An almost-optimally fair three-party coin-flipping protocol

Iftach Haitner*, Eliad Tsfadia

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

12 Scopus citations

Abstract

In a multiparty fair coin-ipping protocol, the parties output a common (close to) unbiased bit, even when some corrupted parties try to bias the output. Cleve [in Proceedings of the 20th Annual ACM Symposium on Theory of Computing (STOC), ACM, New York, 1986, pp. 364-369] has shown that in the case of dishonest majority (i.e., at least half of the parties can be corrupted), in any m-round coin-ipping protocol the corrupted parties can bias the honest parties' common output bit by Ω(1-m). For more than two decades the best known coin-ipping protocols against dishonest majority had bias Θ ( m), where is the number of corrupted parties. This was changed by a recent breakthrough result of Moran, Naor, and Segev [in Theory of Cryptography, Lecture Notes in Comput. Sci. 5444, Springer, Berlin, 2009, pp. 1-18], who constructed an m-round, two-party coin-ipping protocol with optimal bias Θ (1-m). In a subsequent work, Beimel, Omri, and Orlov [in Proceedings of the 22nd Annual ACM Symposium on Theory of Computing (STOC), ACM, New York, 1990, pp. 503-513] extended this result to the multiparty case in which less than 2 3 of the parties can be corrupted. Still, for the case of 2 3 (or more) corrupted parties, the best known protocol had bias Θ ( m). In particular, this was the state of affairs for the natural three-party case. We take a step toward eliminating the above gap, presenting an m-round, three-party coin-ipping protocol, with bias O(log3 m) m . Our approach (which we also apply to the two-party case) does not follow the "threshold round" paradigm used in the work of Moran, Naor, and Segev and Beimel, Omri, and Orlov but rather is a variation of the majority protocol of Cleve used to obtain the aforementioned Θ ( m)-bias protocol.

Original languageEnglish
Pages (from-to)479-542
Number of pages64
JournalSIAM Journal on Computing
Volume46
Issue number2
DOIs
StatePublished - 2017

Funding

FundersFunder number
US-Israel BSF2010196
Horizon 2020 Framework Programme638121
European Research Council
Israel Science Foundation1076/11

    Keywords

    • Coin-ipping
    • Fair computation
    • Protocols

    Fingerprint

    Dive into the research topics of 'An almost-optimally fair three-party coin-flipping protocol'. Together they form a unique fingerprint.

    Cite this