What Will Be the Early Privacy Impact of Secure Multiparty Computation?

Published at: March 29, 2020

Currently, one of the most rigorously examined corners of the surging cryptography space, secure multiparty computation, or sMPC, is widely considered a viable solution to many practical situations in the real world. The concept has some promising implications ranging from privacy to scalability and efficiency, and it’s lasting impact lay outside the purview of only blockchain technology.

However, many crypto and blockchain platforms are among the early pioneers in actively applying the technology to finance, advertising, insurance and other industries.

“The beauty of multi-party protocols is that they use a rich body of tools and sub-protocols, some of which have been developed especially for MPC and others previously developed for the cryptographic non-distributed setting,” detailed Dragos Rotaru, a researcher for the Advanced Research Projects Agency, or ARPA, in the team’s white paper. 

The rich feature-set of tools includes the lauded protocols of zero-knowledge proofs, message authentication codes, commitment schemes and secret sharing models, like Shamir’s Secret Sharing. The compatibility of sMPC with such blossoming cryptography subfields, along with its recent development that surpassed many of its performance limitations, is poised to unleash a new suite of features for many public blockchains, financial applications and data sharing.

Related: Secure Encryption Key Management Modules, Explained

A brief history and introduction of sMPCs

The concept of sMPCs gained traction in the early 1980s as a solution to “Yao’s Millionaire Problem.” The problem is a classic example of two parties, Alice and Bob, wishing to determine which party is wealthier without revealing their explicit wealth value.

The goal of sMPC is to enable both Alice and Bob to compute a function over the shared inputs — e.g., their wealth — without revealing the value of the inputs. As a result, the counterparties can discern which is wealthier without exposing private financial data. Contrary to most cryptographic goals, sMPC protects participating user privacy from one another and is not explicitly created to protect a communication channel from third-party snooping.

The applications of sMPC are numerous, but its early potential was handcuffed by its performance limitations. Those handcuffs have been removed. As the ARPA white paper details:

“With theoretical constructions going back 35 years, there are substantial improvements in algorithmic and engineering designs over the past decade to improve performance.”

ARPA references that the overall performance of sMPCs has increased by four to five orders of magnitude in the last decade alone — which are drastic improvements. As a result, the applications of sMPCs are no longer relegated to theoretical designs and are now firmly planted in the practical world.

For example, sMPCs can play the primary role in mitigating one of crypto’s most endemic problems — exchange transparency. Endeavors like Blockstream’s Bitcoin proof-of-reserves attempt to self-regulate exchange treasuries to ensure customers that their deposits are fully-backed by the exchange. Instances like the QuadrigaCX debacle would fade away, and exchanges would garner more regulatory trust in the process.

The sentiment for better exchange reserve transparency is also consistently touted by Castle Island Ventures’s Nic Carter, who views the progression as inevitable. And while PoR protocols like the one from Blockstream still need to improve privacy, others, such as ARPA’s, are on the cusp of bolstering the prospects of PoR significantly. The ARPA MPC network is in its pre-Alpha mainnet stage. Users can stake their tokens, join the privacy-preserving computation network, complete tasks and get computation rewards.

In addition, institutional and personal account key management requirements stimulated by distributed ledgers have also spawned many wallet applications, and this change has also affected traditional enterprises. No matter in the blockchain or traditional financial institutions, the threshold signature scheme enabled by sMPC can bring security and privacy improvements in various scenarios.

Wallets based on a threshold signature are more secure because the private key doesn’t need to be rebuilt. Also, without all signatures posted publicly, anonymity can be achieved. Compared to the multi-signature, a threshold signature needs lower transaction fees. Similar to key management applications, the administration of digital asset accounts can also be more flexible. Furthermore, a threshold signature wallet can support various blockchains that do not natively support multi-signature, which reduces the risk of smart contract bugs.

The remaining barriers to the proliferation of sMPC hinge on education and making the technology more accessible. For example, developers are working on abstracting away the underlying complexity of the technology and building “plug-and-play” setups for businesses to tap into the technology. As Rotaru continued:

“Our goal is to build an MPC network with high availability for the first time where any business needs for secure computation can be conducted on the network or by using smart contracts on existing blockchains such as Ethereum or EOS.” 

By reducing the costs and barriers to access sMPCs, businesses can leverage one of cryptography’s most venerated achievements. However, the direct impact on sMPCs extends beyond PoR for exchanges well into the depths of the battle for digital privacy.

Privacy advantages of sMPC

Applications can be layered on top of sMPC protocols, masking the exceptional complexity that underscores them — something businesses do not want to pay for to implement themselves. Once the barriers to accessing sMPC protocols are reduced, the practical applications for privacy become pretty obvious.

The primary target area? Privacy.

For example, outside the scope of blockchains, imagine any scenario where two or more parties want to come together; they do not explicitly trust each other and would like to determine an outcome without revealing sensitive internal details about each other.

Situations like data sharing, such as calculating the average age of a group of web users visiting a website without exposing other (non-pertinent) personal user data, immediately come to mind. Others, like insurance providers analyzing risk without having to control vast quantities of data (no more Equifax hacks), are also enticing. And some, like secure monetization for user data by renting personal data to advertisers, might be the tip of the privacy spear that shatters the glass ceiling of user privacy abuse.

ARPA views sMPC as also playing a critical role in health care, an industry rife with data privacy and security problems.

“Individual medical data contains sensitive information that is risky to run a diagnosis using third-party models or tools,” says Rotaru. He added:

“With sMPC protocols, such as ARPA’s, medical data for diagnoses can be computed without leaking data to third-party model providers, specifically AI specialists that are prevailing as pivotal algorithmic providers to medical institutions.”

Related: What Are zk-SNARKs and How Do They Affect Digital Privacy?

It’s unlikely that enterprises will recognize the advent of sMPCs to their advantage in the short-term. Their incorporation of the technology will likely follow its proven accolades among public blockchains, and specifically, financial applications running on those networks. Enterprises that have been investing in both researching and implementation of sMPC have also come together to form an alliance to bring global awareness to this technology. The MPC Alliance now has over a dozen members.

Yet, the question is whether or not the technology will become more sophisticated from this point forward: 

Should the technology become a ubiquitous, accessible tool on the web, expect an entire generation of companies to provide privacy services to web surfers, advertisers and companies with data-intensive requirements?

The trajectory of sMPC’s impact on privacy appears inevitably fruitful in the long-term. Now, the onus is on crypto companies and blockchains to tinker and promote the technology that has cryptographers so excited about the future of privacy.

The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.

Andrew Rossow is a millennial attorney, law professor, entrepreneur, writer and speaker on privacy, cybersecurity, AI, AR/VR, blockchain and digital currencies. He has written for many outlets and contributed to cybersecurity and technology publications. Utilizing his millennial background to its fullest potential, Rossow provides a well-rounded perspective on social media crime, technology and privacy implications.

Tags
Related Posts
Secure Encryption Key Management Modules, Explained
Key management providers, examples While many exchanges or custodians still operate a multisig cold wallet approach, there are now several key management providers on the market. Unbound Tech is the first to offer a virtual HSM, called Crypto Asset Security Platform, or CASP, using secure MPC. It distributes private keys and transaction approval, validation and signing, among multiple approvers — including offline participation and bots. The company is backed by investors including Citi and Goldman Sachs. CASP is also the first MPC-based virtual HSM to receive FIPS 140-2 Level 2 accreditation, the benchmark for validating the effectiveness of cryptographic hardware. …
Blockchain / Feb. 28, 2020
How Blockchain Technology and Metadata Shredding Can Usher in a New Era
It has been nearly seven years since Edward Snowden blew the whistle on highly classified global surveillance programs, inciting a national conversation about privacy in the digital age. One of these revelations was that the NSA had access to the email content of Google users and the ability to map anyone’s cell phone location. It’s now been two years since the Cambridge Analytica scandal came to light, revealing that the company had harvested Facebook user data and used it to manipulate for the United States presidential election. In 2018, Facebook also admitted that it let Netflix and Spotify access users’ …
Blockchain / March 6, 2020
Coinbase Wallet Users Can Back Up Encrypted Keys on Google Drive and iCloud
Users of Coinbase Wallet can now back up their private keys on Google Drive or iCloud, according to an official announcement on Feb. 12. In the statement, Coinbase states that allowing users to upload their keys to a cloud provides a safeguard against lost keys, will will help them avoid losing funds should the keys be misplaced. The announcement notes: “The private keys generated and stored on your mobile device are the only way to access your funds on the blockchain. Owners of ‘user-controlled wallets’ like Coinbase Wallet sometimes lose their devices or fail to backup their 12 word recovery …
Blockchain / Feb. 13, 2019
Geopolitical Analyst Believes Blockchain Will Become ‘Obsolete’
Geopolitical analyst George Friedman says that blockchain technology will one day become “obsolete,” CNBC reported June 15. Friedman is a founder of Geopolitical Futures, an online publication dedicated to predicting the future course of international affairs, and author of "The Next 100 Years: A Forecast for the 21st Century." He told CNBC that he has “never known any encryption technology not to be broken,” and that he doubts “between Russia, China, U.S. intelligence services" that blockchain cannot be decrypted. He added: "It's useful. It's visible, at some point it'll be obsolete." Friedman said that blockchain is "one of those hypes. …
Blockchain / June 16, 2018
Quantum computing to run economic models on crypto adoption
By many accounts, quantum computing (QC), which uses atomic “spin” instead of an electrical charge to represent its binary 1’s and 0’s, is evolving at an exponential rate. If QC is ever realized at scale, it could be a boon for human society, helping to improve crop yields, design better medicines and engineer safer airplanes, among other benefits. The crypto sector could profit too. Just last week, for instance, a Bank of Canada-commissioned project simulated cryptocurrency adoption among Canadian financial organizations using quantum computing. “We wanted to test the power of quantum computing on a research case that is hard …
Technology / April 22, 2022