Multiparty computation for modulo reduction without bit-decomposition and a generalization to bit-decomposition

Abstract

Bit-decomposition, which is proposed by Damgård et al., is a powerful tool for multi-party computation (MPC). Given a sharing of secret a, it allows the parties to compute the sharings of the bits of a in constant rounds. With the help of bit-decomposition, constant-rounds protocols for various MPC problems can be constructed. However, bit-decomposition is relatively expensive, so constructing protocols for MPC problems without relying on bit-decomposition is a meaningful work. In multi-party computation, it remains an open problem whether the modulo reduction problem can be solved in constant rounds without bit-decomposition. In this paper, we propose a protocol for (public) modulo reduction without relying on bit-decomposition. This protocol achieves constant round complexity and linear communication complexity. Moreover, we show a generalized bit-decomposition protocol which can, in constant rounds, convert the sharing of secret a into the sharings of the digits of a, along with the sharings of the bits of every digit. The digits can be base-m for any m ≥ 2. © 2010 International Association for Cryptologic Research.