitz 2## Princeton University, USA. yishai cs.princeton.edu. Technion, Israel. eyalk cs.technion.ac.il. Abstract. Various information theoretic constant round secure multiparty protocols are known for classes such as NC and polynomial size branching programs [1, 13, 18, 3, 19, 10]. All these protocols have a small probability of failure, or alternatively use an expected constant number of rounds, suggesting that this might be an inherent phenomenon. In the current paper we prove that this is not the case by presenting several constructions of perfect constant round ....

....of rounds, suggesting that this might be an inherent phenomenon. In the current paper we prove that this is not the case by presenting several constructions of perfect constant round protocols. Our protocols are obtained using randomizing polynomials a recently introduced representation [19], which naturally relaxes the standard polynomial representation of boolean functions. Randomizing polynomials represent a function f by a low degree mapping from its inputs and independent random inputs to a vector of outputs, whose distribution depends only on the value of f . We obtain ....

[Article contains additional citation context not shown here]

Y. Ishai and E. Kushilevitz. Randomizing Polynomials: A New Representation with Applications to Round-Efficient Secure Computation. In Proc. of FOCS '00.

....protocols appears, quite miraculously, to never lose its steam. In this work we study the round complexity of secure multiparty computation. Following the initial plausibility results in this area [32, 21, 5, 10] considerable e orts have been spent on obtaining round ecient protocols [1, 4, 3, 13, 22, 31, 2, 8, 23, 17, 26, 11, 24]. In the multiparty setting, it was recently shown in [17] that every function can be securely computed in three rounds (tolerating a constant fraction of malicious players) and that for certain nontrivial tasks two rounds suce. This Most of this work was done while the author was at AT T ....

....corrupted players before sending its own messages. This is the most commonly used model in the general secure multiparty computation literature (e.g. 21, 5, 10, 30, 28, 12] and in particular it is the standard model assumed in the context of constant round secure multiparty computation (e.g. [1, 4, 3, 2, 23, 17]) We will also address the situation in the fully synchronous setting, where the messages of each round are guaranteed to be simultaneous. As for other aspects of the model, such as perfect vs. computational security, and adaptive vs. non adaptive adversary, they can be set appropriately so as to ....

Y. Ishai and E. Kushilevitz. Randomizing polynomials: A new representation with applications to round-ecient secure computation. In Proc. 41st FOCS, 2000.

....malicious way. Since the initial plausibility results in this area [41, 26, 7, 11] much e#ort has been put into enhancing these results, and nowadays there is a wide range of literature treating issues like improving the communication complexity (e.g. 24, 25, 28] or the round complexity (e.g. [1, 5, 3, 30]) and coping with more powerful (e.g. 37, 10, 9] or more general (e.g. 27, 20, 14] adversaries. A common restriction on all these results is that the function f is always assumed to be represented by an arithmetic circuit over a finite field, and hence all computations take place in this ....

....to the lack of provable lower bounds in complexity theory, one cannot tell for sure whether this is an inherent phenomenon or just a limitation of currently known techniques. This is not clear a priori, and in fact most randomization techniques used in the context of constant round MPC (e.g. [1, 21, 3, 30]) clearly do not apply to this more general setting. from [13] with a variant of randomization technique from [3] While the main question in this context (namely, that of obtaining e#cient constant round protocols for arithmetic circuits) remains open, our techniques may still provide the best ....

[Article contains additional citation context not shown here]

Y. Ishai and E. Kushilevitz. Randomizing polynomials: A new representation with applications to round-e#cient secure computation. In Proc. of 41th FOCS, pp. 294-304, 2000.

....to complete. Consequently, substantial research effort has been invested into characterizing the round complexity of various tasks (e.g. of zero knowledge proofs, Byzantine agreement, and others) In particular, related to the current work is work on the round complexity of secure computation [1, 6, 4, 25, 32, 42, 3, 12, 33]. VSS and Secure Multicast are two useful building blocks in the design of more general secure multi party protocols. We study the exact round complexity of these two tasks, and establish provable rounds security tradeoffs for both tasks. Our upper bounds improve on previously known protocols and ....

....in the first round. Our VSS upper bounds may be applied for obtaining roundefficient secure multi party computation protocols for general functions. For instance, using our 2 round VSS protocol, constant degree polynomials can be Omega Gamma n) securely evaluated in 3 rounds. It follows from [33] that any function can be evaluated in 3 rounds with (statistical) Omega Gamma n) security, efficiently in its branching program size. Similarly, using [44, 6] one can get a similar 3 round protocol for the computational setting, where the protocol is efficient in the function s circuit size. ....

Y. Ishai and E. Kushilevitz. Randomizing polynomials: A new representation with applications to round-efficient secure computation. In Proc. 41st FOCS.

No context found.

Yuval Ishai and Eyal Kushilevitz. Randomizing polynomials: A new representation with applications to round-e#cient secure computation. pages 294--304, 2000.

No context found.

Y. Ishai and E. Kushilevitz, Randomizing polynomials: a new representation with applications to round-e#cient secure computaion. STOC 2000.

No context found.

Y. Ishai and E. Kushilevitz. Randomizing polynomials: A new representation with applications to round-ecient secure computation. In 41nd IEEE Symposium on the Foundations of Computer Science, Redondo Beach, CA, Nov. 2000. IEEE.

No context found.

Yuval Ishai and Eyal Kushilevitz. Randomizing polynomials: A new representation with applications to round-e#cient secure computation. In 41st Annual Symposium on Foundations of Computer Science (FOCS). IEEE, 2000.

No context found.

Y. Ishai and E. Kushilevitz. Randomizing polynomials: A new representation with applications to round-e#cient secure computation. In 41nd IEEE Symposium on the Foundations of Computer Science, Redondo Beach, CA, Nov. 2000. IEEE.

No context found.

Y. Ishai and E. Kushilevitz. Randomizing Polynomials: A New Representation with Applications to Round-E#cient Secure Computation. 41st IEEE Symposium on Foundations of Computer Science (FOCS), IEEE, pp. 294--304, 2000.

No context found.

Y. Ishai and E. Kushilevitz. Randomizing Polynomials: A New Representation with Applications to Round-E#cient Secure Computation. 41st IEEE Symposium on Foundations of Computer Science (FOCS), IEEE, pp. 294--304, 2000.

No context found.

Y. Ishai and E. Kushilevitz. Randomizing polynomials: A new representation with applications to round-e#cient secure computation. In 41nd IEEE Symposium on the Foundations of Computer Science, Redondo Beach, CA, Nov. 2000. IEEE.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC