Practical Password-Based Authentication Protocol for Secret Sharing Based Multiparty Computation

The speed of secret sharing (SS)-based multiparty computation (MPC) has recently increased greatly, and several efforts to implement and use it have been put into practice. Authentication of clients is one critical mechanism for implementing SS-based MPC successfully in practice. We propose a password-based authentication protocol for SS-based MPC. Our protocol is secure in the presence of secure channels, and it is optimized for practical use with SS-based MPC in the following ways. - Threshold security: Our protocol is secure in the honest majority, which is necessary and sufficient since most practical results on SS-based MPC are secure in the same environment. - Establishing distinct channels: After our protocol, a client has distinct secure and two-way authenticated channels to each server, which is necessary for SS-based MPC and different from the usual setting. - Ease of implementation: Our protocol consists of SS and operations involving SS, which can be reused from an implementation of SS-based MPC. Furthermore, we implemented our protocol with an optimization for the realistic network and confirm that the protocol is practical. A client received the result within 2 s even when the network delay was 200 ms, which is almost the delay that occurs between Japan and Europe.