TY - GEN
T1 - Almost-optimally fair multiparty coin-tossing with nearly three-quarters malicious
AU - Alon, Bar
AU - Omri, Eran
N1 - Publisher Copyright:
© International Association for Cryptologic Research 2016.
PY - 2016
Y1 - 2016
N2 - An α-fair coin-tossing protocol allows a set of mutually distrustful parties to generate a uniform bit, such that no efficient adversary can bias the output bit by more than α. Cleve [STOC 1986] has shown that if half of the parties can be corrupted, then, no r-round coin-tossing protocol is o(1/r)-fair. For over two decades the best known m-party protocols, tolerating up to t ≥ m/2 corrupted parties, were only O (t/ √r)-fair. In a surprising result, Moran, Naor, and Segev [TCC 2009] constructed an r-round two-party O(1/r)-fair coin-tossing protocol, i.e., an optimally fair protocol. Beimel, Omri, and Orlov [Crypto 2010] extended the result of Moran et al. to the multiparty setting where strictly fewer than 2/3 of the parties are corrupted. They constructed a 22k /r-fair r-round m-party protocol, tolerating up to t = m+k/2 corrupted parties. Recently, in a breakthrough result, Haitner and Tsfadia [STOC 2014] constructed an O (log3(r)/r)-fair (almost optimal) three-party cointossing protocol. Their work brought forth a combination of novel techniques for coping with the difficulties of constructing fair coin-tossing protocols. Still, the best coin-tossing protocols for the case where more than 2/3 of the parties may be corrupted (and even when t = 2m/3, where m > 3) were θ (1/√r-fair. We construct an O (log3(r)/r)-fair mparty coin-tossing protocol, tolerating up to t corrupted parties, whenever m is constant and t < 3m/4.
AB - An α-fair coin-tossing protocol allows a set of mutually distrustful parties to generate a uniform bit, such that no efficient adversary can bias the output bit by more than α. Cleve [STOC 1986] has shown that if half of the parties can be corrupted, then, no r-round coin-tossing protocol is o(1/r)-fair. For over two decades the best known m-party protocols, tolerating up to t ≥ m/2 corrupted parties, were only O (t/ √r)-fair. In a surprising result, Moran, Naor, and Segev [TCC 2009] constructed an r-round two-party O(1/r)-fair coin-tossing protocol, i.e., an optimally fair protocol. Beimel, Omri, and Orlov [Crypto 2010] extended the result of Moran et al. to the multiparty setting where strictly fewer than 2/3 of the parties are corrupted. They constructed a 22k /r-fair r-round m-party protocol, tolerating up to t = m+k/2 corrupted parties. Recently, in a breakthrough result, Haitner and Tsfadia [STOC 2014] constructed an O (log3(r)/r)-fair (almost optimal) three-party cointossing protocol. Their work brought forth a combination of novel techniques for coping with the difficulties of constructing fair coin-tossing protocols. Still, the best coin-tossing protocols for the case where more than 2/3 of the parties may be corrupted (and even when t = 2m/3, where m > 3) were θ (1/√r-fair. We construct an O (log3(r)/r)-fair mparty coin-tossing protocol, tolerating up to t corrupted parties, whenever m is constant and t < 3m/4.
UR - http://www.scopus.com/inward/record.url?scp=84994477416&partnerID=8YFLogxK
U2 - 10.1007/978-3-662-53641-4_13
DO - 10.1007/978-3-662-53641-4_13
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:84994477416
SN - 9783662536407
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 307
EP - 335
BT - Theory of Cryptography - 14th International Conference, TCC 2016-B, Proceedings
A2 - Smith, Adam
A2 - Hirt, Martin
T2 - 14th International Conference on Theory of Cryptography, TCC 2016-B
Y2 - 31 October 2016 through 3 November 2016
ER -