[Resource Topic] 2023/704: Asymmetric Multi-Party Computation

Welcome to the resource topic for 2023/704

Title:
Asymmetric Multi-Party Computation

Authors: Vipul Goyal, Chen-Da Liu-Zhang, Rafail Ostrovsky

Abstract:

Current protocols for Multi-Party Computation (MPC) consider the setting where all parties have access to similar resources. For example, all parties have access to channels bounded by the same worst-case delay upper bound \Delta, and all channels have the same cost of communication. As a consequence, the overall protocol performance (resp. the communication cost) may be heavily affected by the slowest (resp. the most expensive) channel, even when most channels are fast (resp. cheap).

Given the state of affairs, we initiate a systematic study of ‘asymmetric’ MPC. In asymmetric MPC, the parties are divided into two categories: fast and slow parties, depending on whether they have access to high-end or low-end resources.

We investigate two different models. In the first, we consider asymmetric communication delays: Fast parties are connected via channels with small delay $\delta$ among themselves, while channels connected to (at least) one slow party have a large delay $\Delta \gg \delta$. In the second model, we consider asymmetric communication costs: Fast parties benefit from channels with cheap communication, while channels connected to a slow party have an expensive communication. 

We provide a wide range of positive and negative results exploring the trade-offs between the achievable number of tolerated corruptions $t$ and slow parties $s$, versus the round complexity and communication cost in each of the models. Among others, we achieve the following results.

In the model with asymmetric communication delays, focusing on the information-theoretic (i-t) setting:
  • An i-t asymmetric MPC protocol with security with abort as long as t+s < n and t2, in a constant number of slow rounds.
  • We show that achieving an i-t asymmetric MPC protocol for t+s = n and with number of slow rounds independent of the circuit size implies an i-t synchronous MPC protocol with round complexity independent of the circuit size, which is a major problem in the field of round-complexity of MPC.
  • We identify a new primitive, \emph{asymmetric broadcast}, that allows to consistently distribute a value among the fast parties, and at a later time the same value to slow parties. We completely characterize the feasibility of asymmetric broadcast by showing that it is possible if and only if 2t + s < n.
  • An i-t asymmetric MPC protocol with guaranteed output delivery as long as t+s < n and t2, in a number of slow rounds independent of the circuit size.

In the model with asymmetric communication cost, we achieve an asymmetric MPC protocol for security with abort for t+s<n/2, based on one-way functions (OWF). The protocol communicates a number of bits over expensive channels that is independent of the circuit size. We conjecture that assuming OWF is needed and further provide a partial result in this direction.

ePrint: https://eprint.iacr.org/2023/704

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .