A Pragmatic Introduction to

Secure Multi-Party Computation

Secure multi-party computation (MPC) has evolved from a theoretical curiosity in the 1980s to a tool for building real systems today. Over the past decade, MPC has been one of the most active research areas in both theoretical and applied cryptography. This book introduces several important MPC protocols, and surveys methods for improving the efficiency of privacy-preserving applications built using MPC. Besides giving a broad overview of the field and the insights of the main constructions, we overview the most currently active areas of MPC research and aim to give readers insights into what problems are practically solvable using MPC today and how different threat models and assumptions impact the practicality of different approaches.

Full Text (PDF) (Last update: 19 September 2020; Errata)

NOW Publishers, December 2018: Publishers Page

Contents

PDF] 1 Introduction 1.1 Outsourced Computation 1.2 Multi-Party Computation 1.3 MPC Applications 1.4 Overview PDF] 2 Defining Multi-Party Computation 2.1 Notations and Conventions 2.2 Basic Primitives 2.3 Security of Multi-Party Computation 2.4 Specific Functionalities of Interest 2.5 Further Reading PDF] 3 Fundamental MPC Protocols 3.1 Yao's Garbled Circuits Protocol 3.2 Goldreich-Micali-Wigderson (GMW) Protocol 3.3 BGW protocol 3.4 MPC From Preprocessed Multiplication Triples 3.5 Constant-Round Multi-Party Computation: BMR 3.6 Information-Theoretic Garbled Circuits 3.7 Oblivious Transfer 3.8 Custom Protocols 3.9 Further Reading PDF] 4 Implementation Techniques 4.1 Less Expensive Garbling 4.2 Optimizing Circuits 4.3 Protocol Execution 4.4 Programming Tools 4.5 Further Reading PDF] 5 Oblivious Data Structures 5.1 Tailored Oblivious Data Structures 5.2 RAM-Based MPC 5.3 Tree-Based RAM-MPC 5.4 Square-Root RAM-MPC 5.5 Floram 5.6 Further Reading PDF] 6 Malicious Security 6.1 Cut-and-Choose 6.2 Input Recovery Technique 6.3 Batched Cut-and-Choose 6.4 Gate-level Cut-and-Choose: LEGO 6.5 Zero-Knowledge Proofs 6.6 Authenticated Secret Sharing: BDOZ and SPDZ 6.7 Authenticated Garbling 6.8 Further Reading PDF] 7 Alternative Threat Models 7.1 Honest Majority 7.2 Asymmetric Trust 7.3 Covert Security 7.4 Publicly Verifiable Covert (PVC) Security 7.5 Reducing Communication in Cut-and-Choose Protocols 7.6 Trading Off Leakage for Efficiency 7.7 Further Reading PDF] 8 Conclusion PDF] References

Adoptions

We are aware of parts of this book being used in the following courses:

Boston University CS 791/JD 673 / UC Berkeley CS 294, Law for Algorithms

Ran Canetti (BU CS), Stacey Dogan (BU Law), Aloni Cohen (BU CS & Law), Shafi Goldwasser (UC Berkeley CS), Frank Partnoy (UC Berkeley Law)

Brown CS 2950, Topics in Applied Cryptography: Crypto for Social Good

Seny Kamara

George Washington University GWU CSIC 3907-83/6907-81, Advanced Cryptography

Arkady Yerukhimovich

Stanford CS 355, Topics in Cryptography

Saba Eskandarian, Dima Kogan, and Florian Tramèr

If you know of other courses using the book, please let me know.