IRIS : Multi-Party Computation

Secure two-party and multiparty computation enables a set of parties with private inputs to securely compute a joint function of their inputs. The security properties guaranteed are privacy (nothing but the output is revealed), correctness (the correct output is obtained, even if some parties behave maliciously), and independence of inputs (no party can make its input depend on other parties' inputs). In the case where a majority of the participating parties can be assumed to be honest, then it is also possible to guarantee fairness (meaning that if one party obtains output then all parties obtain output). These security properties must hold in the face of adversarial behaviour. The main adversary models that have been considered are semi-honest adversaries (who follow the protocol specification but try to learn more than allowed from the communication transcript), and malicious adversaries (who can follow any arbitrary strategy in an attempt to break security).

Despite the stringent requirements on protocols for secure computation, it was already shown in the mid 1980s that any efficient function can be securely computed in the presence of malicious adversaries. This powerful feasibility result has enormous implications! Any distributed task between machines which may or may not be honest (either because the party owning the machine is dishonest, or the machine has been hacked into and taken over by an adversary) can be carried out securely, without any concern that private information will be stolen, or that an incorrect result may be obtained. Thus, secure computation can be used to solve a vast number of problems thatoccur in the modern digital era. These problems include auctions, elections, digital cash, anonymous transactions, private database queries, cloud security, privacy-preserving data mining, private statistics aggregation, private biometric verification, and more. This potential and broad applicability has made secure computation a heavily-studied field over the last 25 years.

The Bristol group have conducted ground breaking research over the last six years to turn MPC into a practical reality. This work has been taken up by a number of groups world wide. This proposal aims to extend this work and forge long standing research links with colleagues in India

This proposal is on exactly the same topic as the DAPRA PROCEED and IARPA SPAR programme's (which together represent over 30 million dollars worth of research funding). In addition future calls on this topic are expected from these two agencies. The work also builds upon work conducted in various EU funded projects (CACE and PRACTICE), as well as the ERC grant of Smart, and the EPSRC grant COED. Hence, the existing interest in this area is very high in relation to possible future impact.

Companies developing security solutions involving access to secure data will benefit from having better understanding of the technologies we will investigate. These range from governments, agencies (such as health care providers), large corporations and cloud computing providers. The academic investigating team is uniquely placed to produce novel yet highly relevant results: we have a strong track record in performing research which is both theoretically and academically interesting, as well as commercially relevant. Smart was involved in the spin-out company Identum based on research into Identity Based Encryption (IBE), and he is a founder of Dyadic Security (a company specialising in MPC based technologies for threat mitigation). The UK and India as a whole will benefit by the production and deployment of more secure systems, and the training of new researchers and technologists in the area.

As explained in the PathWays To Impact document we will focus on delivering impact in the following key areas:

1) Communication and Dissemination

2) Public Impact

3) Industrial Engagement

4) Human Capital Creation