Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Subcubic Coin Tossing in Asynchrony without Setup

Mose Mizrahi, Roger Wattenhofer

TL;DR

This work presents an adaptively secure committee-based method to roughly speaking turn strong but costly common coins into cheaper but lower-quality ones, and enables setup-free (and even perfectly secure) asynchronous byzantine agreement with $o(n^3)$ communication against $\Theta(n)$ adaptive byzantine faults.

Abstract

We consider an asynchronous network of $n$ parties connected to each other via secure channels, up to $t$ of which are byzantine. We study common coin tossing, a task where the parties try to agree on an unpredictable random value, with some chance of failure due to the byzantine parties' influence. Coin tossing is a well known and often studied task due to its use in byzantine agreement. In this work, we present an adaptively secure committee-based method to roughly speaking turn strong but costly common coins into cheaper but lower-quality ones. For all $k > 2$ and $\varepsilon > 0$, we show how to use a strong (very rarely failing) coin that costs $\widetilde{O}(n^k)$ bits of communication to get a cheaper coin that costs $\widetilde{O}(\varepsilon^{-2k}n^{3 - 2/k})$ bits of communication. This latter coin tolerates $\varepsilon n$ fewer byzantine parties than the former, and it fails with an arbitrarily small constant probability. For any $\varepsilon > 0$, our method allows us to get a perfectly secure binary coin that tolerates $t \leq (\frac{1}{4} - \varepsilon)n$ faults with $O(n^{2.5}(\varepsilon^{-8} + \log n))$ messages of size $O(\log n)$, as well as a setup-free cryptographically secure binary coin that tolerates $t \leq (\frac{1}{3} - \varepsilon)n$ faults with $O(n^{7/3}\varepsilon^{-6}κ\log n)$ bits of communication (where $κ= Ω(\log n)$ is a cryptographic security paramater). These coins both have $O(\log n)$ latency. They are to our knowledge the first setup-free coins that cost $o(n^3)$ bits of communication but still succeed with at least constant probability against $t = Θ(n)$ adaptive byzantine faults. As such, they for the first time enable setup-free (and even perfectly secure) asynchronous byzantine agreement with $o(n^3)$ communication against $Θ(n)$ adaptive byzantine faults.

Subcubic Coin Tossing in Asynchrony without Setup

TL;DR

This work presents an adaptively secure committee-based method to roughly speaking turn strong but costly common coins into cheaper but lower-quality ones, and enables setup-free (and even perfectly secure) asynchronous byzantine agreement with communication against adaptive byzantine faults.

Abstract

We consider an asynchronous network of parties connected to each other via secure channels, up to of which are byzantine. We study common coin tossing, a task where the parties try to agree on an unpredictable random value, with some chance of failure due to the byzantine parties' influence. Coin tossing is a well known and often studied task due to its use in byzantine agreement. In this work, we present an adaptively secure committee-based method to roughly speaking turn strong but costly common coins into cheaper but lower-quality ones. For all and , we show how to use a strong (very rarely failing) coin that costs bits of communication to get a cheaper coin that costs bits of communication. This latter coin tolerates fewer byzantine parties than the former, and it fails with an arbitrarily small constant probability. For any , our method allows us to get a perfectly secure binary coin that tolerates faults with messages of size , as well as a setup-free cryptographically secure binary coin that tolerates faults with bits of communication (where is a cryptographic security paramater). These coins both have latency. They are to our knowledge the first setup-free coins that cost bits of communication but still succeed with at least constant probability against adaptive byzantine faults. As such, they for the first time enable setup-free (and even perfectly secure) asynchronous byzantine agreement with communication against adaptive byzantine faults.
Paper Structure (15 sections, 9 theorems, 1 table)

This paper contains 15 sections, 9 theorems, 1 table.

Table of Contents

  1. Introduction
  2. Contributions & Related Work
  3. Our method
  4. Model
  5. Bit Publishing
  6. Crusader Agreement
  7. Sparse Communication
  8. Complexity
  9. The Transformation
  10. Using the Transformation
  11. Perfect Security
  12. Cryptographic Security
  13. Multi-valued Coins
  14. Acknowledgements
  15. Skipped Proofs

Key Result

theorem 1

For any real parameters $z,k,\varepsilon,\alpha,\delta$ such that $z > 0$, $k \geq 2$, $0 < \varepsilon < \alpha \leq \frac{1}{3}$ and $\delta \leq 1$, suppose we have a $\delta$-fair asynchronous binary common coin $\mathrm{C}_\textsf{str}$ which tolerates up to $t < \alpha n$ adaptive byzantine fa

Theorems & Definitions (17)

  • definition 1: Common Coin
  • theorem 1
  • lemma 1
  • lemma 2
  • proof
  • lemma 3
  • lemma 4
  • proof
  • proof : Proof of Theorem \ref{['mainthm']}
  • lemma 5
  • ...and 7 more