Trading robustness for correctness and privacy in certain multiparty computations, beyond an honest majority

Abstract

We improve on the classical results in information-theoreti- cally secure multiparty computation among a set of n participants, by considering the special case of the computation of the addition function over binary inputs in the secure channels model with a simultaneous broadcast channel. This simple function is a useful building block for other applications. The classical results in multiparty computation show that in this model, every function can be computed with information-theoretic security if and only if less than n/2 participants are corrupt. In this article we show that, under certain conditions, this bound can be overcome. More precisely, let t (p), t (r) and t (c) be the privacy, robustness and correctness thresholds; that is, the minimum number of participants that must be actively corrupted in order for privacy, robustness or correctness, respectively, to be compromised. We show a series of novel tradeoffs applicable to the multiparty computation of f(x 1,...,x n ) = x 1 + ... + x n for x i ∈ {0,1}, culminating in the most general tradeoff: t (p) + t (r) = n + 1 and t (c) + t (r) = n + 1. These tradeoffs are applicable as long as t (r)