http://www.cisjournal.org
ABSTRACT
In this paper, comparative study of different available Secure Multiparty Computation (SMC) protocols have been
addressed. In SMC, a set of parties wishes to jointly compute some function on their inputs. This computation must
preserve certain security properties, like privacy and correctness. The general approach for such kind of computation is to
make use of trusted third party to do the computation and then announce the result publicly. The major problem with this
approach is that it is difficult to find a third party which is trusted by all the parties providing the inputs. This implies that
the data of parties must be secured. Security is meant to achieve correctness of the result of computation and keeping the
party’s input private even if some of the parties are corrupted.
Keywords: Security, Privacy, Correctness, Secure Multiparty Computation.
http://www.cisjournal.org
D. 1-out-of-N Oblivious Transfer communication cost. The protocols have been analyzed
and concluded in table1.
Goldreich’s circuit evaluation protocol uses the In this paper after studying the available
1-out-of-N Oblivious Transfer. An 1-out-of –N Oblivious protocols we identified that AnonyPro works better in
[6, 7] refers to a protocol where at the beginning of the terms of privacy of the parties but there are certain
protocol one party, Bob has N inputs X1, X2 …, XN and at observations where we have to work on:
the end of the protocol the other party, Alice, learns one of The privacy cannot be maintained when
the inputs Xi for some 1≤i≤N of her choice, without intermediate layer is corrupted.
learning anything about the other inputs and without Efficient protocol has to be designed for third party
allowing Bob to learn anything about i.An efficient 1-out- to compute the inputs and announce the correct
of-N Oblivious Transfer Protocol was proposed in [8] by result.
Naor and Pinkas. By combining this protocol with the AnonyPro protocol has weak security, so need is to
scheme by Cachin, Micali and Stadler [9], the 1-out-of –N apply more secured algorithm on this protocol.
Oblivious Transfer protocol could be achieved with
polylogarithmic (in n) communication complexity. REFERENCES
E. Homomorphic Encryption Schemes [1] A.C.Yao. (1982), Protocol for secure computations,in
Proc. 23rd IEEE Symposium on the Foundation of
We need a public-key cryptosystems with a Computer Science (FOCS), IEEE, 160-164.
homomorphic property for some of our protocols: Ek (x)*
Ek(y) = Ek (x+y). Many such systems exist, and examples [2] C.Cachin. (1999), Efficient private bidding and
include the systems by Benaloh [10], Naccache and Stern auctions with an oblivious third party, in Proc. 6th
[11]. A useful property of homomorphic encryption ACM conference on Computer and communications
schemes is an “addition” operation” can be performed security, 120-127.
based on the encrypted data without decrypting them.
[3] A.C. Yao. (1986), How to generate and exchange
F. AnonyPro secrets, in Proc. 27th IEEE Symposium on
Foundations of Computer Science, 162-167.
This protocol hides the identity of parties
[4] O.Goldreich, S. Micali, A. Wigderson. (1987), How
involved in computation by introducing an intermediate
to play any mental game- a complete theorem for
layer. The advantage of this protocol is that the third party
protocol with honest majority, in the proceeding of
performing computation may not know the input comes
19th ACM symposium on the theory of computing
from which party. So the privacy of parties can be
(STOC), 218-229.
maintained in this protocol [11].
[5] O. Goldreich. (1998), Secure Multiparty Computation
III. PROPOSED WORK (working draft). Available from
http://www.wisdom.weizmann.ac.il/home/oded/publi
The proposed work here is to compare different c_html/foc.html.
SMC protocols on different parameters. The comparison is
shown in Table 1 at the end of references. [6] S. Even, O. Goldreich, A. Lempel. (1985), A
From the explained protocols in Table 1 the randomized protocol for signing contracts.
AnonyPro protocol defines a framework where the privacy Communications of ACM, 28:637-647.
of the parties is ensured as this protocol hides the identity
of actual parties from the third party performing the [7] G. Brassard, C. Crepeau, J. Robert.(1987), All-or-
computation by introducing an intermediate layer. Hence nothing disclosure of secrets, in Advances in
in terms of privacy this protocol has taken a step ahead. Cryptology-Crypto86, Lecture Notes in Computer
But the problem with this protocol is that, if third party is Science,234-238.
corrupted then correctness in the result cannot be
guaranteed. [8] M. Naor, B,Pinkas.(1999), Oblivious transfer and
Polynomial Evaluation(extended abstract), in Proc.
IV. CONCLUSION & FUTURE SCOPE 31th ACM Symposiumon Theory of Computing,245-
254.
In this paper we studied different available [9] C. Cachin, S. Micali, M.Stadler.(1999),
protocols and tried to conclude that AnonyPro has defined Computationally private information retrieval with
a better framework in concern to the privacy of SMC polyalgorithmic communication, Advances in
protocol. Also, this parameter is of major concern as no Cryptology:EUROCRYPT’99,Lecture Notes in
party will try to reveal its input to any other party during Computer Science,402-414.
computation.
The other available protocols have been defined
with their own security algorithms and identified the
220
Volume 2 No.5, MAY 2011 ISSN 2079-8407
Journal of Emerging Trends in Computing and Information Sciences
http://www.cisjournal.org
[10] J. Bnaloh. (1994), Dense probabilistic encryption, in [11] D.K. Mishra, M. Chandwani (2007), Anonymity
Proc. of the Workshop on Selected Areas of enabled secure multi-party computation for Indian
Cryptography, 120-128. BPO, in Proc. TENCON 2007,IEEE,1-4.
4 logµ n .When n is
log n
large this protocol is more
efficient than Scalar product
Protocol 1.
As middle layer is involved in Correctness cannot be
7. AnonyPro the protocol, communication ensured when third party High
cost of the protocol is higher is corrupted.
than other available protocols.
But the advantage of this
protocol is that it hides the
identity of actual parties
involved in computation. So the
third party performing the
computation may not know the
input belongs to which party.
221