Optimizing semi-honest secure multiparty computation for the Internet

Aner Ben-Efraim, Yehuda Lindell, Eran Omri

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

62 Scopus citations


In the setting of secure multiparty computation, a set of parties with private inputs wish to compute some function of their inputs without revealing anything but their output. Over the last decade, the efficiency of secure two-party computation has advanced in leaps and bounds, with speedups of some orders of magnitude, making it fast enough to be of use in practice. In contrast, progress on the case of multiparty computation (with more than two parties) has been much slower, with very little work being done. Currently, the only implemented efficient multiparty protocol has many rounds of communication (linear in the depth of the circuit being computed) and thus is not suited for Internet-like settings where latency is not very low. In this paper, we construct highly efficient constant-round protocols for the setting of multiparty computation for semihonest adversaries. Our protocols work by constructing a multiparty garbled circuit, as proposed in BMR (Beaver et al., STOC 1990). Our first protocol uses oblivious transfer and constitutes the first concretely-efficient constant-round multiparty protocol for the case of no honest majority. Our second protocol uses BGW, and is significantly more efficient than the FairplayMP protocol (Ben-David et al., CCS 2008) that also uses BGW. We ran extensive experimentation comparing our different protocols with each other and with a highly-optimized implementation of semi-honest GMW. Due to our protocol being constant round, it significantly outperforms GMW in Internet-like settings. For example, with 13 parties situated in the Virginia and Ireland Amazon regions and the SHA256 circuit with 90,000 gates and of depth 4000, the overall running time of our protocol is 25 seconds compared to 335 seconds for GMW. Furthermore, our online time is under half a second compared to 330 seconds for GMW.

Original languageEnglish
Title of host publicationCCS 2016 - Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security
PublisherAssociation for Computing Machinery
Number of pages13
ISBN (Electronic)9781450341394
StatePublished - 24 Oct 2016
Event23rd ACM Conference on Computer and Communications Security, CCS 2016 - Vienna, Austria
Duration: 24 Oct 201628 Oct 2016

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221


Conference23rd ACM Conference on Computer and Communications Security, CCS 2016

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications


Dive into the research topics of 'Optimizing semi-honest secure multiparty computation for the Internet'. Together they form a unique fingerprint.

Cite this