Robust Publicly Verifiable Covert Security: Limited Information Leakage and Guaranteed Correctness with Low Overhead

Protocols with publicly verifiable covert (PVC) security offer high efficiency and an appealing feature: a covert party may deviate from the protocol, but with a probability (e.g., 90%, referred to as the deterrence factor), the honest party can identify this deviation and expose it using a publicly verifiable certificate. These protocols are particularly suitable for practical applications involving reputation-conscious parties. However, in the cases where misbehavior goes undetected (e.g., with a probability of 10%), no security guarantee is provided for the honest party, potentially resulting in a complete loss of input privacy and output correctness. In this paper, we tackle this critical problem by presenting a highly effective solution. We introduce and formally define an enhanced notion called robust PVC security, such that even if the misbehavior remains undetected, the malicious party can only gain an additional 1-bit of information about the honest party's input while maintaining the correctness of the output. We propose a novel approach leveraging dual execution and time-lock puzzles to design a robust PVC-secure two-party protocol with low overhead (depending on the deterrence factor). For instance, with a deterrence factor of 90%, our robust PVC-secure protocol incurs only additional similar to 10% overhead compared to the state-of-the-art PVC-secure protocol. Given the stronger security guarantees with low overhead, our protocol is highly suitable for practical applications of secure two-party computation.