Skip to main content
SpringerLink
Log in

The More the Merrier: Reducing the Cost of Large Scale MPC

  • Conference paper
  • First Online:
Advances in Cryptology – EUROCRYPT 2021 (EUROCRYPT 2021)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12697))

Abstract

Secure multi-party computation (MPC) allows multiple parties to perform secure joint computations on their private inputs. Today, applications for MPC are growing with thousands of parties wishing to build federated machine learning models or trusted setups for blockchains. To address such scenarios we propose a suite of novel MPC protocols that maximize throughput when run with large numbers of parties. In particular, our protocols have both communication and computation complexity that decrease with the number of parties. Our protocols buildon prior protocolsbased on packed secret-sharing, introducing new techniques to build more efficient computation for general circuits. Specifically, we introduce a new approach for handling linear attacks that arise in protocols using packed secret-sharing and we propose a method for unpacking shared multiplication triples without increasing the asymptotic costs. Compared with prior work, we avoid the \(\log |C|\) overhead required when generically compiling circuits of size |C| for use in a SIMD computation, and we improve over folklore “committee-based” solutions by a factor of O(s), the statistical security parameter. In practice, our protocol is up to 10X faster than any known construction, under a reasonable set of parameters.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 109.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 139.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    We are ignoring terms that do not depend on |C| or n.

  2. 2.

    Sometimes such experiments are run in cloud environments, which is useful for tens or hundreds of participants. However, we are interested in deployments involving tens or hundreds of thousands of participants. AWS has only 64 data centers, so testing with more parties than this would provide an inaccurate simulation of the network environment.

  3. 3.

    This estimate is for a malicious-secure protocol that generates unauthenticated triples, which suffice for semi-honest computation in the online phase. In Sect. 4.1, we present a known result for converting these to authenticated triples. The throughput in that setting is closer to 70 million triples per second.

  4. 4.

    Or commanded by Google.

  5. 5.

    There are advantages and disadvantages to varying the size of this committee, which we will discuss in depth in what follows. For now, we can assume that the online committee is in fact the entire network of n parties. In the “standard” approach to executing the online phase with n parties, the communication complexity is O(|C|) per party. We will address this as well.

  6. 6.

    Technically, since we are selecting many such committees, to guarantee that they all have at least one honest party requires a union bound over the number of committees, resulting in committees of size \(O(s + \log {n})\). However, since \(s > \log {n}\), we drop this \(\log {n}\) term in our asymptotic notation. However, we point out that our experimental results in Sect. 6 do account for this union bound.

  7. 7.

    This can be done regardless of the circuit structure, and does not require a wide circuit.

  8. 8.

    When analyzing total or average communication, there is no need to consider receiving complexity as the number of bits sent by all parties equals the number of bits received. But, when considering bottleneck complexity, one must make a distinction between the two. For example, if many parties send messages to one party, that party’s receiving bandwidth becomes the bottleneck. In fact, there are MPC protocols such as [37] that are bottlenecked by the receiving bandwidth of some of the parties.

  9. 9.

    Note that when we assume \(t < n/3\), we cannot construct committees of size O(s) that have the same corruption threshold. We therefore do not consider running Furukawa and Lindell in parallel. We could do so with larger, committees, or we could consider a smaller threshold, but we feel the current set of comparisons suffices for demonstrating the value of our protocol.

  10. 10.

    For example, to compute \([\alpha a]\) from \([\alpha ]\) and [a] using triple (xyz), the parties open \(a + x\) and \(\alpha + y\). Each locally fixes its share by computing \((a+x)[\alpha ] + (\alpha + y)[a] - (a+x)(\alpha + y) + [z]\).

  11. 11.

    Note that our offline phase has a computational bottleneck, so reducing the communication cost per triple might not lead to large improvement in runtime, though it still may reduce the dollar cost of communicating. Reducing the number of triples needed will reduce end-to-end runtime.

References

  1. libiop. https://github.com/scipr-lab/libiop

  2. Ames, S., Hazay, C., Ishai, Y., Venkitasubramaniam, M.: Ligero: Lightweight sublinear arguments without a trusted setup. In: Thuraisingham, B.M., Evans, D., Malkin, T., Xu, D. (eds.). ACM CCS 2017, pp. 2087–2104. ACM Press, October/November 2017

    Google Scholar 

  3. Baum, C., Cozzo, D., Smart, N.P.: Using TopGear in overdrive: a more efficient ZKPoK for SPDZ. In: Paterson, K.G., Stebila, D. (eds.) SAC 2019. LNCS, vol. 11959, pp. 274–302. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-38471-5_12

    Chapter  MATH  Google Scholar 

  4. Beaver, D.: Efficient multiparty protocols using circuit randomization. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 420–432. Springer, Heidelberg (1992). https://doi.org/10.1007/3-540-46766-1_34

    Chapter  Google Scholar 

  5. Beerliová-Trubíniová, Z., Hirt, M.: Perfectly-secure MPC with linear communication complexity. In: Canetti, R. (ed.) TCC 2008. LNCS, vol. 4948, pp. 213–230. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78524-8_13

    Chapter  Google Scholar 

  6. Boyle, E., Goldwasser, S., Tessaro, S.: Communication locality in secure multi-party computation. In: Sahai, A. (ed.) TCC 2013. LNCS, vol. 7785, pp. 356–376. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36594-2_21

    Chapter  Google Scholar 

  7. Boyle, E., Jain, A., Prabhakaran, M., Yu, C.-H.: The bottleneck complexity of secure multiparty computation. In: Chatzigiannakis, I., Kaklamanis, C., Marx, D., Sannella, D. (eds.). ICALP 2018, vol. 107. LIPIcs, pp. 24:1–24:16. Schloss Dagstuhl, July 2018

    Google Scholar 

  8. Bracha, G.: An o(log n) expected rounds randomized byzantine generals protocol. J. ACM 34(4), 910–920 (1987)

    Article  MathSciNet  Google Scholar 

  9. Chandran, N., Chongchitmate, W., Garay, J.A., Goldwasser, S., Ostrovsky, R., Zikas, V.: The hidden graph model: communication locality and optimal resiliency with adaptive faults. In: Roughgarden, T. (ed.) ITCS 2015, pp. 153–162. ACM, January 2015

    Google Scholar 

  10. Chida, K., et al.: Fast large-scale honest-majority MPC for malicious adversaries. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10993, pp. 34–64. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96878-0_2

    Chapter  Google Scholar 

  11. Choudhury, A., Patra, A.: Optimally resilient asynchronous MPC with linear communication complexity. In: Proceedings of the 2015 International Conference on Distributed Computing and Networking, ICDCN 2015, Goa, India, 4–7 January 2015, pp. 5:1–5:10 (2015)

    Google Scholar 

  12. Damgård, I., Ishai, Y.: Scalable secure multiparty computation. In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 501–520. Springer, Heidelberg (2006). https://doi.org/10.1007/11818175_30

    Chapter  Google Scholar 

  13. Damgård, I., Ishai, Y., Krøigaard, M.: Perfectly secure multiparty computation and the computational overhead of cryptography. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 445–465. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5_23

    Chapter  Google Scholar 

  14. Damgård, I., Keller, M., Larraia, E., Pastro, V., Scholl, P., Smart, N.P.: Practical covertly secure MPC for dishonest majority - or: Breaking the SPDZ limits. In: Crampton, J., Jajodia, S., Mayes, K. (eds.) ESORICS 2013. LNCS, vol. 8134, pp. 1–18. Springer, Heidelberg (2013)

    Google Scholar 

  15. Damgård, I., Nielsen, J.B.: Scalable and unconditionally secure multiparty computation. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 572–590. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74143-5_32

    Chapter  Google Scholar 

  16. Damgård, I., Pastro, V., Smart, N., Zakarias, S.: Multiparty computation from somewhat homomorphic encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 643–662. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_38

    Chapter  Google Scholar 

  17. Dani, V., King, V., Movahedi, M., Saia, J.: Quorums quicken queries: efficient asynchronous secure multiparty computation. In: Chatterjee, M., Cao, J., Kothapalli, K., Rajsbaum, S. (eds.) ICDCN 2014. LNCS, vol. 8314, pp. 242–256. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-45249-9_16

    Chapter  Google Scholar 

  18. Franklin, M.K., Yung, M.: Communication complexity of secure computation (extended abstract). In: 24th ACM STOC, pp. 699–710. ACM Press, May 1992

    Google Scholar 

  19. Frederiksen, T.K., Keller, M., Orsini, E., Scholl, P.: A unified approach to MPC with preprocessing using OT. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015. LNCS, vol. 9452, pp. 711–735. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48797-6_29

    Chapter  Google Scholar 

  20. Furukawa, J., Lindell, Y.: Two-thirds honest-majority MPC for malicious adversaries at almost the cost of semi-honest. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) ACM CCS 2019, pp. 1557–1571. ACM Press, November 2019

    Google Scholar 

  21. Garay, J., Ishai, Y., Ostrovsky, R., Zikas, V.: The price of low communication in secure multi-party computation. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10401, pp. 420–446. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63688-7_14

    Chapter  MATH  Google Scholar 

  22. Genkin, D.: Secure computation in hostile environments (Phd thesis) (2016)

    Google Scholar 

  23. Genkin, D., Ishai, Y., Polychroniadou, A.: Efficient multi-party computation: from passive to active security via secure SIMD circuits. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015. LNCS, vol. 9216, pp. 721–741. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48000-7_35

    Chapter  Google Scholar 

  24. Genkin, D., Ishai, Y., Prabhakaran, M., Sahai, A., Tromer, E.: Circuits resilient to additive attacks with applications to secure computation. In: Shmoys, D.B. (ed.) 46th ACM STOC, pp. 495–504. ACM Press, May/June 2014

    Google Scholar 

  25. Hazay, C., Ishai, Y., Marcedone, A., Venkitasubramaniam, M.: LevioSA: lightweight secure arithmetic computation. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) ACM CCS 2019, pp. 327–344. ACM Press, November 2019

    Google Scholar 

  26. Hazay, C., Orsini, E., Scholl, P., Soria-Vazquez, E.: Concretely efficient large-scale MPC with active security (or, TinyKeys for TinyOT). In: Peyrin, T., Galbraith, S. (eds.) ASIACRYPT 2018. LNCS, vol. 11274, pp. 86–117. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-03332-3_4

    Chapter  Google Scholar 

  27. Hazay, C., Orsini, E., Scholl, P., Soria-Vazquez, E.: TinyKeys: a new approach to efficient multi-party computation. In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10993, pp. 3–33. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96878-0_1

    Chapter  Google Scholar 

  28. Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Zero-knowledge from secure multiparty computation. In: Johnson, D.S., Feige, U. (eds.) 39th ACM STOC, pp. 21–30. ACM Press, June 2007

    Google Scholar 

  29. Jaiyeola, M.O., Patron, K., Saia, J., Young, M., Zhou, Q.M.: Good things come in LogLog(n)-sized packages: robustness with small quorums. CoRR, arXiv:1705.10387 (2017)

  30. Kairouz, P., et al.: Advances and open problems in federated learning (2019)

    Google Scholar 

  31. Keller, M., Orsini, E., Scholl, P.: MASCOT: faster malicious arithmetic secure computation with oblivious transfer. In: Weippl, E.R., Katzenbeisser, S., Kruegel, C., Myers, A.C., Halevi, S. (eds.) ACM CCS 2016, pp. 830–842. ACM Press, October 2016

    Google Scholar 

  32. Keller, M., Pastro, V., Rotaru, D.: Overdrive: making SPDZ great again. In: Nielsen, J.B., Rijmen, V. (eds.) EUROCRYPT 2018. LNCS, vol. 10822, pp. 158–189. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-78372-7_6

    Chapter  Google Scholar 

  33. Lindell, Y., Nof, A.: A framework for constructing fast MPC over arithmetic circuits with malicious adversaries and an honest-majority. In: Thuraisingham, B.M., Evans, D., Malkin, T., Xu, D., (eds.) ACM CCS 2017, pp. 259–276. ACM Press, October/November 2017

    Google Scholar 

  34. Nordholt, P.S., Veeningen, M.: Minimising communication in honest-majority MPC by batchwise multiplication verification. In: Preneel, B., Vercauteren, F. (eds.) ACNS 2018. LNCS, vol. 10892, pp. 321–339. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-93387-0_17

    Chapter  Google Scholar 

  35. Scholl, P., Smart, N.P., Wood, T.: When it’s all just too much: outsourcing MPC-preprocessing. In: O’Neill, M. (ed.) IMACC 2017. LNCS, vol. 10655, pp. 77–99. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-71045-7_4

    Chapter  Google Scholar 

  36. Wails, R., Johnson, A., Starin, D., Yerukhimovich, A., Gordon, S.D.: Stormy: statistics in tor by measuring securely. In: Cavallaro, L., Kinder, J., Wang, X., Katz, J. (eds.) ACM CCS 2019, pp. 615–632. ACM Press, November 2019

    Google Scholar 

  37. Wang, X., Ranellucci, S., Katz, J.: Global-scale secure multiparty computation. In: Thuraisingham, B.M., Evans, D., Malkin, T., Xu, D. (eds.) ACM CCS 2017, pp. 39–56. ACM Press, October/November 2017

    Google Scholar 

  38. Zamani, M., Movahedi, M., Saia, J.: Millions of millionaires: multiparty computation in large networks. Cryptology ePrint Archive, Report 2014/149 (2014). http://eprint.iacr.org/2014/149

  39. Zheng, C., Tang, Q., Lu, Q., Li, J., Zhou, Z., Liu, Q.: Janus: a user-level TCP stack for processing 40 million concurrent TCP connections. In: 2018 IEEE International Conference on Communications (ICC), pp. 1–7 (2018)

    Google Scholar 

Download references

Acknowledgments

The authors would like to thank the anonymous reviewers for many helpful comments. Arkady Yerukhimovich and Dov Gordon are supported by NSF grant 1955264. Arkady Yerukhimovich is also supported by a Facebook Research Award.

Author information

Authors and Affiliations

  1. George Mason University, Fairfax, USA

    S. Dov Gordon

  2. Perspecta Labs, Basking Ridge, USA

    Daniel Starin

  3. George Washington University, Washington, D.C., USA

    Arkady Yerukhimovich

Authors
  1. S. Dov Gordon
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Daniel Starin
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Arkady Yerukhimovich
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to S. Dov Gordon .

Editor information

Editors and Affiliations

  1. Inria, Paris, France

    Anne Canteaut

  2. UCLouvain, Louvain-la-Neuve, Belgium

    François-Xavier Standaert

Rights and permissions

Reprints and permissions

Copyright information

© 2021 International Association for Cryptologic Research

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Gordon, S.D., Starin, D., Yerukhimovich, A. (2021). The More the Merrier: Reducing the Cost of Large Scale MPC. In: Canteaut, A., Standaert, FX. (eds) Advances in Cryptology – EUROCRYPT 2021. EUROCRYPT 2021. Lecture Notes in Computer Science(), vol 12697. Springer, Cham. https://doi.org/10.1007/978-3-030-77886-6_24

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-77886-6_24

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-77885-9

  • Online ISBN: 978-3-030-77886-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Societies and partnerships

Search

Navigation