Perfectly Secure Synchronous MPC with Asynchronous Fallback Guarantees Against General Adversaries

TL;DR

This paper introduces a novel secure multi-party computation protocol that adapts seamlessly between synchronous and asynchronous networks, maintaining security against different adversary structures without network-type awareness.

Contribution

It presents the first best-of-both-worlds perfectly-secure MPC protocol against general adversaries, extending previous threshold adversary results with new building blocks.

Findings

Secure against $Q^{(3)}$ and $Q^{(4)}$ adversaries

Works in both synchronous and asynchronous networks

Builds on new Byzantine agreement and verifiable secret-sharing protocols

Abstract

In this work, we study perfectly-secure multi-party computation (MPC) against general (non-threshold) adversaries. Known protocols in a synchronous network are secure against $Q^{(3)}$ adversary structures, while in an asynchronous network, known protocols are secure against $Q^{(4)}$ adversary structures. A natural question is whether there exists a single protocol which remains secure against $Q^{(3)}$ and $Q^{(4)}$ adversary structures in a synchronous and in an asynchronous network respectively, where the parties are not aware of the network type. We design the first such best-of-both-worlds protocol against general adversaries. Our result generalizes the result of Appan, Chandramouli and Choudhury (PODC 2022), which presents a best-of-both-worlds perfectly-secure protocol against threshold adversaries. To design our protocol, we present two important building blocks which are of independent interest. The first building block is a best-of-both-worlds perfectly-secure Byzantine agreement (BA) protocol for $Q^{(3)}$ adversary structures, which remains secure both in a synchronous, as well as an asynchronous network. The second building block is a best-of-both-worlds perfectly-secure verifiable secret-sharing (VSS) protocol, which remains secure against $Q^{(3)}$ and $Q^{(4)}$ adversary structures in a synchronous network and an asynchronous network respectively.