In symmetric secure function evaluation (SSFE), Alice has an input x, Bob has an input y, and both parties wish to securely compute f(x,y). We show several new results classifying the feasibility of securely implementing these functions in several security settings. Namely, we give new alternate characterizations of the functions that have (statistically) secure protocols against passive and active (standalone), computationally unbounded adversaries. We also show a strict, infinite hierarchy of complexity for SSFE functions with respect to universally composable security against unbounded adversaries. That is, there exists a sequence of functions f 1, f 2, ⋯ such that there exists a UC-secure protocol for f i in the f j -hybrid world if and only if ij. The main new technical tool that unifies our unrealizability results is a powerful protocol simulation theorem, which may be of independent interest. Essentially, in any adversarial setting (UC, standalone, or passive), f is securely realizable if and only if a very simple (deterministic) "canonical" protocol for f achieves the desired security. Thus, to show that f is unrealizable, one need simply demonstrate a single attack on a single simple protocol. © 2009 Springer Berlin Heidelberg.
CITATION STYLE
Maji, H. K., Prabhakaran, M., & Rosulek, M. (2009). Complexity of multi-party computation problems: The case of 2-party symmetric secure function evaluation. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5444 LNCS, pp. 256–273). https://doi.org/10.1007/978-3-642-00457-5_16
Mendeley helps you to discover research relevant for your work.