@inproceedings{301313, author = {Ran Canetti and Rafail Ostrovsky}, title = {Secure computation with honest-looking parties (extended abstract): what if nobody is truly honest?}, booktitle = {STOC '99: Proceedings of the thirty-first annual ACM symposium on Theory of computing}, year = {1999}, isbn = {1-58113-067-8}, pages = {255--264}, location = {Atlanta, Georgia, United States}, doi = {http://doi.acm.org.ezproxy.auckland.ac.nz/10.1145/301250.301313}, publisher = {ACM Press}, address = {New York, NY, USA}, abstract = { In a secure multi-party computation a set of mutually distrustful parties interact in order to evaluate a predefined function of their inputs, without revealing the inputs to each other. In this scenario, the trust in other parties should be minimal. In the classic formulation of this problem, most of the parties are trusted to exactly follow the prescribed protocol, except for a limited number of parties that are corrupted by a centralized adversary and are allowed to deviate from the protocol in an arbitrary way. However, an assumption of a totally honest behavior of most parties can not be verified. In particular, if an “honest-locking” party diverges from its protocol in a way that is indistinguishable from a totally honest player, it can do so with “impunity”, In this paper, we consider the situation where all parties (even uncorrupted ones) may deviate from their protocol in arbitrary ways, under the sale restriction that most of the parties do not risk being detected by other parties as deviating from the protocol execution. The question whether secure protocols exist in this scenario was raised in the past, and solutions for very limited deviations from the protocol (i. e., refraining from erasing data) were given. Yet, solving the general problem was believed hard, if at aJl possible, Contrary to this belief, we show that if secure communication channels are provided (and one-way functions exist) then any polynomial function can be securely computed in this scenario. } }