Systematizing Secure Computation for Research and Decision Support

Perry, Jason; Gupta, Debayan; Feigenbaum, Joan; Wright, Rebecca N.

doi:10.1007/978-3-319-10879-7_22

Cited by 12 publications

(7 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The underlying implicit assumptions in these frameworks motivate our discussion of the role-based framework in the next section, where these assumptions are made explicit and configurable by the various participating parties. An MPC system should allow solutions to reflect and utilize these asymmetries in a deployment scenario, and to assist in choosing the optimal primitives and protocols used in the system [43].…”

Section: Existing Approaches In Related Workmentioning

confidence: 99%

“…The performance evaluation tool can be utilized to automatically determine which implementation of the primitives to use, or to reduce the number of choices the designer has to manually analyze. There has been recent advances in this direction [43], where a large knowledge base spanning over 180 papers from the literature was compiled in addition to several metrics for comparing MPC protocols.…”

Section: Assisted Designmentioning

confidence: 99%

See 1 more Smart Citation

Role-Based Ecosystem for the Design, Development, and Deployment of Secure Multi-Party Data Analytics Applications

Lapets

Albab

Issa

et al. 2019

2019 IEEE Cybersecurity Development (SecDev)

View full text Add to dashboard Cite

Software applications that employ secure multi-party computation (MPC) can empower individuals and organizations to benefit from privacy-preserving data analyses when data sharing is encumbered by confidentiality concerns, legal constraints, or corporate policies. MPC is already being incorporated into software solutions in some domains; however, individual use cases do not fully convey the variety, extent, and complexity of the opportunities of MPC. This position paper articulates a rolebased perspective that can provide some insight into how future research directions, infrastructure development and evaluation approaches, and deployment practices for MPC may evolve. Drawing on our own lessons from existing real-world deployments and the fundamental characteristics of MPC that make it a compelling technology, we propose a role-based conceptual framework for describing MPC deployment scenarios. Our framework acknowledges and leverages a novel assortment of roles that emerge from the fundamental ways in which MPC protocols support federation of functionalities and responsibilities. Defining these roles using the new opportunities for federation that MPC enables in turn can help identify and organize the capabilities, concerns, incentives, and trade-offs that affect the entities (software engineers, government regulators, corporate executives, end-users, and others) that participate in an MPC deployment scenario. This framework can not only guide the development of an ecosystem of modular and composable MPC tools, but can make explicit some of the opportunities that researchers and software engineers (and any organizations they form) have to differentiate and specialize the artifacts and services they choose to design, develop, and deploy. We demonstrate how this framework can be used to describe existing MPC deployment scenarios, how new opportunities in a scenario can be observed by disentangling roles inhabited by the involved parties, and how this can motivate the development of MPC libraries and software tools that specialize not by application domain but by role.

show abstract

Section: Existing Approaches In Related Workmentioning

confidence: 99%

Section: Assisted Designmentioning

confidence: 99%

Role-Based Ecosystem for the Design, Development, and Deployment of Secure Multi-Party Data Analytics Applications

Lapets

Albab

Issa

et al. 2019

2019 IEEE Cybersecurity Development (SecDev)

View full text Add to dashboard Cite

show abstract

“…Multi-party computation has been used for privacy-preserving ML [12]. Made possible by a range of cryptographic primitives, MPC [10,11,4] allows multiple parties to compute a function without revealing the inputs of any individual party (beyond what is implied by the output). Several schemes have already been proposed for privacy-preserving FL using MPC [14], but these often take a very long time to train, and may also incur high data-transmission costs.…”

Section: Introductionmentioning

confidence: 99%

Flatee: Federated Learning Across Trusted Execution Environments

Mondal¹,

More²,

Rooparaghunath³

et al. 2021

Preprint

Self Cite

View full text Add to dashboard Cite

Federated learning allows us to distributively train a machine learning model where multiple parties share local model parameters without sharing private data. However, parameter exchange may still leak information. Several approaches have been proposed to overcome this, based on multi-party computation, fully homomorphic encryption, etc.; many of these protocols are slow and impractical for real-world use as they involve a large number of cryptographic operations. In this paper, we propose the use of Trusted Execution Environments (TEE), which provide a platform for isolated execution of code and handling of data, for this purpose. We describe Flatee, an efficient privacy-preserving federated learning framework across TEEs, which considerably reduces training and communication time. Our framework can handle malicious parties (we do not natively solve adversarial data poisoning, though we describe a preliminary approach to handle this).

show abstract

“…The authors of Frigate [101] include a short survey of existing MPC frameworks, which focuses on correctness and covers a slightly older body of work. The SSC protocol comparison tool [105], [106], [107] allows users to find published protocols matching certain security or privacy criteria, but this tool classifies theoretical protocols rather than implementations and does not include protocols developed in the past few years. The awesome-mpc repository [115] provides an up-to-date list of compilers, back-ends and special-purpose protocols, with a short description of each.…”

Section: Introductionmentioning

confidence: 99%

SoK: General Purpose Compilers for Secure Multi-Party Computation

Hastings

Hemenway

Noble

et al. 2019

2019 IEEE Symposium on Security and Privacy (SP)

104

View full text Add to dashboard Cite

Secure multi-party computation (MPC) allows a group of mutually distrustful parties to compute a joint function on their inputs without revealing any information beyond the result of the computation. This type of computation is extremely powerful and has wide-ranging applications in academia, industry, and government. Protocols for secure computation have existed for decades, but only recently have general-purpose compilers for executing MPC on arbitrary functions been developed. These projects rapidly improved the state of the art, and began to make MPC accessible to non-expert users. However, the field is changing so rapidly that it is difficult even for experts to keep track of the varied capabilities of modern frameworks.In this work, we survey general-purpose compilers for secure multi-party computation. These tools provide high-level abstractions to describe arbitrary functions and execute secure computation protocols. We consider eleven systems: EMP-toolkit, Obliv-C, ObliVM, TinyGarble, SCALE-MAMBA (formerly SPDZ), Wysteria, Sharemind, PICCO, ABY, Frigate and CBMC-GC. We evaluate these systems on a range of criteria, including language expressibility, capabilities of the cryptographic back-end, and accessibility to developers. We advocate for improved documentation of MPC frameworks, standardization within the community, and make recommendations for future directions in compiler development. Installing and running these systems can be challenging, and for each system, we also provide a complete virtual environment (Docker container) with all the necessary dependencies to run the compiler and our example programs.

show abstract

Systematizing Secure Computation for Research and Decision Support

Cited by 12 publications

References 29 publications

Role-Based Ecosystem for the Design, Development, and Deployment of Secure Multi-Party Data Analytics Applications

Role-Based Ecosystem for the Design, Development, and Deployment of Secure Multi-Party Data Analytics Applications

Flatee: Federated Learning Across Trusted Execution Environments

SoK: General Purpose Compilers for Secure Multi-Party Computation

Contact Info

Product

Resources

About