Unconditionally secure constant-rounds multi-party computation for equality, comparison, bits and exponentiation

Abstract

We show that if a set of players hold shares of a value a ∈ double struck F signp for some prime p (where the set of shares is written [a]p), it is possible to compute, in constant rounds and with unconditional security, sharings of the bits of a, i.e., compute sharings [a0]p, . . ., [al-1]p such that l = [log2 p], a0, . . ., al-1 ∈ {0, 1} and a = ∑i=0l-1 ai2i Our protocol is secure against active adversaries and works for any linear secret sharing scheme with a multiplication protocol. The complexity of our protocol is script O sign(l log l) invocations of the multiplication protocol for the underlying secret sharing scheme, carried out in script O sign(1) rounds. This result immediately implies solutions to other long-standing open problems such as constant-rounds and unconditionally secure protocols for deciding whether a shared number is zero, comparing shared numbers, raising a shared number to a shared exponent and reducing a shared number modulo a shared modulus. © Springer-Verlag Berlin Heidelberg 2006.