Presenter: Jonathan Eskeldson
Mentor: Kevin Butler
Poster: 14
Major: Computer Science/Mathematics
As technology has advanced, applications have arisen which rely on sensitive data. In the past, users had to trust these application’s creators with private data. However, breaches of private data and abuses of power, such as
the Snowden NSA revelations, have eroded users’ trust. A recent development in cryptography, called multi-party computation (MPC), allows multiple parties to compute a function over sensitive inputs, in such a way that the
inputs themselves are not revealed, bypassing the issue of trust. This is usually done by performing Yao’s Garbled Circuit protocol. This was mostly theoretical work until a few years ago, when systems capable of performing these operations were created. While there is confidence in the theory driving such systems, little attention has been paid to their implementations, which are prone to error due to their large size and complexity. These errors could create discrepancies between what a system claims to do and what that system actually does, which could weaken its security. The purpose of this study is to rigorously evaluate the security of leading MPC implementations, and expose bugs that weaken the system’s security. This research will help inspire confidence in the implementation of these systems, making them suitable for use in areas where security is a high priority, including electronic elections and private auctions.