TY - GEN
T1 - Asynchronous secure computation
AU - Ben-Or, Michael
AU - Canetti, Ran
AU - Goldreich, Oded
N1 - Publisher Copyright:
© 1993 ACM.
PY - 1993/6/1
Y1 - 1993/6/1
N2 - We initiate a study of security in asynchronous networks. We consider a completely asynchronous network where every two parties are connected via a private channel, and some of the parties may be faulty. We start by defining secure computation in this model. Our definition adapts the underlying principles of defining security (i.e., comparing the computation to a computation in the presence of a trusted party) to the asynchronous model. In particular, our definition takes into account the fact that the computation must be completed even if we never hear from the faulty parties. Next, we show that whatever can be securely computed in an asynchronous network in the presence of a trusted party, can be securely computed in a network in which no such trusted party exists. We distinguish two types of faults. In case of Fail-Stop faults, our construction is valid as long as the faulty parties constitute less than a third of the parties in the network. In case of general (i.e., Byzantine) faults, our construction requires that the faulty parties are less than a fourth fraction. In both cases, the resilience of our construction is optimal. Our construction generalizes known synchronous constructions by Ben-Or, Goldwasser and Wigderson. In addition, we introduce and implement several new asynchronous primitives. Among these, we note an errorless asynchronous verifiable secret sharing scheme, an asynchronous agreement on a large set that is contained in the dynamical y growing inputs of all non-faulty parties, and an on-line error-correcting procedure.
AB - We initiate a study of security in asynchronous networks. We consider a completely asynchronous network where every two parties are connected via a private channel, and some of the parties may be faulty. We start by defining secure computation in this model. Our definition adapts the underlying principles of defining security (i.e., comparing the computation to a computation in the presence of a trusted party) to the asynchronous model. In particular, our definition takes into account the fact that the computation must be completed even if we never hear from the faulty parties. Next, we show that whatever can be securely computed in an asynchronous network in the presence of a trusted party, can be securely computed in a network in which no such trusted party exists. We distinguish two types of faults. In case of Fail-Stop faults, our construction is valid as long as the faulty parties constitute less than a third of the parties in the network. In case of general (i.e., Byzantine) faults, our construction requires that the faulty parties are less than a fourth fraction. In both cases, the resilience of our construction is optimal. Our construction generalizes known synchronous constructions by Ben-Or, Goldwasser and Wigderson. In addition, we introduce and implement several new asynchronous primitives. Among these, we note an errorless asynchronous verifiable secret sharing scheme, an asynchronous agreement on a large set that is contained in the dynamical y growing inputs of all non-faulty parties, and an on-line error-correcting procedure.
UR - http://www.scopus.com/inward/record.url?scp=0027188428&partnerID=8YFLogxK
U2 - 10.1145/167088.167109
DO - 10.1145/167088.167109
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:0027188428
T3 - Proceedings of the Annual ACM Symposium on Theory of Computing
SP - 52
EP - 61
BT - Proceedings of the 25th Annual ACM Symposium on Theory of Computing, STOC 1993
PB - Association for Computing Machinery
T2 - 25th Annual ACM Symposium on Theory of Computing, STOC 1993
Y2 - 16 May 1993 through 18 May 1993
ER -