On secure multi-party computation in black-box groups

Abstract

We study the natural problem of secure n-party computation (in the passive, computationally unbounded attack model) of the n-product function f G(x1,...,xn) = x1 · x 2 ⋯ xn in an arbitrary finite group (G, ·), where the input of party Pi is xi ∈ G for i = 1,...,n. For flexibility, we are interested in protocols for fG which require only black-box access to the group G (i.e. the only computations performed by players in the protocol are a group operation, a group inverse, or sampling a uniformly random group element). Our results are as follows. First, on the negative side, we show that if (G, ·) is non-abelian and n ≥ 4, then no [n/2]-private protocol for computing fG exists. Second, on the positive side, we initiate an approach for construction of black-box protocols for fG based on k-of-k threshold secret sharing schemes, which are efficiently implementable over any black-box group G. We reduce the problem of constructing such protocols to a combinatorial colouring problem in planar graphs. We then give two constructions for such graph colourings. Our first colouring construction gives a protocol with optimal collusion resistance t