Round-efficient secure computation in point-to-point networks

Abstract

Essentially all work studying the round complexity of secure computation assume broadcast as an atomic primitive, Protocols constructed under this assumption tend to have very poor round complexity when compiled for a point-to-point network due to the high overhead of emulating each invocation of broadcast, This problem is compounded when broadcast is used in more than one round of the original protocol due to the complexity of handling sequential composition (when using round-efficient emulation of broadcast). We argue that if the goal is to optimize round complexity in point-topoint networks, then it is preferable to design protocols -assuming a broadcast channel -minimizing the number of rounds in which broadcast is used rather than minimizing the total number of rounds. With this in mind, we present protocols for secure computation in a number of settings that use only a single round of broadcast. In all cases, we achieve optimal security threshold for adaptive adversaries, and obtain protocols whose round complexity (in a point-to-point network) improves on prior work. © International Association for Cryptology Research 2007.