Secure Multi-Party Computation: Constructions and Applications in Blockchain

Abstract

Protection of data in use is a new paradigm that aims to provide data owners with mechanisms to ensure that their data is not exposed, even when it is part of a computation. Within this paradigm, Privacy Enhancing Technologies (PETs) in general, and Secure Multi-Party Computation (MPC) in particular, offer interesting possibilities for security, mainly by relying on cryptographic techniques. Among the wide range of applications that can benefit from MPC, we identify one of great interest that lacks privacy by default: blockchain. Blockchain technologies require data to be publicly available in order to guarantee the verifiability and correctness of their results, but this implies an obstacle for many use cases to be adopted in the decentralized environment.

This thesis is devoted to the study of MPC from a practical point of view, and mainly to the relations that exist between MPC and blockchain. This work is carried out at different levels, from the more general to the more specific. More specifically, we provide an analysis and discussion of different MPC protocols and their peculiarities when used in real systems. We also provide specific solutions to achieve privacy-preserving applications in the blockchain ecosystem by relying on MPC. We approach this not from a specific application, but from a general computational approach, where MPC serves as a confidentiality layer that can be invoked from smart contracts. On the other hand, at the cryptographic level, we provide a new solution to achieve an efficient and dynamic delivery of secret shared data to outsourced MPC committees. This allows data owners to benefit from sending a single ciphertext that can be shared publicly, and also from selecting the specific committee to share the data after it has been encrypted and stored.This new construction, namely Oblivious Sharing Re-Encryption (OSRE), benefits some scenarios, such as those in which IoT devices send periodic data, or those in blockchain that rely on MPC for confidential computations. Finally, we also provide three applications where PETs in general and MPC in particular offer privacy and usability improvements: Private Set Intersection (PSI) computations in consortium blockchains, a privacy-preserving use of location data for a crowd counting application, and a decentralized mixer service in Bitcoin with reversible unlinkability that achieves accountability and compliance while ensuring that payments remain private.