Scientific knowledge map · Paper #25
How to Withstand Mobile Virus Attacks, Revisited
2014 · ACM Symposium on Principles of Distributed Computing (PODC)
- Theory
- protocol
- scheme
Research question
What does the paper try to establish?
Can proactive secure multiparty computation against an adaptive mobile adversary achieve universal composability, near-linear communication, and near-optimal corruption thresholds despite the need to refresh all long-lived state?
Central answer
What is the proposed answer?
The paper introduces packed proactive secret sharing with constant amortized communication per secret, a Block-Redistribute protocol that refreshes and restores packed shares, and a layer-by-layer proactive MPC protocol; party virtualization raises the reported perfect-security threshold toward one third and the statistical threshold toward one half.
Evidence profile
Six dimensions, kept separate
The chart summarizes documented evidence and process. It is not a correctness probability, confidence score, or ranking, and no composite score is calculated.
LowMediumHighN/A = not assessed
A smaller value means less documented support for that dimension, not that the paper is false or unimportant.
- Epistemic evidence Medium
-
The complete source gives formal definitions, protocols, complexity analyses, and UC proof arguments. No machine-checked proof, implementation, or independent reproduction was audited.
Perfect and statistical proactive-security theorems Redistribution and PMPC proof chain - Auditability High
-
A complete author-hosted full version with all appendices is mirrored locally with page count and SHA-256, making assumptions and proofs inspectable. Proceedings-version identity and independent proof checking remain open.
Problem, roadblocks, contributions, and headline bounds Redistribution and PMPC proof chain - Production provenance Medium
-
Named authorship, an author-hosted full version, acknowledgements, and an ACM record establish baseline provenance. Roles, revision history, and artifact lineage are not captured.
Problem, roadblocks, contributions, and headline bounds Official ACM publication record - External scrutiny Medium
-
The work has an ACM PODC publication record, but reviews, independent proof audits, and implementations were not inspected.
Official ACM publication record - Reception High
-
OpenAlex reports 37 located citations as of 2026-07-11, meeting the site's 11+ high threshold. The index may merge or omit versions and does not establish correctness or adoption.
Dated OpenAlex citation snapshot - Contribution significance High
-
The paper reports the first perfectly UC-secure proactive MPC with near-linear communication and introduces packed proactive secret sharing with constant amortized per-secret cost; this is a source-level priority claim, not an independent historical adjudication.
Problem, roadblocks, contributions, and headline bounds
Assessment: Ai draft author review pending · 2026-07-11 · rubric 0.2. These dimensions describe documented support and process, not truth, correctness, or a universal ranking. No composite score is calculated.
Top-down and bottom-up view
Hierarchical knowledge map
Collapse a branch for a top-level reading, or follow its source links and child nodes to audit the evidence and boundaries underneath it.
How to Withstand Mobile Virus Attacks, Revisited
A proactive MPC construction that refreshes computation state against mobile corruption using packed proactive secret sharing and communication-efficient redistribution.
Problem, roadblocks, contributions, and headline bounds-
question Research question
research questionCan the communication improvements of stationary-fault MPC survive a model in which an adversary eventually corrupts every party, subject only to a per-stage rate bound?
Problem, roadblocks, contributions, and headline bounds -
contribution Central answer
source assertedPack Θ(n) secrets into polynomial sharings, refresh and restore them with hyper-invertible-matrix checks, and evaluate a transformed circuit layer by layer with redistribution after every layer.
Packed sharing and Block-Redistribute Layer-by-layer PMPC protocol and complexity -
scope Proactive execution model defined
Parties communicate synchronously over perfectly secure point-to-point channels and broadcast, erase old state, and alternate operation with refreshment stages.
Proactive UC model, phases, erasures, and baseline parameters Exact proactive UC execution and security definitions-
threat model Active adaptive mobile adversary
definedThe adversary may adaptively corrupt different parties over time, but at most the stated threshold per stage; a party corrupted during a refresh counts in both adjacent stages.
Proactive UC model, phases, erasures, and baseline parameters Exact proactive UC execution and security definitions -
assumption Reboot and erasure assumptions
assumedCorrupted parties can be rebooted to a pristine state with global computation information and secure-channel access, and honest-period randomness and erased state remain unrecoverable; selecting whom to reboot is outside the protocol.
Problem, roadblocks, contributions, and headline bounds Proactive UC model, phases, erasures, and baseline parameters
-
-
method Construction stack specified
The protocol composes packed sharing, proactive redistribution, circuit normalization and permutation, per-layer arithmetic, and party virtualization.
Packed sharing and Block-Redistribute Layer-by-layer PMPC protocol and complexity Party virtualization and near-optimal thresholds-
component Packed proactive secret sharing
specified and provedMultiple secrets occupy evaluation points of one polynomial; random masking polynomials and hyper-invertible matrices amortize refresh and checking to O(1) communication per secret.
Problem, roadblocks, contributions, and headline bounds Packed sharing and Block-Redistribute -
component Block-Redistribute
specified and provedThree phases rerandomize packed sharings, verifiably double-share state, and reconstruct current shares for rebooted parties using Berlekamp-Welch recovery.
Packed sharing and Block-Redistribute Redistribution and PMPC proof chain -
component Layer-by-layer PMPC
specified and provedInputs are robustly shared; secrets are permuted for each homogeneous addition or multiplication layer; obsolete state is erased; all live sharings are redistributed after every layer before final reconstruction.
Layer-by-layer PMPC protocol and complexity
-
-
claim group Principal theorems proved conditional
The paper states UC-security and communication bounds under explicit network, erasure, circuit-width, and corruption-rate conditions.
Packed sharing and Block-Redistribute Perfect and statistical proactive-security theorems-
claim Redistribution theorem
proved conditionalTheorem 1 states perfect UC realization of the redistribution functionality against adaptive corruption threshold n/8, assuming secure point-to-point and broadcast channels, with O(W + poly(n)) communication for W secrets.
Packed sharing and Block-Redistribute Redistribution and PMPC proof chain -
claim Base PMPC theorem
proved conditionalFor an n-party arithmetic circuit at least Ω(n) gates wide, Theorem 2 gives perfect proactive UC security against an active adaptive adversary corrupting fewer than n/8 parties per stage.
Perfect and statistical proactive-security theorems Redistribution and PMPC proof chain -
claim Virtualized thresholds
proved conditionalTheorem 3 raises perfect security to any constant corruption fraction δ < 1/3, while the statistical variant in Theorem 12 supports δ < 1/2.
Perfect and statistical proactive-security theorems Party virtualization and near-optimal thresholds -
claim Near-linear communication
analytically supportedThe final virtualized construction is reported with communication O(C log² C polylog n + D poly(n) log² C), where C and D are circuit size and depth; packed share maintenance is constant amortized per secret.
Problem, roadblocks, contributions, and headline bounds Layer-by-layer PMPC protocol and complexity
-
-
evidence group Evidence chain formal paper evidence
The source supplies ideal functionalities, explicit protocols, complexity derivations, simulators for redistribution, an inductive PMPC simulation, and committee-based threshold amplification.
Exact proactive UC execution and security definitions Redistribution and PMPC proof chain Party virtualization and near-optimal thresholds-
evidence UC proof structure
paper proof not machine checkedThe appendices compare real and ideal executions, construct simulators, and use layer induction plus prior subprotocol security; this audit checked statement/assumption alignment but did not rederive every simulation step.
Redistribution and PMPC proof chain
-
-
limitation group Trusted boundaries and limitations material
The guarantees rely on synchrony, secure channels, broadcast, erasures, reliable pristine reboot, stage-rate enforcement, and sufficiently wide arithmetic circuits.
Proactive UC model, phases, erasures, and baseline parameters Perfect and statistical proactive-security theorems-
limitation Recovery mechanism is external
assumedThe paper does not specify how compromise is detected, how parties are selected and securely rebooted, or how proactive PKI/secure channels and broadcast are implemented.
Problem, roadblocks, contributions, and headline bounds Proactive UC model, phases, erasures, and baseline parameters -
limitation No implementation evaluation
no empirical evaluationEvidence is theoretical; the audited version does not provide code, benchmarks, network measurements, or concrete parameter sizing.
Layer-by-layer PMPC protocol and complexity
-
-
artifact group Artifacts and resources
full text availableA fixed local mirror of the 34-page author full version and the ACM publication record are available; no implementation repository was identified.
Problem, roadblocks, contributions, and headline bounds Official ACM publication record -
scrutiny External scrutiny
publication recordedThe work was published at ACM PODC 2014; review reports, independent proof audits, and implementations were not examined.
Official ACM publication record -
lineage Research lineage
documentedThe construction revisits the Ostrovsky-Yung proactive model using packed-sharing and hyper-invertible-matrix techniques from later efficient MPC, and it directly precedes the dynamic-group protocol in paper #28.
Problem, roadblocks, contributions, and headline bounds
Audit trail
Source index
Locators state the depth of the current audit. PDF page numbers, where present, are one-based file pages; metadata-, summary-, and abstract-bounded records explicitly identify their limitations.
- Problem, roadblocks, contributions, and headline bounds Abstract and Sections 1.2-1.4, PDF pages 1-5
- Proactive UC model, phases, erasures, and baseline parameters Section 2, PDF pages 5-7
- Packed sharing and Block-Redistribute Sections 3.2-3.3 and Theorem 1, PDF pages 8-11
- Layer-by-layer PMPC protocol and complexity Sections 3.4-3.5 and Figure 1, PDF pages 11-13
- Perfect and statistical proactive-security theorems Theorems 2-3, PDF page 13; Theorem 12, PDF page 34
- Exact proactive UC execution and security definitions Appendix A, PDF pages 15-18
- Redistribution and PMPC proof chain Appendices B and D, PDF pages 18-21 and 26-29
- Party virtualization and near-optimal thresholds Appendix E, PDF pages 29-34
- Official ACM publication record PODC 2014, pages 293-302
- Dated OpenAlex citation snapshot cited_by_count = 37, accessed 2026-07-11