Private Simultaneous Messages Based on Quadratic Residues

TL;DR

This paper introduces a more efficient private simultaneous messages protocol based on quadratic residues, achieving lower communication complexity for computing any symmetric function securely.

Contribution

The paper generalizes previous PSM protocols to quadratic residuosity and presents the most efficient protocol with $O(n^2)$ complexity, improving prior results.

Findings

Achieves $O(n^2)$ communication complexity for symmetric functions

Improves finite field prime size bounds for QR-PSM protocols

Provides the most efficient known PSM protocol based on quadratic residues

Abstract

Private Simultaneous Messages (PSM) model is a minimal model for secure multiparty computation. Feige, Kilian, and Naor (STOC 1994) and Ishai (Cryptology and Information Security Series 2013) constructed PSM protocols based on quadratic residues. In this paper, we define QR-PSM protocols as a generalization of these protocols. A QR-PSM protocol is a PSM protocol whose decoding function outputs the quadratic residuosity of what is computed from messages. We design a QR-PSM protocol for any symmetric function $f: \{0,1\}^n \rightarrow \{0,1\}$ of communication complexity $O(n^2)$. As far as we know, it is the most efficient PSM protocol since the previously known best PSM protocol was of $O(n^2\log n)$ (Beimel et al., CRYPTO 2014). We also study the sizes of the underlying finite fields $\mathbb{F}_p$ in the protocols since the communication complexity of a QR-PSM protocol is proportional to the bit length of the prime $p$. In particular, we show that the $N$-th Peralta prime $P_N$, which is used for general QR-PSM protocols, can be taken as at most $(1+o(1))N^2 2^{2N-2}$, which improves the Peralta's known result (Mathematics of Computation 1992) by a constant factor $(1+\sqrt{2})^2$.