Unanswered Questions
141 questions with no upvoted or accepted answers
11
votes
0
answers
518
views
Share Conversion between Different Finite Fields
Let us have any linear secret sharing scheme (LSSS) that works on some field $Z_{p}$, where p is some prime or a power of a prime e.g., Shamir Secret Sharing, Additive secret Sharing.
The problem at ...
- 101
6
votes
0
answers
101
views
Distributed generation of random integers with prescribed sum
While reading this document I came across the following problem. Assume you have $n$ clients. The clients need to generate random integers in $\mathbb{Z}_p$, say $T_i$ for $i \in \{1, \ldots, n\}$, ...
- 6,511
5
votes
0
answers
276
views
Is an MPC protocol from ElGamal a good solution for homomorphic multiplication?
I want to compute a multiplication between many secret values and then distribute the result to everyone involved. For this, I thought about an MPC protocol built from Threshold Homomorphic Elgamal. ...
- 992
4
votes
0
answers
157
views
"Simulator Based" vs "Game Based" security proof for a two-party computation protocol
I am trying to find out how to write a security proof for a two-party computation problem.
I have read some examples to write simulators like $x_1 ∧ x_2$ problem and the example in Goldreich's book. I ...
- 24.6k
4
votes
0
answers
97
views
On the Adaptive Security of MPC Protocols
In adversarial context of MPC, the corruption behavior
refers to the assumptions about the corrupted parties’ deviation level from the protocol
specification. Three main types of corruption behaviors ...
- 95.8k
4
votes
0
answers
197
views
How to get started with Simulation and UC proofs?
I've been in my PhD program for a few months, and every time I try to understand the simulation and UC proof-paradigms I get so confused.
I feel like what I really need is an easy set of (guided) ...
- 41
4
votes
0
answers
72
views
Security proof regarding a zero-knowledge counterexample that is secure in the stand-alone model but insecure in the UC model
Background
The following zero-knowledge (ZK) counterexample is described in Canetti's work [Security and Composition of Cryptographic Protocols: A Tutorial, page 26] to show that there exists some ...
- 424
4
votes
0
answers
92
views
Are there secure MPC schemes that support uneven load balancing between the parties?
In a scenario in which some of the parties have more data / compute power / trust reputation (or other meaningful properties) than other parties - are there known methods to do secure multiparty ...
- 49.7k
4
votes
0
answers
144
views
Optimized Random-OT Security in Standard Model
I was going through the paper - " Efficient Oblivious Transfer and
Extensions for Faster Secure Computation" by Asharov et al. where the authors propose an optimized OT protocol along with a Random-OT ...
- 447
4
votes
0
answers
298
views
How can I implement decryption for NTRU homomorphic encryption scheme?
I have come across this paper On-the-fly multiparty computation via on-the-cloud Multikey from Fully Homomorphic Encryption by Lopez-Alt et al., where authors describe a NTRU-based homomorphic ...
- 32.4k
4
votes
0
answers
129
views
How about a homomorphic integer sorting in a MPC context?
I want to implement the ATV-FHE scheme as described by Adriana López-Alt, Eran Tromer, Vinod Vaikuntanathan: On-the-Fly Multiparty Computation on the Cloud via Multikey Fully Homomorphic Encryption (...
- 148k
3
votes
0
answers
93
views
Is it secure to perform distributed verification of Schnorr’s identification protocol using MPC?
Is it feasible and secure to perform distributed verification of Schnorr’s identification protocol using an MPC protocol over an elliptic group (see Dalskov et al. and Nigel P. Smart et al.), such ...
- 35
3
votes
0
answers
151
views
Dynamic Distributed Key Generation for elGamal
I am looking for a scheme for dynamic threshold public-key encryption, which includes dynamic distributed key generation.
Namely, the number of parties that participate in DKG is bounded, but unknown. ...
- 2,653
3
votes
0
answers
68
views
What is the cost of emulating ring arithmetic (say modulo $2^k$) over a prime finite field?
Several papers in, for example, the domain of Secure Multiparty Computation, are set in the context in which the computation domain is a finite field $\mathbb{F}_p$, while some more recent works (e.g. ...
- 4,072
3
votes
0
answers
226
views
Product of secrets in multi-secret sharing schemes (aka packed secret sharing schemes)
The question is related to the multi-secret sharing scheme described in the following paper:
[FY92] Matthew K. Franklin, Moti Yung:
Communication Complexity of Secure Computation (Extended Abstract). ...
