排序问题和基于公开可验证密钥共享的安全多方计算协议
|
摘要
安全多方计算在密码学领域中拥有相当重要的地位。1982年百万富翁问题提出以后,许多密码学研究者对安全多方计算的研究产生了兴趣。现在,密码学领域中很多研究都是围绕安全多方计算进行,其中两个重要的研究方向为:1)为解决具体问题设计高效实用的安全多方计算协议;2)设计新型的安全多方计算协议。
本文主要做了如下的两个工作:
一:为排序问题构造安全多方计算协议(排序的对象至少是3个)。很多实际问题,如电子投标,电子选举,薪水比较,年龄比较等,实际上就是排序问题。目前,两方数据比较(如百万富翁问题)的安全多方计算已经得到了很好的解决,但对于多个数据的比较问题,即排序问题,却还没有很好的解决方法。因此,我们第一个为排序问题构造了一个安全多方计算协议。
二:构造基于公开可验证密钥共享的安全多方计算协议。目前,用于构造基于可验证密钥共享的安全多方计算协议的技术已经比较成熟,国内外有很多文献对其做了研究,也取得不少成果。公开可验证密钥共享方案具有如下的性质:数据都可以在公开信道上传输,管理者与参与者之间不需要任何秘密信道,任何人都可以验证公开信道上传输的数据的正确性。因此,如果使用公开可验证密钥共享方案来构造安全多方计算协议,则参与者之间不需要秘密信道,各个参与者的数据是公开可验证的。本文构造一个具有加同态性质的公开可验证密钥共享方案,利用这个公开可验证密钥共享方案构造了一个基于公开可验证密钥共享的安全多方计算协议,并证明了该协议的公开可验证性,正确性,秘密性。
Secure multi-party computation protocol is an important area in cryptography. After the millionaire's problem was described in 1982, many cryptanalysts were interested in the research on secure multi-party computation. Recently, a lot of secure multi-party computations are researched in the field of cryptography, which includes two important research directions: 1) The design of efficient and practical secure multi-party computation protocol for solving specific problem; 2) The design of new secure multi-party computation.
Two fruitful results in this paper are as follows:
Firstly, we design a secure multi-party computation for solving sequencing problem with at least three participants. Many practical problems, such as electronic bid, electronic voting, salary comparison, age comparison, in fact, those are sequencing problem. At present, secure multi-party computation protocol of two-party data comparison (such as the millionaire problem) has been solved well, but there is no good solution for data comparison which more than three parties participate in, namely sequencing problem. Therefore, we firstly construct a secure multi-party computation protocol for the sequencing problem.
Secondly, we construct a secure multi-party computation protocol based on publicly verifiable secret sharing. At present, the technology of constructing secure multi-party computation protocol based on verifiable secret sharing has been really mature. A lot of its research and achievements can be found at home and abroad literature. Publicly verifiable secret sharing protocols have the following properties: the messages can be transmitted in public channels; there is no private channel among the dealer and the participants, and anyone can verify the correctness of the messages in the public channels. Therefore, if we use publicly verifiable secret sharing to construct secure multi-party computation protocol, then the participants do not need a private channel to share the secret, and the participants' data are publicly verifiable. In this paper, we construct a publicly verifiable secret sharing scheme with the property of addition homomorphism. Then, we construct a secure multi-party computation protocol based on publicly verifiable secret sharing shceme with addition homomorphism, and prove that this scheme has the properties: public verifiability, accuracy and privacy.
本文主要做了如下的两个工作:
一:为排序问题构造安全多方计算协议(排序的对象至少是3个)。很多实际问题,如电子投标,电子选举,薪水比较,年龄比较等,实际上就是排序问题。目前,两方数据比较(如百万富翁问题)的安全多方计算已经得到了很好的解决,但对于多个数据的比较问题,即排序问题,却还没有很好的解决方法。因此,我们第一个为排序问题构造了一个安全多方计算协议。
二:构造基于公开可验证密钥共享的安全多方计算协议。目前,用于构造基于可验证密钥共享的安全多方计算协议的技术已经比较成熟,国内外有很多文献对其做了研究,也取得不少成果。公开可验证密钥共享方案具有如下的性质:数据都可以在公开信道上传输,管理者与参与者之间不需要任何秘密信道,任何人都可以验证公开信道上传输的数据的正确性。因此,如果使用公开可验证密钥共享方案来构造安全多方计算协议,则参与者之间不需要秘密信道,各个参与者的数据是公开可验证的。本文构造一个具有加同态性质的公开可验证密钥共享方案,利用这个公开可验证密钥共享方案构造了一个基于公开可验证密钥共享的安全多方计算协议,并证明了该协议的公开可验证性,正确性,秘密性。
Secure multi-party computation protocol is an important area in cryptography. After the millionaire's problem was described in 1982, many cryptanalysts were interested in the research on secure multi-party computation. Recently, a lot of secure multi-party computations are researched in the field of cryptography, which includes two important research directions: 1) The design of efficient and practical secure multi-party computation protocol for solving specific problem; 2) The design of new secure multi-party computation.
Two fruitful results in this paper are as follows:
Firstly, we design a secure multi-party computation for solving sequencing problem with at least three participants. Many practical problems, such as electronic bid, electronic voting, salary comparison, age comparison, in fact, those are sequencing problem. At present, secure multi-party computation protocol of two-party data comparison (such as the millionaire problem) has been solved well, but there is no good solution for data comparison which more than three parties participate in, namely sequencing problem. Therefore, we firstly construct a secure multi-party computation protocol for the sequencing problem.
Secondly, we construct a secure multi-party computation protocol based on publicly verifiable secret sharing. At present, the technology of constructing secure multi-party computation protocol based on verifiable secret sharing has been really mature. A lot of its research and achievements can be found at home and abroad literature. Publicly verifiable secret sharing protocols have the following properties: the messages can be transmitted in public channels; there is no private channel among the dealer and the participants, and anyone can verify the correctness of the messages in the public channels. Therefore, if we use publicly verifiable secret sharing to construct secure multi-party computation protocol, then the participants do not need a private channel to share the secret, and the participants' data are publicly verifiable. In this paper, we construct a publicly verifiable secret sharing scheme with the property of addition homomorphism. Then, we construct a secure multi-party computation protocol based on publicly verifiable secret sharing shceme with addition homomorphism, and prove that this scheme has the properties: public verifiability, accuracy and privacy.
引文
[1]冯登国.密码学原理与实践(第二版)[M].北京:电子工业出版社,2003.193-194.
[2]黄征.安全多方计算协议及典型应用研究.上海交通大学博士学位论文,2003.
[3]贾恒越,刘焕平.求矩阵逆的安全双方计算协议[J].计算机工程与应用,2008,44(33):112-114.
[4]李强,颜浩,陈克非.安全多方计算协议的研究与应用[J].计算机科学2003,30(9.8):52-55.
[5]刘木兰,张志芳.密钥共享体制和安全多方计算,电子工业出版社,2008.
[6]罗永龙.安全多方计算中的若干关键问题及其应用研究,博士论文,中国科技大学,2005.
[7]王继林,伍前红.现代密码学理论与实践[M].北京:电子工业出版社,2004,150-155.
[8]朱珂,姚重俭,朱培栋,卢锡城.基于安全多方计算的BGP策略冲突检测算法[J].计算机工程与科学,2006,28(12):85-89.
[9]A.C.Yao.Protocols for Secure Computations[C].In Proceedings of the 23~(rd)Annual IEEE Symposium on Foundations of Computer Science,1982,160-164.
[10]A.Shamir.How to Share a Secret[J].Comm.ACM,1979,22(11):616-613.
[11]B.Chor,S.Goldwasser and S.Micali.Verifiable Secret Sharing And Achieving Simultaneity in The Presence of Faults[C].Proc,of IEEE FOCS' 85.1985,383-395.
[12]B.Schoenmakers.A Simple Publicly Verifiable Secret Sharing Scheme and its Application to Electronic Voting[C].Advance in Cryptology—CRYPTO99,SantaBarbara,Califonia,USA:Springer-Verlag CmbH,1999,148-164.
[13]B.Schoenmakers and P.Tuyls.Pratical Two-Party Computation Based on The Conditional Gate[C].In Proceedings of Advances in Cryptology-ASIACRYPT' 04,volume 3329 of LNCS,Springer-Verlag,2004,119-136.
[14]C.Cachin.Efficient Private Bidding and Auctions with an Oblivious Third Party[C].In Proceedings of the 6~(th) ACM Conference on Computer and Communications Security,1999,120-127.
[15]C.E.Shannon.Communication Theory of Secrecy Systems[J].Bell System Technical Journal,28,1949,656-715.
[16]D.Beaver.Secure Multiparty Protocols and Zero-Knowledge Proof Systems Tolerating a Faulty minority[J].Journal of Cryptology,1991,75-122.
[17]D.Chaum and C.Crepeau,and I.Damgard.Multi-Party Uncomditionally Secure Protocols[C].In Proceedings of the 20~(th) Annual ACM Symposium on Theory of Computing,Chicago.1988,1-10.
[18]D.Chaum and T.P.Pedersen.Wallet databases with observers[C].In Advances in CRYPTO'92 of Lecture Notes in Computer Science,Berlin,Springer-Verlag,1993,volume 740:89-105.
[19]G.Di-Crescenzo,Y Ishai and R.Ostrovsky.Universal service-providers for database Private information retrieval[C].In Proceedings of thel7th Annual ACM Symposium on Principles of Distributed Computing,September21,1998,91-100.
[20]G.R.Blakley.Safeguarding Cryptographic Keys[J].Proc.Nat.Computer Cinf.AFIPS.Cinf.Proc,1979,313-317.
[21]H.Kikuchi,M.Harkavy and J.D.Tygar.Multi-Round Anonymous Auction Protocols[C].In Proc.of the first IEEE workshop on dependable and real time E -Commerce Systems,New York,1998,62-69.
[22]H.Y.Lin and W.G..Tzeng.An Efficient Solution to The Millionaires Problem Based on Hormomorphic Encryption.ASIACRYPT 2005,http://eprint.iacr.org/2005/043
[23]I.Damgard.On ∑-protocols.CPT2004.Available at http://www.daimi.au.dk/ivan/Sigma.ps,2002.
[24]I.F.Blake and V.Kolesnikov Strong Condition Oblivious Transfer And Computing on Intervals[C].Cryptology-ASIACRYPT'04,2004,33(29):515-529.
[25]I.Ioannidis and A.Grama.An Efficient Protocol for Yao's Millionaires'Problem[C].Proceedings of the 36~(th) Hawaii International Conference on System Sciences.2003,6-9.
[26]J.Benaloh.Verifiable Secret-Ballot Elections.PhD thesis,Yale University,Department of Computer Science Department,New Haven,CT,September1987.
[27]J.Qin,Z.F.Zhang,D.G..Feng and B.Li.A protocol of Comparing Information without Leaking[J].Journal of Software,15(3),2004,421-427.
[28]K.Sako.An Auction Protocol Which Hides Bids of Losers[J].In Proc.of PKC'2000,2000,422- 432.
[29]M.Ben-Or,S.Goldwasser and A.Wigderson.Completeness Theorems foe Noncryptographic Fault-Tolerant Distributed Computations[C].In Proceedings of the 20~(th) Annual ACM Symposium on Theory of Computing,1988,1-10.
[30]M.Fischlin.A Cost-Effective Pay-Per-Multiplication Comparison Method for Millionaires[C]Progress on Cryptology-CT-P,SA 2001:The Cryptographers' Track at RSA Conference 2001 San Francisco,CA,USA,April 8-12,2001,457-472.
[31]M.Fitzi,J.Garay,U.M.Maurer and R.Ostrovsky.Minimal Complete Primitives for Secure Multi-party Computation[C].In Advances in Cryptology 一 CRYPTO 'O1,Lecture Notes in Computer Science,volume2 139,Springer,2001,80-100.
[32]M.Hirt and U.Maurer.Robustness for Free in Unconditional Multi-Party Computation[C].In Proc.of CRYPTO'01,LNCS2139,2001,101-118.
[33]M.Hirt,U.Maurer and B.Przydatek.Efficient Secure Multi-Party Computation[J].Lecture Notes in Computer Science,volume 1976,Springer,2000,143-160.
[34]M.Jakobsson.A practical mix[J].Lecture Notes in Computer Science,volumel403,Springer,1998,448-461.
[35]M.Jakobsson.Flash mixing[C].In Proc.of 1999ACM Symposium on Principles of Distributed Computing(P ODC),1999,83-89.
[36]M.Jakobsson and A.Juels.Mix and Match.Secure Function Evaluation via Ciphertexts[C].In Advances in Cryptology-ASIACRYPT2000,LNCS1976,2000,162-177.
[37]M.K.Franklin and M.Yung.Communication Complexity of Secure Computation[C].In Proc.24thACM Symposium on the Theory of Computing(STOC),1992,699-710.
[38]M.K.Franklin and M.K.Reiter.The Design and Implementation of A Secure auction Service[J],IEEE Trans.on Software Engineering,22(5),1996,302-312.
[39]M.Stadler.Publicly verifiable secret sharing[C].Advances in Cryptology EUROCRYPT'96.1996,190-199.
[40]O.Goldreich.Secure Multi-Party Computation.1998,URL:http://www.wisdom.weizmann.ac.il/~oded/ps/prot.ps.
[41]O.Goldreich,S.Micali and A.Wigderson.How to Play Any Mental Game[C].In Proceedings of the 19~(th) Annual ACM Symposium on Theory of Computing,New York City,May 1987,218-229.
[42]P.Feldman.A Practical Scheme for Non-Interactive Verifiable Secret Sharing[C].In Proc.28~(th) Annual Symp.on Foundations of Computer Science,IEEE,1987,427-437.
[43]R.Caneti.Studies on Secure Multiparty Computation.PHD Thesis,1995.
[44]R.Canetti and I.Damgard,Stefan Dziembowski,Yuval Ishai.Tal Malkin.Adaptive versus Non-Adaptive Security of Multi-Party Protocols[J].Cryptology(2004) 17:153-207.
[45]R.Canneti.Security and Composition of Multiparty Cryptographic protocols[J].Journal of Cryptology,2000,13(1):14 3-202.
[46]R.Cramer and I.Damgard.Multiparty Computation,An introduction[J].Lecture Notes,University of Aarus,Department for Computer Science,2009.
[47]R.Cmmer,I.Damgard and S.Dziembowski.On the Complexity of Verifiable Secret Sharing and Multi-party Computation[C].In Proceedings of the3 2ndACM Symposium on Theory of Computing,2000,325-334.
[48]R.Cramer,I.Damgard and S.Dziembowski.Efficient Multiparty Computations Secure Against an Adaptive Adversary[C],EUROCRYPT'99,LNCS,vol.1592,1999,311-326.
[49]R.Fagin and M.Naor and P.Winkler.Comparing Information without Leaking It[J].Communications of the ACM,1996,39(5):77-85.
[50]R.Gennaro,M.Rabin and T.Rabin.Simplified VSS and Fast-track Multiparty Computations with Applications to Threshold Cryptography[C].In Proceedings of the 1998 ACM Symposium on Principles of Distributed Computing,1998,101-111.
[51]R.Gennaro,S.arecki,H.Krawczyk and T.Rabin.Robust Threshold DSS Signatures[J].Information and computaions,2001,164:54-84.
[52]S.D.Li and Y.Q.Dai.Secure Two-Party Computational Geometry[J].Journal of Computer Science and Technology,2005,20(2):258-263.
[53]S.Micali and P.Rogaway.Secure Computation[C].CRYPTO'91,L NCS576,1991,392- 404.
[54]T.Nakanishi,H.Watanabc,T.Fujiwara,etal.An Anonymous Bidding Protocol Using Undeniable Signature[C].The 1995 Symposium on Cryptography and Information Security.Singapore,IEEE,1995,106-112
[55]T.Pedersen.Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing[C].Advances in Cryptology - Crypto'91,1991,129-140.
[56]T.Rabin and Michael Ben-Or.Verifiable Secret Sharing and Multiparty Protocols with Honest Majority[C].Proceedings of the twenty-first annual ACM symposium on Theory of computing,Seattle,Washington,United States,1989,73-85.
[57]W.Diffie and M.E.Hellman.New Directiongs in Cryptography[J].IEEE Trans.info.Theory,IT,1976,22(6):644-654.
[58]W.Du and M.J.Atallah.Privacy-Preserving Cooperative Statistical Analysis[C].In 2001 ACSAC:Annual Computer Security Applications Conference.New Orleans,Louisiana,USA,December 10-14,2001,102-110
[59]Y.Lindell and B.Pinkas.Privacy preserving data mining[C].In Advances in Cryptology- CRYPTO'00,volume1880 of Lecture Notes in Computer Science,Springer-Verlag,2000,36-54.
[60]Y.Imamura,T.Matsumoto and H.Imai.Electronic Anonymous Bidding Scheme[C].The 1994 Symposium on Cryptography and Information Security.Australia,IEEE,1994,152- 156.
[61]Yuh-Min Tseng.A Robust Multi-Party Key Agreement Protocol Resistant to Malicious Participants[J].The Computer journal,2005.48(4):480-486.
[62]ZHU Yan,YANG Yong-Tian,SUN Zhong-Wei,FENG Deng-Guo.Ownership Proofs of Digital Works Based on Secure Multiparty Computation[J].Journal of Software,2006,17(1):157-166.
[2]黄征.安全多方计算协议及典型应用研究.上海交通大学博士学位论文,2003.
[3]贾恒越,刘焕平.求矩阵逆的安全双方计算协议[J].计算机工程与应用,2008,44(33):112-114.
[4]李强,颜浩,陈克非.安全多方计算协议的研究与应用[J].计算机科学2003,30(9.8):52-55.
[5]刘木兰,张志芳.密钥共享体制和安全多方计算,电子工业出版社,2008.
[6]罗永龙.安全多方计算中的若干关键问题及其应用研究,博士论文,中国科技大学,2005.
[7]王继林,伍前红.现代密码学理论与实践[M].北京:电子工业出版社,2004,150-155.
[8]朱珂,姚重俭,朱培栋,卢锡城.基于安全多方计算的BGP策略冲突检测算法[J].计算机工程与科学,2006,28(12):85-89.
[9]A.C.Yao.Protocols for Secure Computations[C].In Proceedings of the 23~(rd)Annual IEEE Symposium on Foundations of Computer Science,1982,160-164.
[10]A.Shamir.How to Share a Secret[J].Comm.ACM,1979,22(11):616-613.
[11]B.Chor,S.Goldwasser and S.Micali.Verifiable Secret Sharing And Achieving Simultaneity in The Presence of Faults[C].Proc,of IEEE FOCS' 85.1985,383-395.
[12]B.Schoenmakers.A Simple Publicly Verifiable Secret Sharing Scheme and its Application to Electronic Voting[C].Advance in Cryptology—CRYPTO99,SantaBarbara,Califonia,USA:Springer-Verlag CmbH,1999,148-164.
[13]B.Schoenmakers and P.Tuyls.Pratical Two-Party Computation Based on The Conditional Gate[C].In Proceedings of Advances in Cryptology-ASIACRYPT' 04,volume 3329 of LNCS,Springer-Verlag,2004,119-136.
[14]C.Cachin.Efficient Private Bidding and Auctions with an Oblivious Third Party[C].In Proceedings of the 6~(th) ACM Conference on Computer and Communications Security,1999,120-127.
[15]C.E.Shannon.Communication Theory of Secrecy Systems[J].Bell System Technical Journal,28,1949,656-715.
[16]D.Beaver.Secure Multiparty Protocols and Zero-Knowledge Proof Systems Tolerating a Faulty minority[J].Journal of Cryptology,1991,75-122.
[17]D.Chaum and C.Crepeau,and I.Damgard.Multi-Party Uncomditionally Secure Protocols[C].In Proceedings of the 20~(th) Annual ACM Symposium on Theory of Computing,Chicago.1988,1-10.
[18]D.Chaum and T.P.Pedersen.Wallet databases with observers[C].In Advances in CRYPTO'92 of Lecture Notes in Computer Science,Berlin,Springer-Verlag,1993,volume 740:89-105.
[19]G.Di-Crescenzo,Y Ishai and R.Ostrovsky.Universal service-providers for database Private information retrieval[C].In Proceedings of thel7th Annual ACM Symposium on Principles of Distributed Computing,September21,1998,91-100.
[20]G.R.Blakley.Safeguarding Cryptographic Keys[J].Proc.Nat.Computer Cinf.AFIPS.Cinf.Proc,1979,313-317.
[21]H.Kikuchi,M.Harkavy and J.D.Tygar.Multi-Round Anonymous Auction Protocols[C].In Proc.of the first IEEE workshop on dependable and real time E -Commerce Systems,New York,1998,62-69.
[22]H.Y.Lin and W.G..Tzeng.An Efficient Solution to The Millionaires Problem Based on Hormomorphic Encryption.ASIACRYPT 2005,http://eprint.iacr.org/2005/043
[23]I.Damgard.On ∑-protocols.CPT2004.Available at http://www.daimi.au.dk/ivan/Sigma.ps,2002.
[24]I.F.Blake and V.Kolesnikov Strong Condition Oblivious Transfer And Computing on Intervals[C].Cryptology-ASIACRYPT'04,2004,33(29):515-529.
[25]I.Ioannidis and A.Grama.An Efficient Protocol for Yao's Millionaires'Problem[C].Proceedings of the 36~(th) Hawaii International Conference on System Sciences.2003,6-9.
[26]J.Benaloh.Verifiable Secret-Ballot Elections.PhD thesis,Yale University,Department of Computer Science Department,New Haven,CT,September1987.
[27]J.Qin,Z.F.Zhang,D.G..Feng and B.Li.A protocol of Comparing Information without Leaking[J].Journal of Software,15(3),2004,421-427.
[28]K.Sako.An Auction Protocol Which Hides Bids of Losers[J].In Proc.of PKC'2000,2000,422- 432.
[29]M.Ben-Or,S.Goldwasser and A.Wigderson.Completeness Theorems foe Noncryptographic Fault-Tolerant Distributed Computations[C].In Proceedings of the 20~(th) Annual ACM Symposium on Theory of Computing,1988,1-10.
[30]M.Fischlin.A Cost-Effective Pay-Per-Multiplication Comparison Method for Millionaires[C]Progress on Cryptology-CT-P,SA 2001:The Cryptographers' Track at RSA Conference 2001 San Francisco,CA,USA,April 8-12,2001,457-472.
[31]M.Fitzi,J.Garay,U.M.Maurer and R.Ostrovsky.Minimal Complete Primitives for Secure Multi-party Computation[C].In Advances in Cryptology 一 CRYPTO 'O1,Lecture Notes in Computer Science,volume2 139,Springer,2001,80-100.
[32]M.Hirt and U.Maurer.Robustness for Free in Unconditional Multi-Party Computation[C].In Proc.of CRYPTO'01,LNCS2139,2001,101-118.
[33]M.Hirt,U.Maurer and B.Przydatek.Efficient Secure Multi-Party Computation[J].Lecture Notes in Computer Science,volume 1976,Springer,2000,143-160.
[34]M.Jakobsson.A practical mix[J].Lecture Notes in Computer Science,volumel403,Springer,1998,448-461.
[35]M.Jakobsson.Flash mixing[C].In Proc.of 1999ACM Symposium on Principles of Distributed Computing(P ODC),1999,83-89.
[36]M.Jakobsson and A.Juels.Mix and Match.Secure Function Evaluation via Ciphertexts[C].In Advances in Cryptology-ASIACRYPT2000,LNCS1976,2000,162-177.
[37]M.K.Franklin and M.Yung.Communication Complexity of Secure Computation[C].In Proc.24thACM Symposium on the Theory of Computing(STOC),1992,699-710.
[38]M.K.Franklin and M.K.Reiter.The Design and Implementation of A Secure auction Service[J],IEEE Trans.on Software Engineering,22(5),1996,302-312.
[39]M.Stadler.Publicly verifiable secret sharing[C].Advances in Cryptology EUROCRYPT'96.1996,190-199.
[40]O.Goldreich.Secure Multi-Party Computation.1998,URL:http://www.wisdom.weizmann.ac.il/~oded/ps/prot.ps.
[41]O.Goldreich,S.Micali and A.Wigderson.How to Play Any Mental Game[C].In Proceedings of the 19~(th) Annual ACM Symposium on Theory of Computing,New York City,May 1987,218-229.
[42]P.Feldman.A Practical Scheme for Non-Interactive Verifiable Secret Sharing[C].In Proc.28~(th) Annual Symp.on Foundations of Computer Science,IEEE,1987,427-437.
[43]R.Caneti.Studies on Secure Multiparty Computation.PHD Thesis,1995.
[44]R.Canetti and I.Damgard,Stefan Dziembowski,Yuval Ishai.Tal Malkin.Adaptive versus Non-Adaptive Security of Multi-Party Protocols[J].Cryptology(2004) 17:153-207.
[45]R.Canneti.Security and Composition of Multiparty Cryptographic protocols[J].Journal of Cryptology,2000,13(1):14 3-202.
[46]R.Cramer and I.Damgard.Multiparty Computation,An introduction[J].Lecture Notes,University of Aarus,Department for Computer Science,2009.
[47]R.Cmmer,I.Damgard and S.Dziembowski.On the Complexity of Verifiable Secret Sharing and Multi-party Computation[C].In Proceedings of the3 2ndACM Symposium on Theory of Computing,2000,325-334.
[48]R.Cramer,I.Damgard and S.Dziembowski.Efficient Multiparty Computations Secure Against an Adaptive Adversary[C],EUROCRYPT'99,LNCS,vol.1592,1999,311-326.
[49]R.Fagin and M.Naor and P.Winkler.Comparing Information without Leaking It[J].Communications of the ACM,1996,39(5):77-85.
[50]R.Gennaro,M.Rabin and T.Rabin.Simplified VSS and Fast-track Multiparty Computations with Applications to Threshold Cryptography[C].In Proceedings of the 1998 ACM Symposium on Principles of Distributed Computing,1998,101-111.
[51]R.Gennaro,S.arecki,H.Krawczyk and T.Rabin.Robust Threshold DSS Signatures[J].Information and computaions,2001,164:54-84.
[52]S.D.Li and Y.Q.Dai.Secure Two-Party Computational Geometry[J].Journal of Computer Science and Technology,2005,20(2):258-263.
[53]S.Micali and P.Rogaway.Secure Computation[C].CRYPTO'91,L NCS576,1991,392- 404.
[54]T.Nakanishi,H.Watanabc,T.Fujiwara,etal.An Anonymous Bidding Protocol Using Undeniable Signature[C].The 1995 Symposium on Cryptography and Information Security.Singapore,IEEE,1995,106-112
[55]T.Pedersen.Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing[C].Advances in Cryptology - Crypto'91,1991,129-140.
[56]T.Rabin and Michael Ben-Or.Verifiable Secret Sharing and Multiparty Protocols with Honest Majority[C].Proceedings of the twenty-first annual ACM symposium on Theory of computing,Seattle,Washington,United States,1989,73-85.
[57]W.Diffie and M.E.Hellman.New Directiongs in Cryptography[J].IEEE Trans.info.Theory,IT,1976,22(6):644-654.
[58]W.Du and M.J.Atallah.Privacy-Preserving Cooperative Statistical Analysis[C].In 2001 ACSAC:Annual Computer Security Applications Conference.New Orleans,Louisiana,USA,December 10-14,2001,102-110
[59]Y.Lindell and B.Pinkas.Privacy preserving data mining[C].In Advances in Cryptology- CRYPTO'00,volume1880 of Lecture Notes in Computer Science,Springer-Verlag,2000,36-54.
[60]Y.Imamura,T.Matsumoto and H.Imai.Electronic Anonymous Bidding Scheme[C].The 1994 Symposium on Cryptography and Information Security.Australia,IEEE,1994,152- 156.
[61]Yuh-Min Tseng.A Robust Multi-Party Key Agreement Protocol Resistant to Malicious Participants[J].The Computer journal,2005.48(4):480-486.
[62]ZHU Yan,YANG Yong-Tian,SUN Zhong-Wei,FENG Deng-Guo.Ownership Proofs of Digital Works Based on Secure Multiparty Computation[J].Journal of Software,2006,17(1):157-166.