Multiparty Protocol that Usually Shuffles (2103.05072v1)

Abstract: Multiparty computation is raising importance because it's primary objective is to replace any trusted third party in the distributed computation. This work presents two multiparty shuffling protocols where each party, possesses a private input, agrees on a random permutation while keeping the permutation secret. The proposed shuffling protocols are based on permutation network, thereby data-oblivious. The first proposal is $n\text{-}permute$ that permutes $n$ inputs in all $n!$ possible ways. $n$-permute network consists of $2\log{n}-1$ layers, and in each layer there are $n/2$ gates. Our second protocol is $n_{\pi}$-permute shuffling that defines a permutation set $\Pi={\pi_1,\dots,\pi_N}$ where $|\Pi| < n!$, and the resultant shuffling is a random permutation $\pi_i \in \Pi$. The $n_{\pi}$-permute network contains leases number of layers compare to $n$-permute network. Let $n=n_1n_2$, the $n_{\pi}$-permute network would define $2\log{n_1}-1+\log{n_2}$ layers. \par The proposed shuffling protocols are unconditionally secure against malicious adversary who can corrupt at most $t<n/3$ parties. The probability that adversary can learn the outcome of $n$-permute is upper bound by $((n-t)!)^{-1}$. Whereas, the probability that adversary can learn the outcome of $n_{\pi}$-permute is upper bounded by $\big(f_{\Pi}(n_1-\theta_1)^{n_2}2^{\theta_2}\big)^{-1}$, for some positive integer $\theta_1, \theta_2$, and a recursive definition of $f_{\Pi}$. The protocols allow the parties to build quorums, and distribute the load among the quorums.