Applications of Multiparty Computation
Digital privacy continues to evolve as cryptosystems transition from academic theory to practical and applicable uses. One of the most common and user-friendly ways to safely share data is through secure multiparty computation (MPC). MPC enables multiple parties to jointly compute their inputs, or data, without sharing their underlying values.
Large-scale industries such as health care, finance, government, business, education, and public policy have discovered numerous real-world applications of multiparty computation. Secure MPC is an ideal protocol for addressing large-scale and complex computational needs. At the same time, MPC helps companies, institutions, and organizations protect the security of their data without relying on a third party.
Applications of Secure Multiparty Computation
Wide-scale data sharing on digital platforms, as embodied in the Internet of Things (IoT) and cloud computing, has changed the way data scientists look at accessing, sharing, and preserving critical data. The more data shared between parties, the higher the risk for attacks and data breaches. The risk of attacks has created a “zero-trust” system in which all data is considered vulnerable.
What Is Secure Multiparty Computation
Multiparty computation was first introduced as secure two-party computation (2PC) in 1982. Computer scientist Andrew Yao first proposed secure multiparty computation in the late 1980s, producing robust results that were primarily theoretical. However, companies, institutions, and organizations have only started utilizing MPC in real-world scenarios in the last fifteen years or so.
MPC protocols build upon a zero-trust system by allowing mutually distrustful parties to conduct “secret sharing.” Secret sharing enables multiple individuals to have pieces of the information they are sharing without any one individual having access to the entire computation. This allows parties to privately collaborate on large data sets.
To elucidate this, data scientists use the example of salary sharing between employees. There are three employees who want to find out the average of their salaries to determine if they are underpaid, but they don’t want to reveal their individual salaries. The first employee chooses a large number and adds their salary to the arbitrary number, then sends the second employee the result. The second employee repeats this process and sends the result to the third employee.
The third employee adds their salary and gives the final computation to the first employee. The first employee is then able to subtract the original arbitrary number they began with and divide that number by three. This final number is the average salary; however, none of the employees had to share their personal salary information to obtain it. This sort of practical yet mutually confidential information-sharing is a prime example of MPC in action.
Why Secure Multiparty Computation Is Required and Important
MPC preserves secret shares without jeopardizing data or disrupting the data sharing process. More importantly, MPC is considered “commercially ready” as it is already in use across industries, it is safe against quantum attacks, and its results are highly accurate. These desirable characteristics are what data scientists look for when analyzing the most efficient cryptographic solutions for digital privacy.
Why Secure MPC Is the Preferred Key Management and Protection Solution
Secure MPC has homomorphic properties as it allows multiple parties to collaboratively compute data without ever seeing the original inputs. However, unlike the complex algorithms required for homomorphic encryption, secure MPC uses the traditional cryptographic system known as Advanced Encryption Standard (AES). This industry standard algorithm makes MPC more accessible and user-friendly while also keeping data secure.
Secure MPC also enables cryptographic key splitting so that an attacker must guess from billions of combinations to unlock one key. This security application is one of the main reasons secure MPC is the most efficient cryptosystem for key management and protection solutions.
Business Process Engineering and Secure Multiparty Computation
More and more industries are transitioning digital assets from on-premise infrastructure to cloud-based infrastructure. While cloud computing is inexpensive and provides more flexibility for data sharing, it also creates an array of privacy concerns. Secure MPC protocols provide a viable solution for businesses to utilize for all cloud computing operations.
MPC has shifted the way data scientists look at network defense. Instead of uploading digital assets into one impermeable centralized location, MPC distributes pieces of the data to multiple parties in varying locations. Therefore, a quantum computer would have to breach multiple cryptographic keys in order to get just one piece of information.
Where the Multiparty Computation Approach Has Been Used Successfully in Business Processing
As stated before, multiparty computation is used across large-scale industries for secure data sharing and analysis. Businesses are able to collaborate through secure computation with their competitors to gain conclusive industry insights. A great example of MPC’s success in business processing can be seen in financial institutions.
These institutions are continuously battling fraudulent attacks and scam activity. In order to successfully hinder financial crimes from occurring, they must access more data to understand the scope of the crimes and prevent them from happening. MPC enables financial institutions to share and analyze critical data without revealing any party’s security information. This has led to success in identifying various outliers that result in fraudulent transactions, identifying financial criminals, and attaining predictive accuracy to defend institutions against misuse.
In another real-world example of MPC application, in 2008 Danish farmers wanted to establish a market-clearing price for their beet product via an electronic auction. Through the employment of an MPC scheme, farmers were able to keep their bids confidential while also establishing a universal market price.
Lastly, MPC has created opportunities through public policy in the example of the gender wage gap study conducted by data scientists at Boston University. In this study, scientists used an MPC protocol to privately collect payroll data from surrounding Boston companies without knowing the actual salary totals. The encrypted data was then sent to Boston University’s server, where the aggregate differences of male and female salaries were computed. The MPC protocol allowed data scientists to discover that Boston’s women make seventy-seven cents for every dollar a man makes without knowing the actual pay totals from each company.
Security of the MPC Protocol
MPC protocols must be secured in order to be fully successful. This security depends on the complexity of the algorithm of the cryptographic primitives, or the building blocks for the cryptosystem. Without strong cryptographic primitives, the MPC protocol is vulnerable to quantum attacks.
The security risks of an MPC protocol also reflect the integrity of each party. For example, the first party can lie about the result and mislead other parties to change the output. Additionally, multiple parties can work together to misuse data; this is known as a “cohesion risk.” An MPC protocol cannot remain secure if more than one party is corrupted.
Social Need for Secure Multiparty Computation
The expansion of the 5G network and developments in 5G testing (PDF, 3 MB) are critical to improving broadband access and mass communication via IoT. Yet as the 5G network develops and evolves, so do the inevitable attempts at quantum attacks and security breaches. In order to advance connectivity between individuals, cloud-based platforms such as social networks must rely on secret-sharing protocols to protect user information while still collecting and analyzing data.
MPC protocols allow data scientists to successfully gain access to user information to enhance their connectivity experience without opening them up to potential data breaches. A great example of this is found in the development of predictive typing for smartphone users. Software engineers can build better predictive models for users through MPC without accessing the private information users type into their phones.
How Secure Multiparty Computation Will Reshape Data Privacy
MPC is reshaping data privacy across industries in real time, as well as for future use cases. One future use example can be found in computation in Air Traffic Management (ATM) and “slot trading.” Slot trading involves the trading of airport runway and gate slots between airlines. In order to successfully trade slots between airlines without divulging private business information, data analysts are considering the feasibility of MPC protocols.
The government is also looking at how to utilize secure MPC protocols to combat the opioid epidemic. In order to accurately collect overdose data, multiple parties must communicate highly sensitive data between governmental agencies, emergency response teams, and web platforms such as Google. The current obstacles to utilizing MPC in a government setting include overcoming legal concerns, costs, and cultural education on the benefits of MPC protocols.
The Purpose of Secure Multiparty Computation
Data collection that maintains digital privacy is critical for technological advancement. As mentioned previously, the overarching purpose of secure MPC is to allow data to be shared and analyzed without disrupting the data-sharing process. MPC creates a successful secret sharing platform that is efficient as well as secure. MPC also promotes productive competition between entities for the mutual benefit of the industry.
These qualities of secure MPC make it well suited to large-scale computational needs.
When Secure Multiparty Computation Should Be Used
Secure MPC should be used on large data sets when time is not an issue. For example, if MPC came into play when you accessed your bank account information, it could take approximately twenty minutes to complete the task, an unfeasible amount of time. However, in the context of working on research and data sets, twenty minutes is a relatively fast computation speed in cryptography.
Additionally, MPC should only be utilized when there is a strong cryptographic primitive and all parties performing the computation are only privy to the final output. Although MPC is not as computationally expensive as homomorphic encryption, there is significant communication overhead, which can be costly.
Lastly, secure MPC should be used to help companies to conduct data mining. Utilizing secure MPC to mine allows multiple parties to distribute and obtain data from one another without the risk of a privacy leak.
Statistical Analysis Methods Using Secure Multiparty Computation
The larger a data set, the more complex the statistical models are going to be. Additionally, the analysis of data sets is based on unseen inputs and missing data, so analysts must know the data type first before employing analysis methods to compute the data. The most common statistical analysis method is known as the “split and merge” method, which is performed on a linear regression algorithm.
In this method, the data gets split between subsets where independent computations are done. Each of the local computations is merged into one conclusive computation to produce the result. The data is then communicated and shared between parties. This split and merge method is considered the most efficient and least complex as it works with simple algorithms.
What the Multiparty Computation Approach Protects Against
In the quantum era and the world of fixed and mobile access, multiparty computation protocols attempt to protect all parties against adversarial attacks, including the future possibility of quantum attacks. A quantum threat is unique in that quantum computers have the potential to quickly break certain types of encryption that would be considered reasonably unbreakable by a classical computer. In a zero-trust system, cryptographers must ensure that secure MPC protocols are quantum-safe. This boils down to secure cryptographic primitives and algorithms that are not susceptible to quantum attacks.
Additionally, MPC protects against data leaks and corrupt parties who may be trying to alter or misuse the final data output. However, as stated before, only one party can be corrupt, or else the entire system will be breached.
Interested in joining IEEE Digital Privacy? IEEE Digital Privacy is an IEEE-wide effort dedicated to champion the digital privacy needs of the individuals. This initiative strives to bring the voice of technologists to the digital privacy discussion and solutions, incorporating a holistic approach to address privacy that also includes economic, legal, and social perspectives. Join the IEEE Digital Privacy Community to stay involved with the initiative program activities and connect with others in the field.