Author:
Henry Narits

Doctoral defence: Pille Pullonen-Raudvere “Foundations of efficient and secure algorithm development for secure multiparty computation“

On 13 August at 13:00, Pille Pullonen-Raudvere will defend her thesis "Foundations of efficient and secure algorithm development for secure multiparty computation to obtain the degree of Doctor of Philosophy (in Computer Science). 

Supervisors:
Associate Professor Sven Laur, University of Tartu
Dan Bogdanov, Cybernetica AS

Opponents: 
Associate Professor Mayank Varia, Boston University (USA)  
Associate Professor Bernardo Machado David, IT University of Copenhagen (Denmark)

Summary
Secure multiparty computation is a method for computing on private inputs without disclosing anything but the computation outcome. There exist various protocols for such computations such as homomorphic encryption, secret sharing or garbled circuits as well as methods specialised for a specific computation task like information retrieval. This thesis focuses on programmable secure multiparty computation where any algorithms can be executed. Furthermore, some outputs may be published and used to choose the following computations. For example, a result may be published and used as a condition to determine the next step. 

In such a case, it is critical to precisely define the security of computations. Sometimes secure programs executing some algorithm publish more values than one would usually consider as the output of such algorithm. In this case, it is important to analyse that the protocol does not reveal more information about the private inputs by publishing these values. This thesis focuses on simplifying such proofs for two separate cases. 

First is the case where the protocol outputs do not reveal information about the inputs. If this happens, the commonly used security definitions are stronger than necessary. Instead, the thesis defines an input privacy property sufficient for such protocols. However, in many cases, input-private protocols can be extended to secure protocols. 

The second is the case where new complex algorithms are implemented using existing smaller secure computation functionalities as building blocks. For example, basic arithmetic operations are already defined and then used to implement some statistic tests. In existing formal frameworks, to prove the security of such algorithms, the prover has to work with many different details. This thesis derives an abstract execution model for secure multiparty computation protocols that can be used instead. In the abstract model, the prover can focus on the public values and the basic flow of the protocol execution. Under some natural restrictions about the secure computation framework and the protocol, the proof in the abstract model implies that security holds also in the standard model.

Did you find the necessary information? *
Thank you for the feedback!