Periodic Reporting for period 4 - IMPaCT (Implementing Multi-Party Computation Technology)
Reporting period: 2021-01-01 to 2022-03-31
Multi-party computation (MPC) deals with the problem of jointly computing a function with input obtained from a set of distinct (possibly mutually distrusting) parties. It has a long story in the cryptographic literature, with the origins being found way back in the early 1980s, with the work of Yao. The basic scenario is that a group of parties wish to compute a given function on their private inputs. For example, suppose we have four parties Alice, Bob, Charlie and David. Alice has input x, Bob has input y, Charlie has input z, David has input w. They want to compute the value of the function F(x,y,z) = max(x,y,z,w). For example the values could represent their wealth, and they want to work out who is the richest. To do so the parties engage in a protocol, by exchanging messages, and thus obtain the output of the desired function. The goal is that the output of the protocol is just the value of the function. All that the parties can learn is what they can learn from the output and their own input. So in the above example, if the output is z, then Charlie learns that his z is the maximum value, whereas Alice, Bob and David learn (if x, y, z and w are distinct), that their input is not equal to the maximum, and that the maximum held is equal to z. The basic scenario can be easily generalised to where the parties have several inputs and outputs, and the function outputs different values to different parties.
The goal of IMPaCT was to turn Multi-Party Computation (MPC) from its stage of development in 2016, in which we were beginning to obtain practical feasibility results, to a stage in which we have fully practical systems. It has long been acknowledged that MPC has the potential to provide a transformative change in the way security solutions are enabled. As it stood in 2016 this was only possible in some applications. Limited deployments were beginning to emerge; examples include a distributed database by Cybernetica (Estonia), a auction system by Partisia (Denmark), a threat mitigation system by Unbound Security (Israel) and a datasystem by SAP (Germany). However, in turning MPC into a fully practical technology a number of key scientific challenges need to be solved; many of which have not yet even been considered in the theoretical literature. The IMPaCT project aimed to address this scientific gap, bridge it, and so provide the tools for a future road-map in which MPC can be deployed as a widespread tool; as ubiquitous as encryption and digital signatures are today.
One can now claim that the practical feasibility of MPC has been established. The next task is to scale up the potential application areas, as well as the performance and data throughput of MPC systems. At the same time we need to be able to scientifically assess the performance of such systems without needing to deploy them; we need to understand how to improve performance for important practical problem; we need to be able to deal with more realistic run time environments such as asynchronous networks; we need to quantify the additional security obtained from utilizing MPC; and we need to examine how different (less stringent) adversary structures can enable a step change in performance. Thus whilst feasibility is established a lot of basic research still needs to be done.
The scientific approach in IMPaCT was to investigate new MPC protocols and techniques which take into account practical constraints and issues which would arise in future application scenarios. Our work, despite being scientifically rigorous and driven from deep theoretical insight, was grounded in practical considerations. Almost all systems and protocols proposed were prototyped, so as to ensure that practical real world issues are taken into account. In addition we used our extensive industrial linkages to ensure a two way dialogue between potential users and the developers of MPC technology; thus helping to embed future impact of the work in IMPaCT.
The goal of IMPaCT was to turn Multi-Party Computation (MPC) from its stage of development in 2016, in which we were beginning to obtain practical feasibility results, to a stage in which we have fully practical systems. It has long been acknowledged that MPC has the potential to provide a transformative change in the way security solutions are enabled. As it stood in 2016 this was only possible in some applications. Limited deployments were beginning to emerge; examples include a distributed database by Cybernetica (Estonia), a auction system by Partisia (Denmark), a threat mitigation system by Unbound Security (Israel) and a datasystem by SAP (Germany). However, in turning MPC into a fully practical technology a number of key scientific challenges need to be solved; many of which have not yet even been considered in the theoretical literature. The IMPaCT project aimed to address this scientific gap, bridge it, and so provide the tools for a future road-map in which MPC can be deployed as a widespread tool; as ubiquitous as encryption and digital signatures are today.
One can now claim that the practical feasibility of MPC has been established. The next task is to scale up the potential application areas, as well as the performance and data throughput of MPC systems. At the same time we need to be able to scientifically assess the performance of such systems without needing to deploy them; we need to understand how to improve performance for important practical problem; we need to be able to deal with more realistic run time environments such as asynchronous networks; we need to quantify the additional security obtained from utilizing MPC; and we need to examine how different (less stringent) adversary structures can enable a step change in performance. Thus whilst feasibility is established a lot of basic research still needs to be done.
The scientific approach in IMPaCT was to investigate new MPC protocols and techniques which take into account practical constraints and issues which would arise in future application scenarios. Our work, despite being scientifically rigorous and driven from deep theoretical insight, was grounded in practical considerations. Almost all systems and protocols proposed were prototyped, so as to ensure that practical real world issues are taken into account. In addition we used our extensive industrial linkages to ensure a two way dialogue between potential users and the developers of MPC technology; thus helping to embed future impact of the work in IMPaCT.
A major component of the work was the development of the SCALE-MAMBA open source MPC system. We used this system to benchmark and validate a number of our results. This system derive from the earlier SPDZ system we developed at the University of Bristol. However, using work in IMPaCT this has been expanded to a number of other types of MPC protocol. In particular this has been used to develop our techniques related to different access structures, and in addition to look at combining different types of MPC application.
The system has been incorporated into a secure database system called Jana by some collaborators in the United States, and the Jana system has been demonstrated in a number of application domains relevant to the US governments activity in "Evidenced based policy making". We have also had a number of companies interested in using our system to investigate possible commercial application around MPC. These companies have come from around the globe including China, France, Japan, Switzerland and the United States.
The system has been incorporated into a secure database system called Jana by some collaborators in the United States, and the Jana system has been demonstrated in a number of application domains relevant to the US governments activity in "Evidenced based policy making". We have also had a number of companies interested in using our system to investigate possible commercial application around MPC. These companies have come from around the globe including China, France, Japan, Switzerland and the United States.
We developed a number of improvements to MPC protocols; both at the high level end of new MPC protocols, but also in the area of sub-protocols to perform computer arithmetic within an MPC system.
The project developed a number of application areas: Ranging from processing encrypted image data, through to financial transaction data.
We developed the emerging application of MPC ideas to the area of zero-knowledge proofs (the so-called paradigm of MPC-in-the-Head). This led us to develop a number of new post-quantum signature algorithms.
We examined a number of applications of MPC technology in the field of threshold cryptography. Particularly in relation to the emerging field of post-quantum cryptography. Here we examined threshold post-quantum signatures, systems based on isogenies, as well as a novel construction of a threshold Post-Quantum decryption algorithm.
The project developed a number of application areas: Ranging from processing encrypted image data, through to financial transaction data.
We developed the emerging application of MPC ideas to the area of zero-knowledge proofs (the so-called paradigm of MPC-in-the-Head). This led us to develop a number of new post-quantum signature algorithms.
We examined a number of applications of MPC technology in the field of threshold cryptography. Particularly in relation to the emerging field of post-quantum cryptography. Here we examined threshold post-quantum signatures, systems based on isogenies, as well as a novel construction of a threshold Post-Quantum decryption algorithm.