-
7/26/2019 Secure Multi-party Computation
1/28
Secure Multi-party
ComputationWhat it is, and why youd care
Manoj Prabhakaran
University of Illinois, Urbana-Champaign
-
7/26/2019 Secure Multi-party Computation
2/28
SMC
-
7/26/2019 Secure Multi-party Computation
3/28
SMC
SMC conceived more than 30 years back
-
7/26/2019 Secure Multi-party Computation
4/28
SMC
SMC conceived more than 30 years back
A very general concept that subsumes the bulk of
theoretical cryptography
-
7/26/2019 Secure Multi-party Computation
5/28
SMC
SMC conceived more than 30 years back
A very general concept that subsumes the bulk of
theoretical cryptography
Largely a well-kept secret
-
7/26/2019 Secure Multi-party Computation
6/28
SMC: the question
-
7/26/2019 Secure Multi-party Computation
7/28
SMC: the question
Collaboration without trust?
-
7/26/2019 Secure Multi-party Computation
8/28
-
7/26/2019 Secure Multi-party Computation
9/28
SMC: the question
Collaboration without trust?
Collaboration: compute on collective data belonging to
different parties
e.g. query with me, database with you
-
7/26/2019 Secure Multi-party Computation
10/28
-
7/26/2019 Secure Multi-party Computation
11/28
SMC: the question
Collaboration without trust?
Collaboration: compute on collective data belonging to
different parties
e.g. query with me, database with you
e.g. query with me, encrypted database with you, key
with someone else
Goal: Nothing should be revealed beyond the result
-
7/26/2019 Secure Multi-party Computation
12/28
SMC: the question
Collaboration without trust?
Collaboration: compute on collective data belonging to
different parties
e.g. query with me, database with you
e.g. query with me, encrypted database with you, key
with someone else
Goal: Nothing should be revealed beyond the result
Ideally: Use a trusted third party
-
7/26/2019 Secure Multi-party Computation
13/28
SMC: the question
Collaboration without trust?
Collaboration: compute on collective data belonging to
different parties
e.g. query with me, database with you
e.g. query with me, encrypted database with you, key
with someone else
Goal: Nothing should be revealed beyond the result
Ideally: Use a trusted third party
Really: Cant agree on a trusted party. So...
-
7/26/2019 Secure Multi-party Computation
14/28
SMC: the answer
-
7/26/2019 Secure Multi-party Computation
15/28
SMC: the answer
SMC protocol: among mutually distrusting parties, to
emulate the presence of a globally trusted party
-
7/26/2019 Secure Multi-party Computation
16/28
-
7/26/2019 Secure Multi-party Computation
17/28
SMC: the answer
SMC protocol: among mutually distrusting parties, to
emulate the presence of a globally trusted party
Numerous protocols in literature for various
functionalities,
in various settings
Tools: Verifiable secret-sharing, homomorphic encryptions,
commitments, ZK proofs, oblivious transfer, ...
-
7/26/2019 Secure Multi-party Computation
18/28
-
7/26/2019 Secure Multi-party Computation
19/28
SMC: the answer
SMC protocol: among mutually distrusting parties, to
emulate the presence of a globally trusted party
Numerous protocols in literature for various
functionalities,
in various settings
Tools: Verifiable secret-sharing, homomorphic encryptions,
commitments, ZK proofs, oblivious transfer, ...
Simpler protocols if some trust already present
Honest-but-curious
-
7/26/2019 Secure Multi-party Computation
20/28
SMC: the answer
SMC protocol: among mutually distrusting parties, to
emulate the presence of a globally trusted party
Numerous protocols in literature for various
functionalities,
in various settings
Tools: Verifiable secret-sharing, homomorphic encryptions,
commitments, ZK proofs, oblivious transfer, ...
Simpler protocols if some trust already present
Honest-but-curious
Honest-majority
-
7/26/2019 Secure Multi-party Computation
21/28
SMC: the answer
SMC protocol: among mutually distrusting parties, to
emulate the presence of a globally trusted party
Numerous protocols in literature for various
functionalities,
in various settings
Tools: Verifiable secret-sharing, homomorphic encryptions,
commitments, ZK proofs, oblivious transfer, ...
Simpler protocols if some trust already present
Honest-but-curious
Honest-majority
Simple (offline) trusted sources
-
7/26/2019 Secure Multi-party Computation
22/28
SMC in GENI?
-
7/26/2019 Secure Multi-party Computation
23/28
SMC in GENI?
Where privacy is needed
-
7/26/2019 Secure Multi-party Computation
24/28
SMC in GENI?
Where privacy is needed
e.g. Measurement archives held by a virtualtrusted party
-
7/26/2019 Secure Multi-party Computation
25/28
SMC in GENI?
Where privacy is needed
e.g. Measurement archives held by a virtualtrusted party
Secure distributed storage and computation (secure
unless servers corrupt)
-
7/26/2019 Secure Multi-party Computation
26/28
SMC in GENI?
Where privacy is needed
e.g. Measurement archives held by a virtualtrusted party
Secure distributed storage and computation (secure
unless servers corrupt)
May use honest majority in a federation
-
7/26/2019 Secure Multi-party Computation
27/28
SMC in GENI?
Where privacy is needed
e.g. Measurement archives held by a virtualtrusted party
Secure distributed storage and computation (secure
unless servers corrupt)
May use honest majority in a federation
Provide SMC as an experiment support service?
-
7/26/2019 Secure Multi-party Computation
28/28
SMC in GENI?
Where privacy is needed
e.g. Measurement archives held by a virtualtrusted party
Secure distributed storage and computation (secure
unless servers corrupt)
May use honest majority in a federation
Provide SMC as an experiment support service?
SMC offers a whole range of novel applications
