Karim Eldefrawy

Cryptography, Cybersecurity, Privacy

Co-founder and CTO at Confidencial.io
2017-2021: SRI
2011-2016: HRL Laboratories
2006-2010: PhD@UC Irvine

Scientific curiosity

Scientific knowledge map · Paper #44

Proactive Secure Multiparty Computation with a Dishonest Majority

Karim Eldefrawy, Rafail Ostrovsky, Sunoo Park, and Moti Yung

2018 · 11th Conference on Security and Cryptography for Networks (SCN)

  • Theory
  • protocol

What does the paper try to establish?

Can proactive MPC retain privacy and correctness when a mobile adversary may passively observe a dishonest majority within a refresh period and eventually visit every party?

What is the proposed answer?

The exposed primary abstract states a first feasibility construction: a PMPC protocol with near-all-party passive resilience, identifiable-abort security for bounded active faults, and a mixed-corruption tradeoff. The full protocol body and proofs could not be retrieved in this audit, so exact algorithms and proof dependencies remain unmapped rather than inferred.

Abstract

Secure multiparty computation (MPC) protocols enable n distrusting parties to perform computations on their private inputs while guaranteeing confidentiality of inputs (and outputs, if desired) and correctness of the computation, as long as no adversary corrupts more than a threshold t of the n parties. Existing MPC protocols assure perfect security for t ≤ ⌈n/2⌉ − 1 active corruptions with termination (i.e., robustness), or up to t = n − 1 under cryptographic assumptions (with detection of misbehaving parties). However, when computations involve secrets that have to remain confidential for a long time such as cryptographic keys, or when dealing with strong and persistent adversaries, such security guarantees are not enough. In these situations, all parties may be corrupted over the lifetime of the secrets used in the computation, and the threshold t may be violated over time (even as portions of the network are being repaired or cleaned up). Proactive MPC (PMPC) addresses this stronger threat model: it guarantees correctness and input privacy in the presence of a mobile adversary that controls a changing set of parties over the course of a protocol, and could corrupt all parties over the lifetime of the computation, as long as no more than t are corrupted in each time window (called a refresh period). The threshold t in PMPC represents a tradeoff between the adversary’s penetration rate and the cleaning speed of the defense tools (or rebooting of nodes from a clean image), rather than being an absolute bound on corruptions. Prior PMPC protocols only guarantee correctness and confidentiality in the presence of an honest majority of parties, an adversary that corrupts even a single additional party beyond the n/2 − 1 threshold, even if only passively and temporarily, can learn all the inputs and outputs; and if the corruption is active rather than passive, then the adversary can even compromise the correctness of the computation. In this paper, we present the first feasibility result for constructing a PMPC protocol secure against a dishonest majority. To this end, we develop a new PMPC protocol, robust and secure against t < n − 2 passive corruptions when there are no active corruptions, and secure but non-robust (but with identifiable aborts) against t < n/2 − 1 active corruptions when there are no passive corruptions. Moreover, our protocol is secure (with identifiable aborts) against mixed adversaries controlling, both, passively and actively corrupted parties, provided that if there are k active corruptions, there are less than n − k − 1 total corruptions.

Provenance: Transcribed from the public author-uploaded full text and cross-checked against the official Springer abstract; mathematical notation was normalized to plain Unicode and display line-break artifacts were removed. Local file fixity has not been recorded.

Six dimensions, kept separate

The chart summarizes documented evidence and process. It is not a correctness probability, confidence score, or ranking, and no composite score is calculated.

The visual spider chart requires JavaScript. The complete values and rationales follow in text.

LowMediumHighN/A = not assessed

A smaller value means less documented support for that dimension, not that the paper is false or unimportant.

Epistemic evidence Medium

The official abstract exposes a substantive construction and precise resilience claims, and a later primary source confirms the research lineage, but the protocol body and proofs were not available for audit.

Official abstract, stated thresholds, and feasibility claim Later primary-source description of dishonest-majority proactive sharing lineage
Auditability High

The resource record includes a public author-uploaded full-text route in addition to the official DOI, which satisfies the site's author-copy rule for High auditability. The route was blocked to this audit client, so source_scope remains bounded and no body-level claim is treated as inspected.

Author upload, venue metadata, and public full-text indication Official SCN publication identity
Production provenance Medium

Authors, venue, date, DOI, and author-upload provenance are documented; revision history, contributor roles, and manuscript fixity are not.

Author upload, venue metadata, and public full-text indication Official SCN publication identity
External scrutiny Medium

SCN publication establishes venue scrutiny, but public reviews, proof audits, and reproduction were not located.

Official SCN publication identity
Reception High

OpenAlex reported 12 citations on 2026-07-11; under the finalized rubric, 11 or more located citations is High.

Dated citation-count snapshot
Contribution significance Medium

The abstract claims a first feasibility result across an important resilience barrier, but priority and technical scope could not be fully assessed without the paper body.

Official abstract, stated thresholds, and feasibility claim

Assessment: Ai draft author review pending · 2026-07-11 · rubric 0.2. These dimensions describe documented support and process, not truth, correctness, or a universal ranking. No composite score is calculated.

Hierarchical knowledge map

Collapse a branch for a top-level reading, or follow its source links and child nodes to audit the evidence and boundaries underneath it.

paper

Dishonest-majority proactive MPC

A published feasibility result for proactive MPC under separate passive, active, and mixed mobile-corruption bounds; this map is intentionally limited to exposed primary claims.

Official abstract, stated thresholds, and feasibility claim
  1. threat model

    Mobile refresh-period adversary

    abstract defined

    Corrupted parties may change across refresh periods and all parties may be visited over the computation lifetime; security is conditioned on per-period passive and active thresholds.

    Official abstract, stated thresholds, and feasibility claim
  2. definition

    Correctness, privacy, robustness, and identifiable abort

    abstract level

    The exposed source distinguishes privacy/correctness security from guaranteed completion: active faults may be detected and attributed while still forcing abort.

    Official abstract, stated thresholds, and feasibility claim
  3. claim group Exposed resilience claims abstract asserted

    The abstract reports separate bounds rather than one universal corruption threshold.

    Official abstract, stated thresholds, and feasibility claim
    1. claim

      Mixed corruption case

      abstract asserted proof unread

      For k active corruptions, the abstract states identifiable-abort security when total corruptions are fewer than n - k - 1; the full quantification and rounding conventions require body review.

      Official abstract, stated thresholds, and feasibility claim
  4. limitation group

    Unresolved audit obligations

    audit limitation

    Exact network/setup assumptions, adaptive versus static corruption details, erasure model, computation class, communication cost, security assumptions, and theorem statements remain unknown from the accessible primary material.

    Author upload, venue metadata, and public full-text indication
  5. scrutiny

    External scrutiny

    venue reviewed

    SCN publication indicates venue review. Review reports, artifact evaluation, independent proof checking, and reproduction are not represented.

    Official SCN publication identity

Source index

Locators state the depth of the current audit. PDF page numbers, where present, are one-based file pages; metadata-, summary-, and abstract-bounded records explicitly identify their limitations.

  1. Official abstract, stated thresholds, and feasibility claim Springer chapter abstract, accessed 2026-07-11
  2. Author upload, venue metadata, and public full-text indication ResearchGate publication page; content uploaded by Karim Eldefrawy, accessed 2026-07-11
  3. Later primary-source description of dishonest-majority proactive sharing lineage Sections 1.2-1.3, PDF pages 3-5
  4. Official SCN publication identity SCN 2018, DOI 10.1007/978-3-319-98113-0_11
  5. Dated citation-count snapshot OpenAlex reported 12 citing works on 2026-07-11