skip to main content
research-article

MOTION – A Framework for Mixed-Protocol Multi-Party Computation

Published:04 March 2022Publication History
Skip Abstract Section

Abstract

We present MOTION, an efficient and generic open-source framework for mixed-protocol secure multi-party computation (MPC). MOTION is built in a user-friendly, modular, and extensible way, intended to be used as a tool in MPC research and to increase adoption of MPC protocols in practice. Our framework incorporates several important engineering decisions such as full communication serialization, which enables MPC over arbitrary messaging interfaces and removes the need of owning network sockets. MOTION also incorporates several performance optimizations that improve the communication complexity and latency, e.g., \( 2\times \) better online round complexity of precomputed correlated Oblivious Transfer (OT).

We instantiate our framework with protocols for N parties and security against up to \( N-1 \) passive corruptions: the MPC protocols of Goldreich-Micali-Wigderson (GMW) in its arithmetic and Boolean version and OT-based BMR (Ben-Efraim et al., CCS’16), as well as novel and highly efficient conversions between them, including a non-interactive conversion from BMR to arithmetic GMW.

MOTION is highly efficient, which we demonstrate in our experiments. Compared to secure evaluation of AES-128 with \( N=3 \) parties in a high-latency network with OT-based BMR, we achieve a 16\( \times \) better throughput of 16 AES evaluations per second using BMR. With this, we show that BMR is much more competitive than previously assumed. For \( N=3 \) parties and full-threshold protocols in a LAN, MOTION is \( 10\times \)–\( 18\times \) faster than the previous best passively secure implementation from the MP-SPDZ framework, and \( 190\times \)–\( 586\times \) faster than the actively secure SCALE-MAMBA framework. Finally, we show that our framework is highly efficient for privacy-preserving neural network inference.

REFERENCES

  1. [1] Abril Victor Arribas, Maene Pieter, Mertens Nele, Sijacic Danilo, and Smart Nigel. 2019. “Bristol Fashion” MPC Circuits. https://homes.esat.kuleuven.be/nsmart/MPC/.Google ScholarGoogle Scholar
  2. [2] Aly Abdelrahaman, Keller Marcel, Rotaru Dragos, Scholl Peter, Smart Nigel P., and Wood Tim. 2018. SCALE-MAMBA. https://homes.esat.kuleuven.be/nsmart/SCALE/.Google ScholarGoogle Scholar
  3. [3] Aly Abdelrahaman, Orsini Emmanuela, Rotaru Dragos, Smart Nigel P., and Wood Tim. 2019. Zaphod: Efficiently Combing LSSS and Garbled Circuits in SCALE. In Workshop on Encrypted Computing & Applied Homomorphic Cryptography (WAHC’19). ACM.Google ScholarGoogle Scholar
  4. [4] Asharov Gilad, Lindell Yehuda, Schneider Thomas, and Zohner Michael. 2013. More efficient oblivious transfer and extensions for faster secure computation. In CCS’13. ACM.Google ScholarGoogle Scholar
  5. [5] Asharov Gilad, Lindell Yehuda, Schneider Thomas, and Zohner Michael. 2017. More efficient oblivious transfer extensions. JoC (2017).Google ScholarGoogle Scholar
  6. [6] Beaver Donald. 1991. Efficient multiparty protocols using circuit randomization. In CRYPTO’91. Springer.Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. [7] Beaver Donald. 1995. Precomputing oblivious transfer. In CRYPTO’95. Springer.Google ScholarGoogle Scholar
  8. [8] Beaver Donald, Micali Silvio, and Rogaway Phillip. 1990. The round complexity of secure protocols. In STOC’90. ACM.Google ScholarGoogle Scholar
  9. [9] Bellare Mihir, Hoang Viet Tung, Keelveedhi Sriram, and Rogaway Phillip. 2013. Efficient garbling from a fixed-key blockcipher. In S&P’13. IEEE.Google ScholarGoogle Scholar
  10. [10] Ben-David Assaf, Nisan Noam, and Pinkas Benny. 2008. FairplayMP: A system for secure multi-party computation. In CCS’08. ACM.Google ScholarGoogle Scholar
  11. [11] Ben-Efraim Aner, Lindell Yehuda, and Omri Eran. 2016. Optimizing semi-honest secure multiparty computation for the internet. In CCS’16. ACM.Google ScholarGoogle Scholar
  12. [12] Ben-Or Michael, Goldwasser Shafi, and Wigderson Avi. 1988. Completeness theorems for non-cryptographic fault-tolerant distributed computation. In STOC’88. ACM.Google ScholarGoogle Scholar
  13. [13] Blanton Marina and Gasti Paolo. 2011. Secure and efficient protocols for iris and fingerprint identification. In ESORICS’11, Atluri Vijay and Diaz Claudia (Eds.).Google ScholarGoogle Scholar
  14. [14] Bogdanov D., Laur S., and Willemson J.. 2008. Sharemind: A framework for fast privacy-preserving computations. In ESORICS’08 (LNCS). Springer.Google ScholarGoogle Scholar
  15. [15] Bogetoft P., Christensen D. L., Damgård I., Geisler M., Jakobsen T. P., Krøigaard M., Nielsen J. D., Nielsen J. B., Nielsen K., Pagter J., Schwartzbach M. I., and Toft T.. 2009. Secure multiparty computation goes live. In FC’09. Springer.Google ScholarGoogle Scholar
  16. [16] Boyle Elette, Couteau Geoffroy, Gilboa Niv, Ishai Yuval, Kohl Lisa, Rindal Peter, and Scholl Peter. 2019. Efficient two-round OT extension and silent non-interactive secure computation. In CCS’19. ACM.Google ScholarGoogle Scholar
  17. [17] Boyle Elette, Couteau Geoffroy, Gilboa Niv, Ishai Yuval, Kohl Lisa, and Scholl Peter. 2019. Efficient pseudorandom correlation generators: Silent OT extension and more. In CRYPTO’19. Springer.Google ScholarGoogle Scholar
  18. [18] Brandt Markus, Orlandi Claudio, Shishak Kris, and Shulman Haya. 2019. Optimizing transport layer for secure computation. IACR Cryptology ePrint Archive, Report 2019/836 (2019). https://ia.cr/2019/836.Google ScholarGoogle Scholar
  19. [19] Büscher Niklas, Demmler Daniel, Katzenbeisser Stefan, Kretzmer David, and Schneider Thomas. 2018. HyCC: Compilation of hybrid protocols for practical secure computation. In CCS’18. ACM.Google ScholarGoogle Scholar
  20. [20] Büscher Niklas, Holzer Andreas, Weber Alina, and Katzenbeisser Stefan. 2016. Compiling low depth circuits for practical secure computation. In ESORICS’16. Springer.Google ScholarGoogle Scholar
  21. [21] Chandran N., Gupta D., Rastogi A., Sharma R., and Tripathi S.. 2019. EzPC: Programmable and efficient secure two-party computation for machine learning. In EuroS&P’19. IEEE.Google ScholarGoogle Scholar
  22. [22] Chaudhari Harsh, Choudhury Ashish, Patra Arpita, and Suresh Ajith. 2019. ASTRA: High throughput 3PC over rings with application to secure prediction. In CCSW’19. ACM.Google ScholarGoogle Scholar
  23. [23] Choi Joseph I., Tian Dave, Hernandez Grant, Patton Christopher, Mood Benjamin, Shrimpton Thomas, Butler Kevin R. B., and Traynor Patrick. 2019. A hybrid approach to secure function evaluation using SGX. In ASIACCS’19. ACM.Google ScholarGoogle Scholar
  24. [24] Choi Seung Geol, Hwang Kyung-Wook, Katz Jonathan, Malkin Tal, and Rubenstein Dan. 2012. Secure multi-party computation of Boolean circuits with applications to privacy in on-line marketplaces. In CT-RSA’12. Springer.Google ScholarGoogle Scholar
  25. [25] Chou Tung and Orlandi Claudio. 2015. The simplest protocol for oblivious transfer. In LATINCRYPT. Springer.Google ScholarGoogle Scholar
  26. [26] Cramer Ronald, Damgård Ivan, Escudero Daniel, Scholl Peter, and Xing Chaoping. 2018. SPD\( \mathbb {Z}_{2^k} \): Efficient MPC mod \( 2^k \) for Dishonest Majority. In CRYPTO’18. Springer.Google ScholarGoogle Scholar
  27. [27] Damgård Ivan, Geisler Martin, Krøigaard Mikkel, and Nielsen Jesper Buus. 2009. Asynchronous multiparty computation: Theory and implementation. In CRYPTO’09. Springer.Google ScholarGoogle Scholar
  28. [28] Damgård Ivan, Keller Marcel, Larraia Enrique, Pastro Valerio, Scholl Peter, and Smart Nigel P.. 2013. Practical covertly secure MPC for dishonest majority - or: Breaking the SPDZ limits. In ESORICS’13. Springer.Google ScholarGoogle Scholar
  29. [29] Damgård I., Pastro V., Smart N. P., and Zakarias S.. [n. d.]. Multiparty computation from somewhat homomorphic encryption. In CRYPTO’12. Springer.Google ScholarGoogle Scholar
  30. [30] Damgård Ivan, Escudero Daniel, Frederiksen Tore, Keller Marcel, Scholl Peter, and Volgushev Nikolaj. 2019. New primitives for actively-secure MPC over rings with applications to private machine learning. In S&P’19. IEEE.Google ScholarGoogle Scholar
  31. [31] Demmler Daniel, Dessouky Ghada, Koushanfar Farinaz, Sadeghi Ahmad-Reza, Schneider Thomas, and Zeitouni Shaza. 2015. Automated synthesis of optimized circuits for secure computation. In CCS’15. ACM.Google ScholarGoogle Scholar
  32. [32] Demmler Daniel, Schneider Thomas, and Zohner Michael. 2015. ABY – A framework for efficient mixed-protocol secure two-party computation. In NDSS’15. Internet Society. https://encrypto.de/papers/DSZ15.pdf.Google ScholarGoogle Scholar
  33. [33] Doerner Jack, Evans Dave, and Shelat Abhi. 2016. Secure stable matching at scale. In CCS’16. ACM.Google ScholarGoogle Scholar
  34. [34] Escudero Daniel, Ghosh Satrajit, Keller Marcel, Rachuri Rahul, and Scholl Peter. 2020. Improved primitives for MPC over mixed arithmetic-binary circuits. In CRYPTO’20. Springer.Google ScholarGoogle Scholar
  35. [35] Frederiksen Tore Kasper, Keller Marcel, Orsini Emmanuela, and Scholl Peter. 2015. A unified approach to MPC with preprocessing using OT. In ASIACRYPT’15, Iwata Tetsu and Cheon Jung Hee (Eds.). Springer.Google ScholarGoogle Scholar
  36. [36] Gilad-Bachrach Ran, Dowlin Nathan, Laine Kim, Lauter Kristin, Naehrig Michael, and Wernsing John. 2016. CryptoNets: Applying neural networks to encrypted data with high throughput and accuracy. In International Conference on Machine Learning (ICML’16).Google ScholarGoogle Scholar
  37. [37] Goldreich Oded, Micali Silvio, and Wigderson Avi. 1987. How to play any mental game or a completeness theorem for protocols with honest majority. In STOC’87. ACM.Google ScholarGoogle Scholar
  38. [38] Guo Chun, Katz Jonathan, Wang Xiao, and Yu Yu. 2020. Efficient and secure multiparty computation from fixed-key block ciphers. In S&P’20. IEEE.Google ScholarGoogle Scholar
  39. [39] Halevi Shai. 2018. Advanced cryptography: Promise and challenges. In CCS’18. ACM.Google ScholarGoogle Scholar
  40. [40] Hastings M., Hemenway B., Noble D., and Zdancewic S.. 2019. SoK: General purpose compilers for secure multi-party computation. In S&P’19. IEEE.Google ScholarGoogle Scholar
  41. [41] Hauck Eduard and Loss Julian. 2017. Efficient and universally composable protocols for oblivious transfer from the CDH assumption. IACR Cryptology ePrint Archive, Report 2017/1011 (2017). https://ia.cr/2017/1011.Google ScholarGoogle Scholar
  42. [42] Hazay Carmit, Scholl Peter, and Soria-Vazquez Eduardo. 2017. Low cost constant round MPC combining BMR and oblivious transfer. In ASIACRYPT’17. Springer.Google ScholarGoogle Scholar
  43. [43] He Kai, Yang Liu, Hong Jue, Jiang Jinghua, Wu Jieming, Dong Xu, and Liang Zhuxun. 2019. PrivC—A framework for efficient secure two-party computation. In Security and Privacy in Communication Networks. Springer.Google ScholarGoogle ScholarCross RefCross Ref
  44. [44] Henecka Wilko, Kögl Stefan, Sadeghi Ahmad-Reza, Schneider Thomas, and Wehrenberg Immo. 2010. TASTY: Tool for automating secure two-party computations. In CCS’10. ACM.Google ScholarGoogle Scholar
  45. [45] Huang Yan, Evans David, and Katz Jonathan. 2012. Private set intersection: Are garbled circuits better than custom protocols?. In NDSS’12. Internet Society.Google ScholarGoogle Scholar
  46. [46] Impagliazzo Russell and Rudich Steven. 1989. Limits on the provable consequences of one-way permutations. In STOC’89. ACM.Google ScholarGoogle Scholar
  47. [47] Ishai Yuval, Kilian Joe, Nissim Kobbi, and Petrank Erez. 2003. Extending oblivious transfers efficiently. In CRYPTO’03.Google ScholarGoogle Scholar
  48. [48] Ishaq Muhammad, Milanova Ana L., and Zikas Vassilis. 2019. Efficient MPC via program analysis: A framework for efficient optimal mixing. In CCS’19. ACM.Google ScholarGoogle Scholar
  49. [49] Kamara Seny, Mohassel Payman, and Raykova Mariana. 2011. Outsourcing multi-party computation. IACR Cryptology ePrint Archive, Report 2011/272 (2011). https://ia.cr/2011/272.Google ScholarGoogle Scholar
  50. [50] Keller Marcel. 2020. MP-SPDZ: A versatile framework for multi-party computation. In CCS’20. ACM.Google ScholarGoogle Scholar
  51. [51] Keller Marcel, Orsini Emmanuela, and Scholl Peter. 2016. MASCOT: Faster malicious arithmetic secure computation with oblivious transfer. In CCS’16. ACM.Google ScholarGoogle Scholar
  52. [52] Kolesnikov Vladimir, Sadeghi Ahmad-Reza, and Schneider Thomas. 2009. Improved garbled circuit building blocks and applications to auctions and computing minima. In CANS’09. Springer.Google ScholarGoogle Scholar
  53. [53] Kreuter Ben, Mood Benjamin, Shelat Abhi, and Butler Kevin. 2013. PCF: A portable circuit format for scalable two-party secure computation. In USENIX Security’12. USENIX Association.Google ScholarGoogle Scholar
  54. [54] Kreuter Benjamin, Shelat Abhi, and Shen Chih-Hao. 2012. Billion-gate secure computation with malicious adversaries. In USENIX Security’12. USENIX Association.Google ScholarGoogle Scholar
  55. [55] Liu Chang, Wang Xiao Shaun, Nayak Kartik, Huang Yan, and Shi Elaine. 2015. ObliVM: A programming framework for secure computation. In S&P’15. IEEE.Google ScholarGoogle Scholar
  56. [56] Liu Jian, Juuti Mika, Lu Yao, and Asokan Nadarajah. 2017. Oblivious neural network predictions via MiniONN transformations. In CCS’17. ACM.Google ScholarGoogle ScholarDigital LibraryDigital Library
  57. [57] Malkhi Dahlia, Nisan Noam, Pinkas Benny, and Sella Yaron. 2004. Fairplay – A secure two-party computation system. In USENIX Security’04. USENIX Association.Google ScholarGoogle ScholarDigital LibraryDigital Library
  58. [58] Mittos Alexandros, Malin Bradley, and Cristofaro Emiliano De. 2019. Systematizing genome privacy research: A privacy-enhancing technologies perspective. PETS’19 (2019).Google ScholarGoogle Scholar
  59. [59] Mohassel Payman and Rindal Peter. 2018. \( {ABY}^3 \): A mixed protocol framework for machine learning. In CCS’18. ACM.Google ScholarGoogle Scholar
  60. [60] Mohassel P. and Zhang Y.. 2017. SecureML: A system for scalable privacy-preserving machine learning. In S&P’17. IEEE.Google ScholarGoogle Scholar
  61. [61] Mood B., Gupta D., Carter H., Butler K., and Traynor P.. 2016. Frigate: A validated, extensible, and efficient compiler and interpreter for secure computation. In EuroS&P’16. IEEE.Google ScholarGoogle Scholar
  62. [62] Nielsen Jesper Buus, Schneider Thomas, and Trifiletti Roberto. 2017. Constant round maliciously secure 2PC with function-independent preprocessing using LEGO. In NDSS’17.Google ScholarGoogle Scholar
  63. [63] Patra Arpita and Suresh Ajith. 2020. BLAZE: Blazing fast privacy-preserving machine learning. In NDSS’20. Internet Society.Google ScholarGoogle Scholar
  64. [64] Rabin Michael O.. 1981. How To Exchange Secrets with Oblivious Transfer. Technical Report. Harvard Aiken Computation Laboratory.Google ScholarGoogle Scholar
  65. [65] Rachuri Rahul and Suresh Ajith. 2020. Trident: Efficient 4PC framework for privacy preserving machine learning. In NDSS’20. Internet Society.Google ScholarGoogle Scholar
  66. [66] Rastogi Aseem, Hammer Matthew A., and Hicks Michael. 2014. Wysteria: A programming language for generic, mixed-mode multiparty computations. In S&P’14. IEEE.Google ScholarGoogle Scholar
  67. [67] Riazi M. Sadegh, Weinert Christian, Tkachenko Oleksandr, Songhori Ebrahim M., Schneider Thomas, and Koushanfar Farinaz. 2018. Chameleon: A hybrid secure computation framework for machine learning applications. In ASIACCS’17. ACM.Google ScholarGoogle Scholar
  68. [68] Rindal Peter. [n. d.]. libOTe: An Efficient, Portable, and Easy to Use Oblivious Transfer Library. https://github.com/osu-crypto/libOTe.Google ScholarGoogle Scholar
  69. [69] Rotaru Dragos and Wood Tim. 2019. MArBled circuits: Mixing arithmetic and boolean circuits with active security. In INDOCRYPT’19. Springer.Google ScholarGoogle Scholar
  70. [70] Schneider Thomas and Zohner Michael. 2013. GMW vs. Yao? Efficient secure two-party computation with low depth circuits. In FC’13. Springer.Google ScholarGoogle Scholar
  71. [71] Shrishak Kris, Shulman Haya, and Waidner Michael. 2018. Removing the bottleneck for practical 2PC (Poster). In CCS’18. ACM.Google ScholarGoogle Scholar
  72. [72] Songhori Ebrahim M., Hussain Siam U., Sadeghi Ahmad-Reza, Schneider Thomas, and Koushanfar Farinaz. 2015. TinyGarble: Highly compressed and scalable sequential garbled circuits. In S&P’15. IEEE.Google ScholarGoogle Scholar
  73. [73] Wang Xiao. 2018. A New Paradigm for Practical Maliciously Secure Multi-Party Computation. Ph. D. Dissertation. University of Maryland (College Park, Md.). PhD thesis.Google ScholarGoogle Scholar
  74. [74] Wang Xiao, Malozemoff Alex J., and Katz Jonathan. 2016. EMP-toolkit: Efficient multiparty computation toolkit. https://github.com/emp-toolkit.Google ScholarGoogle Scholar
  75. [75] Wang Xiao, Ranellucci Samuel, and Katz Jonathan. 2017. Global-scale secure multiparty computation. In CCS’17. ACM.Google ScholarGoogle Scholar
  76. [76] Yang Kang, Weng Chenkai, Lan Xiao, Zhang Jiang, and Wang Xiao. 2020. Ferret: Fast extension for correlated oT with small communication. In CCS’20. ACM.Google ScholarGoogle Scholar
  77. [77] Yao Andrew Chi-Chih. 1986. How to generate and exchange secrets. In FOCS’86. IEEE.Google ScholarGoogle Scholar
  78. [78] Zahur Samee and Evans David. 2015. Obliv-C: A language for extensible data-oblivious computation. IACR Cryptology ePrint Archive, Report 2015/1153 (2015). https://ia.cr/2015/1153.Google ScholarGoogle Scholar
  79. [79] Zhang Yihua, Steele Aaron, and Blanton Marina. 2013. PICCO: A general-purpose compiler for private distributed computation. In CCS’13. ACM.Google ScholarGoogle Scholar
  80. [80] Zheng W., Popa R. A., Gonzalez J. E., and Stoica I.. 2019. Helen: Maliciously secure coopetitive learning for linear models. In S&P’19. IEEE.Google ScholarGoogle Scholar

Index Terms

  1. MOTION – A Framework for Mixed-Protocol Multi-Party Computation

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in

      Full Access

      • Published in

        cover image ACM Transactions on Privacy and Security
        ACM Transactions on Privacy and Security  Volume 25, Issue 2
        May 2022
        263 pages
        ISSN:2471-2566
        EISSN:2471-2574
        DOI:10.1145/3505216
        Issue’s Table of Contents

        Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        • Published: 4 March 2022
        • Accepted: 1 October 2021
        • Revised: 1 July 2021
        • Received: 1 November 2020
        Published in tops Volume 25, Issue 2

        Permissions

        Request permissions about this article.

        Request Permissions

        Check for updates

        Qualifiers

        • research-article
        • Refereed

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Full Text

      View this article in Full Text.

      View Full Text

      HTML Format

      View this article in HTML Format .

      View HTML Format
      About Cookies On This Site

      We use cookies to ensure that we give you the best experience on our website.

      Learn more

      Got it!