## Abstract

Secure multiparty computation allows a group of distrusting parties to jointly compute a (possibly randomized) function of their inputs. However, it is often the case that the parties executing a computation try to solve a search problem, where one input may have a multitude of correct answers-such as when the parties compute a shortest path in a graph or find a solution of a set of linear equations. The algorithm for arbitrarily picking one output from the solution set has significant implications on the privacy of the computation. A minimal privacy requirement was put forward by Beimel et al. [STOC 2006] with focus on proving impossibility results. Their definition, however, guarantees a very weak notion of privacy, which is probably insufficient for most applications. In this work we aim for stronger definitions of privacy for search problems that provide reasonable privacy. We give two alternative definitions and discuss their privacy guarantees. We also supply algorithmic machinery for designing such protocols for a broad selection of search problems.

Original language | English |
---|---|

Pages (from-to) | 344-371 |

Number of pages | 28 |

Journal | Journal of Cryptology |

Volume | 23 |

Issue number | 2 |

DOIs | |

State | Published - 1 Apr 2010 |

## Keywords

- Privacy
- Resemblance
- Search problems
- Secure computation

## ASJC Scopus subject areas

- Software
- Computer Science Applications
- Applied Mathematics