In adversarial context of MPC, the corruption behavior
refers to the assumptions about the corrupted parties’ deviation level from the protocol
specification. Three main types of corruption behaviors are: semi-honest, malicious, and
covert.
In practice, dealing with semi-honest corruption behavior is considered more feasible while malicious and covert corruption behavior are more challenging because
stronger security assumptions generally bring additional cost in terms of performance and practicality.
In this manner, the efficiency of MPC protocol dramatically decreases by demanding active security. For instance, GMW compiler states that any protocol that is based on semi-honest security can be converted to an actively secure protocol. However, it requires a large amount of complexity to provide ZK proof to every step of the protocol. On the other hand, BGW protocol can be actively secure by using verifiable secret sharing as an underlying scheme which also brings quadratically higher communication complexity.
I want to look into Static & Adaptive Security of MPC protocols from this point of view.
My questions are:
Is there any standard method to extend statically secure MPC protocol to adaptively secure protocol?
Is there any trade-off between designing adaptively secure MPC protocol instead of statically secure protocol and the other dimensions of the MPC (i.e. Commmunication, computation, round complexity or restriction on number of corrupted parties etc.) ?
