Paper 2024/1936

Multiparty Shuffle: Linear Online Phase is Almost for Free

Jiacheng Gao, Nanjing University
Yuan Zhang, Nanjing University
Sheng Zhong, Nanjing University
Abstract

Shuffle is a frequently used operation in secure multiparty computations, with applications including joint data analysis, anonymous communication systems, secure multiparty sorting, etc. Despite a series of ingenious works, the online (i.e. data-dependent) complexity of malicious secure $n$-party shuffle protocol remains $\Omega(n^2m)$ for shuffling data array of length $m$. This potentially slows down the application and MPC primitives built upon MPC shuffle. In this paper, we study the online complexities of MPC shuffle protocol. We observe that most existing works follow a ``permute-in-turn'' paradigm,where MPC shuffle protocol consists of $n$ sequential calls to a more basic MPC permutation protocol. We hence raise the following question: given only black-box access to an arbitrary MPC framework and permutation protocol, can we build an MPC shuffle, whose online complexities are independent of the underlying permutation protocol? We answer this question affirmatively, offering generic transformation from semi-honest/malicious MPC permutation protocolsto MPC shuffle protocols with semi-honest/malicious security and only $O(nm)$ online communication and computation. The linear online phase is obtained almost for free via the transformation, in the sense that in terms of overall complexities, the generated protocolequals the protocol generated by naive permute-in-turn paradigm. Notably, instantiating our construction with additive/Shamir secret sharing and corresponding optimal permutation protocol, we obtain the first malicious secure shuffle protocols with linear online complexities for additive/Shamir secret sharing, respectively. These results are to be compared with previous optimal online communication complexities of $O(Bn^2m)$ and $O(n^2m\log m)$ for malicious secure shuffle, for additive and Shamir secret sharing, respectively. We provide formal security proofs for both semi-honest and malicious secure transformations,showing that our malicious secure construction achieves universally composable security. Experimental results indicate that our construction significantly improves online performance while maintaining a moderate increase in offline overhead. Given that shuffle is a frequently used primitive in secure multiparty computation, we anticipate that our constructions will accelerate many real-world MPC applications.

Note: Add technical overview.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
multiparty computationshufflerandom correlation
Contact author(s)
jcgao @ smail nju edu cn
zhangyuan @ nju edu cn
zhongsheng @ nju edu cn
History
2025-02-13: last of 3 revisions
2024-11-29: received
See all versions
Short URL
https://ia.cr/2024/1936
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/1936,
      author = {Jiacheng Gao and Yuan Zhang and Sheng Zhong},
      title = {Multiparty Shuffle: Linear Online Phase is Almost for Free},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1936},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1936}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.