Abstract
This paper describes a blockchain-based approach for secure function evaluation (SFE) in the setting where multiple participants have private inputs (multiparty computation) that no other individual should learn. The emphasis of Absentia is reducing the participants’ work to a bare minimum, where they can effectively have the computation performed in their absence and they can trust the result. While we use an SFE protocol (Mix and Match) that can operate perfectly well without a blockchain, the blockchain does add value in at least three important ways: (1) the SFE protocol requires a secure bulletin board and blockchains are the most widely deployed data structure with bulletin board properties (immutability and non-equivocation under reasonable assumptions); (2) blockchains provide a built-in mechanism to financially compensate participants for the work they perform; and (3) a publicly verifiable SFE protocol can be checked by the blockchain network itself, absolving the users of having to verify that the function was executed correctly. We benchmark Absentia on Ethereum. While it is too costly to be practical (a single gate costs thousands of dollars), it sets a research agenda for future improvements. We also alleviate the cost by composing it with Arbitrum, a layer 2 ‘roll-up’ for Ethereum which reduces the costs by 94%.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Open Zeppelin’s ReentrancyGuard.sol.
- 2.
- 3.
Orbs’ ECops.sol.
- 4.
V. Buterin, 2018. You can *kinda* abuse ECRECOVER to do ECMUL in secp256k1 today.
- 5.
In 2016 when EIP170 was finalized, a 24KB contract could not deploy without crossing the block gas limit, however the gas limit has increased substantially since.
- 6.
- 7.
References
Andreev, O., Glickstein, B., Niu, V., Rinearson, T., Sur, D., Yun, C.: ZkVM: fast, private, flexible blockchain contracts. Technical report, Online (2019)
Andrychowicz, M., Dziembowski, S., Malinowski, D., Mazurek, L.: Secure multiparty computations on bitcoin. In: IEEE Symposium on Security and Privacy (2014)
Baum, C., Damgård, I., Orlandi, C.: Publicly auditable secure multi-party computation. In: SCN (2014)
Beaver, D.: Commodity-based cryptography. In: ACM STOC (1997)
Bernhard, D., Pereira, O., Warinschi, B.: How not to prove yourself: Pitfalls of the fiat-shamir heuristic and applications to helios. In: ASIACRYPT (2012)
Bowe, S., Chiesa, A., Green, M., Miers, I., Mishra, P., Wu, H.: Zexe: Enabling decentralized private computation. In: IEEE Symposium on Security and Privacy (2020)
Chaum, D., Pedersen, T.P.: Wallet databases with observers. In: CRYPTO (1992)
Cramer, R., Gennaro, R., Schoenmakers, B.: A secure and optimally efficient multi-authority election scheme. In: EUROCRYPT (1997)
Damgård, I., Keller, M., Larraia, E., Pastro, V., Scholl, P., Smart, N.P.: Practical covertly secure mpc for dishonest majority-or: breaking the spdz limits. In: ESORICS (2013)
Damgård, I., Pastro, V., Smart, N., Zakarias, S.: Multiparty computation from somewhat homomorphic encryption. In: CRYPTO (2012)
Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: CRYPTO, pp. 186–194 (1986)
Gudgeon, L., Moreno-Sanchez, P., Roos, S., McCorry, P., Gervais, A.: Sok: Layer-two blockchain protocols. In: Financial Cryptography (2020)
Jakobsson, M., Juels, A.: Mix and match: Secure function evaluation via ciphertexts. In: ASIACRYPT (2000)
Kalodner, H., Goldfeder, S., Chen, X., Weinberg, S.M., Felten, E.W.: Arbitrum: Scalable, private smart contracts. In: USENIX Security (2018)
Keller, M., Pastro, V., Rotaru, D.: Overdrive: Making spdz great again. In: EUROCRYPT (2018)
Kosba, A., Miller, A., Shi, E., Wen, Z., Papamanthou, C.: Hawk: The blockchain model of cryptography and privacy-preserving smart contracts. In: IEEE Symposium on Security and Privacy (2016)
McMurtry, E., Pereira, O., Teague, V.: When is a test not a proof? In: ESORICS (2020)
Pedersen, T.P.: A threshold cryptosystem without a trusted party. In: EUROCRYPT (1991)
Sánchez, D.C.: Raziel: Private and verifiable smart contracts on blockchains. Technical report, arXiv arXiv:1807.09484 (2018)
Schnorr, C.P.: Efficient signature generation by smart cards. J. Cryptology 4(3), 161–174 (1991). https://doi.org/10.1007/BF00196725
Yao, A.C.: Protocols for secure computations. In: IEEE FOCS (1982)
Zyskind, G., Nathan, O., et al.: Decentralizing privacy: Using blockchain to protect personal data. In: IWPE (2015)
Acknowledgements
We thank the reviewers who helped to improve our paper. J. Clark acknowledges support for this research project from the National Sciences and Engineering Research Council (NSERC)/ Raymond Chabot Grant Thornton/Catallaxy Industrial Research Chair in Blockchain Technologies and the AMF (Autorité des Marchés Financiers).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 International Financial Cryptography Association
About this paper
Cite this paper
Demirag, D., Clark, J. (2021). Absentia: Secure Multiparty Computation on Ethereum. In: Bernhard, M., et al. Financial Cryptography and Data Security. FC 2021 International Workshops. FC 2021. Lecture Notes in Computer Science(), vol 12676. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-63958-0_31
Download citation
DOI: https://doi.org/10.1007/978-3-662-63958-0_31
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-63957-3
Online ISBN: 978-3-662-63958-0
eBook Packages: Computer ScienceComputer Science (R0)