Common use of Previous Work Clause in Contracts

Previous Work. Broadcast: For the standard communication model with a complete synchro- nous network of pairwise authenticated channels, Pease, Shostak, and ▇▇▇- port [PSL80] proved that perfectly secure broadcast is achievable if and only if less than a third of the players is corrupted: t < n/3. This tight bound more generally holds with respect to a network of secure channels and unconditional security, i.e., when even allowing a negligible error probability, as proven by ▇▇▇▇▇▇ and ▇▇▇ [KY]. The first optimally resilient protocol that is efficient was proposed by ▇▇▇▇▇ et al. [DFF+82]. For the case that broadcast among ev- ery subset of three players is possible (in contrast to the standard model with only pairwise communication), Fitzi and ▇▇▇▇▇▇ [FM00] proved that (global) broadcast is possible if and only if t < n/2. In another line of research, ▇▇▇▇- ▇▇▇▇▇▇▇, ▇▇▇▇▇▇▇▇▇, and ▇▇▇▇▇▇▇ [BPW91,PW92] proved that broadcast during some precomputation stage allows to later achieve broadcast that tolerates any number of corrupted players (t < n), i.e., that the functionality of the prior broadcast can be preserved for any later time. Multi-party computation: The concept of general multi-party computation (MPC) was introduced by ▇▇▇ [Yao82] with a first complete solution given by Goldreich, ▇▇▇▇▇▇, and ▇▇▇▇▇▇▇▇▇ [GMW87] – though with computational se- curity. Ben-Or, ▇▇▇▇▇▇▇▇▇▇, and ▇▇▇▇▇▇▇▇▇ [BGW88], and, ▇▇▇▇▇, ▇▇´epeau, ⊥ 1 That is, interpreting as “invalid”, this condition expresses that no two correct players may decide on valid values that are distinct. and Damg˚ard [CCD88], proved that, in the standard model with pairwise se- cure channels, unconditionally secure MPC is achievable if and only if t < n/3 by giving efficient protocols for the achievable cases. Beaver [Bea89], and inde- pendently, ▇▇▇▇▇ and ▇▇▇-Or [RB89] later proved that, when additionally given global broadcast among the players, unconditionally secure MPC is achievable if and only if t < n/2 (see also ▇▇▇▇▇▇ et al. [CDD+99]). The result in [FM00] hence implies that broadcast among three players (i.e., 2-cast) is sufficient in order to achieve MPC for t < n/2.

Previous Work. Broadcast: For the standard communication model with a complete synchro- nous network of pairwise authenticated channels, Pease, Shostak, and ▇▇▇- port [PSL80] proved that perfectly secure broadcast is achievable if and only if less than a third of the players is corrupted: t < n/3. This tight bound more generally holds with respect to a network of secure channels and unconditional security, i.e., when even allowing a negligible error probability, as proven by ▇▇▇▇▇▇ and ▇▇▇ Yao [KY]. The first optimally resilient protocol that is efficient was proposed by ▇▇▇▇▇ Dolev et al. [DFF+82]. For the case that broadcast among ev- ery subset of three players is possible (in contrast to the standard model with only pairwise communication), Fitzi and ▇▇▇▇▇▇ [FM00] proved that (global) broadcast is possible if and only if t < n/2. In another line of research, ▇▇▇▇- ▇▇▇▇▇▇▇, ▇▇▇▇▇▇▇▇▇Pfitzmann, and ▇▇▇▇▇▇▇ Waidner [BPW91,PW92] proved that broadcast during some precomputation stage allows to later achieve broadcast that tolerates any number of corrupted players (t < n), i.e., that the functionality of the prior broadcast can be preserved for any later time. Multi-party computation: The concept of general multi-party computation (MPC) was introduced by ▇▇▇ Yao [Yao82] with a first complete solution given by 1 That is, interpreting ⊥ as “invalid”, this condition expresses that no two correct players may decide on valid values that are distinct. Goldreich, ▇▇▇▇▇▇Micali, and ▇▇▇▇▇▇▇▇▇ Wigderson [GMW87] – — though with computational se- curity. Ben-Or, ▇▇▇▇▇▇▇▇▇▇, and ▇▇▇▇▇▇▇▇▇ Wigderson [BGW88], and, ▇▇▇▇▇, ▇▇´epeau, ⊥ 1 That is, interpreting as “invalid”, this condition expresses that no two correct players may decide on valid values that are distinct. and Damg˚ard [CCD88], proved that, in the standard model with pairwise se- cure channels, unconditionally secure MPC is achievable if and only if t < n/3 by giving efficient protocols for the achievable cases. Beaver [Bea89], and inde- pendently, ▇▇▇▇▇ and ▇▇▇-Or [RB89] later proved that, when additionally given global broadcast among the players, unconditionally secure MPC is achievable if and only if t < n/2 (see also ▇▇▇▇▇▇ et al. [CDD+99]). The result in [FM00] hence implies that broadcast among three players (i.e., 2-cast) is sufficient in order to achieve MPC for t < n/2.

Previous Work. Broadcast: For the standard communication model with a complete synchro- nous network of pairwise authenticated channels, Pease, Shostak, and ▇▇▇- port [PSL80] proved that perfectly secure broadcast is achievable if and only if less than a third of the players is corrupted: t < n/3. This tight bound more generally holds with respect to a network of secure channels and unconditional security, i.e., when even allowing a negligible error probability, as proven by ▇▇▇▇▇▇ and ▇▇▇ Yao [KY]. The first optimally resilient protocol that is efficient was proposed by ▇▇▇▇▇ Dolev et al. [DFF+82]. For the case that broadcast among ev- ery subset of three players is possible (in contrast to the standard model with only pairwise communication), Fitzi and ▇▇▇▇▇▇ [FM00] proved that (global) broadcast is possible if and only if t < n/2. In another line of research, ▇▇▇▇- ▇▇▇▇▇▇▇, ▇▇▇▇▇▇▇▇▇Pfitzmann, and ▇▇▇▇▇▇▇ [BPW91,PW92] proved that broadcast during some precomputation stage allows to later achieve broadcast that tolerates any number of corrupted players (t < n), i.e., that the functionality of the prior broadcast can be preserved for any later time. Multi-party computation: The concept of general multi-party computation (MPC) was introduced by ▇▇▇ [Yao82] with a first complete solution given by 3 That is, interpreting ⊥ as “invalid”, this condition expresses that no two correct players may decide on valid values that are distinct. Goldreich, ▇▇▇▇▇▇Micali, and ▇▇▇▇▇▇▇▇▇ Wigderson [GMW87] – — though with computational se- curity. Ben-Or, ▇▇▇▇▇▇▇▇▇▇, and ▇▇▇▇▇▇▇▇▇ Wigderson [BGW88], and, ▇▇▇▇▇, ▇▇´epeau, ⊥ 1 That is, interpreting as “invalid”, this condition expresses that no two correct players may decide on valid values that are distinct. and Damg˚ard [CCD88], proved that, in the standard model with pairwise se- cure channels, unconditionally secure MPC is achievable if and only if t < n/3 by giving efficient protocols for the achievable cases. Beaver [Bea89], and inde- pendently, ▇▇▇▇▇ and ▇▇▇-Or [RB89] later proved that, when additionally given global broadcast among the players, unconditionally secure MPC is achievable if and only if t < n/2 (see also ▇▇▇▇▇▇ et al. [CDD+99]). The result in [FM00] hence implies that broadcast among three players (i.e., 2-cast) is sufficient in order to achieve MPC for t < n/2.