CryptoDB
Almost-Optimally Fair Multiparty Coin-Tossing with Nearly Three-Quarters Malicious
| Authors: | |
|---|---|
| Download: | |
| Abstract: | An $$\alpha $$ α -fair coin-tossing protocol allows a set of mutually distrustful parties to generate a uniform bit, such that no efficient adversary can bias the output bit by more than $$\alpha $$ α . Cleve (in: Proceedings of the 18th annual ACM symposium on theory of computing (STOC), 1986) has shown that if half of the parties can be corrupted, then no $$r$$ r -round coin-tossing protocol is $$o(1/r)$$ o ( 1 / r ) -fair. For over two decades, the best-known m -party protocols, tolerating up to $${t}\ge m/2$$ t ≥ m / 2 corrupted parties, were only $$O\left( {t}/\sqrt{r} \right) $$ O t / r -fair. In a surprising result, Moran et al. (in: Theory of cryptography, sixth theory of cryptography conference, TCC, 2009) constructed an $$r$$ r -round two-party $$O(1/r)$$ O ( 1 / r ) -fair coin-tossing protocol, i.e., an optimally fair protocol. Beimel et al. (in: Rabin (ed) Advances in cryptology—CRYPTO 2010, volume 6223 of lecture notes in computer science, Springer, 2010) extended the result of Moran et al. to the multiparty setting where strictly fewer than 2/3 of the parties are corrupted. They constructed a $$2^{2^k}/r$$ 2 2 k / r -fair r -round m -party protocol, tolerating up to $$t=\frac{m+k}{2}$$ t = m + k 2 corrupted parties. In a breakthrough result, Haitner and Tsfadia (in: Symposium on theory of computing, STOC, 2014) constructed an $$O\left( \log ^3(r)/r \right) $$ O log 3 ( r ) / r -fair (almost optimal) three-party coin-tossing protocol. Their work brought forth a combination of novel techniques for coping with the difficulties of constructing fair coin-tossing protocols. Still, the best coin-tossing protocols for the case where more than 2/3 of the parties may be corrupted (and even when $$t=2m/3$$ t = 2 m / 3 , where $$m>3$$ m > 3 ) were $$\theta \left( 1/\sqrt{r} \right) $$ θ 1 / r -fair. We construct an $$O\left( \log ^3(r)/r \right) $$ O log 3 ( r ) / r -fair m -party coin-tossing protocol, tolerating up to t corrupted parties, whenever m is constant and $$t<3m/4$$ t < 3 m / 4 . |
BibTeX
@article{jofc-2023-33327,
title={Almost-Optimally Fair Multiparty Coin-Tossing with Nearly Three-Quarters Malicious},
journal={Journal of Cryptology},
publisher={Springer},
volume={36},
doi={10.1007/s00145-023-09466-2},
author={Bar Alon and Eran Omri},
year=2023
}