Abstract:

A special three-party secure computation problem is studied in which one of three pairwise interacting parties is required to compute a function of the sequences held by the other two when one of the three parties may arbitrarily deviate from the computation protocol (active behavioral model). For this problem, information-theoretic conditions for secure computation are developed within the real versus ideal model simulation paradigm. Conditions for the passive behavioral model are also provided. A pure one-time-pad based protocol for securely computing the Hamming distance between binary sequences is developed and is shown, using the information-theoretic security conditions, to be secure under both the active and passive behavioral models. In contrast, the general techniques of [1] and [2] require at least four parties when dealing with the active behavioral model. In particular, for the three-party problem considered herein, the BGW protocol that securely computes the squared l2 distance between sequences under the passive behavioral model is demonstrated to be insecure under the active behavioral model, even for binary sequences when the squared l2 distance coincides with the Hamming distance.