Cryptography Reference
In-Depth Information
iterations, and may only be partially known to individual parties. (In
a secure reactive computation such a global state may be maintained
by all parties in a “secret sharing” manner.) For further discussion,
see (67, Sec. 7.7.1).
Eciency considerations: One important eciency measure
regarding protocols is the number of communication rounds in their
execution. The results mentioned above were originally obtained using
protocols that use an unbounded number of rounds. In some cases, sub-
sequent works obtained secure constant-round protocols: for example,
in the case of multi-party computations with honest majority (cf. (15))
and in the case of two-party computations allowing abort (cf. (94)).
Other important eciency considerations include the total number of
bits sent in the execution of a protocol, and the local computation time.
The (communication and computation) complexities of the protocols
establishing the above results are related to the computational com-
plexity of the computation, but alternative relations (e.g., where the
complexities of the secure protocols are related to the (insecure) com-
munication complexity of the computation) may be possible (cf. (102)).
Theory versus practice (or general versus specific): This
primer is focused on presenting general notions and general feasibil-
ity results. Needless to say, practical solutions to specific problems
(e.g., voting (84), secure payment systems (16), and threshold crypto-
systems (60)) are typically derived by specific constructions (and not by
applying general results of the abovementioned type). Still, the (above-
mentioned) general results are of great importance to practice because
they characterize a wide class of security problems that are solvable
in principle, and provide techniques that may be useful also towards
constructing reasonable solutions to specific problems.
7.3
Construction paradigms and two simple protocols
We briefly sketch a couple of paradigms used in the construction of
secure multi-party protocols. We focus on the construction of secure
protocols for the model of computationally-bounded and non-adaptive
 
Search WWH ::




Custom Search