Chung-Li Wang, Alibaba Inc., China

Effective multi-party computation protocols have been developed, but concerns regarding privacy and correctness persist. Classic results demonstrate that guaranteed output delivery can be achieved by assuming fairness and identifiable abort. However, if the majority is malicious, it is still challenging to design an efficient implementation that can deliver correct outputs while maintaining robustness and fairness. To address this issue, we have redesigned the secret-sharing mechanism and employed a semi-trusted third party (TTP) as the key manager to provide optimistic backup for output delivery. The verification and delivery procedures prevent the malicious parties from “stealing” the output, when there is at least one honest party. Furthermore, the TTP has no knowledge of output, so even if he is malicious and colluding, we only lose fairness. The decryption is needed only when misconduct is detected. Our scheme also enables identified abort for offline preprocessing, and the audit of the offline sub-protocols can be publicly performed, holding corrupted parties accountable before receiving private inputs. With fairness and identifiable abort, output delivery is guaranteed by excluding the cheaters.

Efficient Multi-Party Computation, Public Verifiability, Robustness, Fairness, Semi-Trusted Third Party