Flexible File Format and Intermediate Representation for Secure Multi-Party Computation

Master Thesis

Published at 18th ACM ASIA Conference on Computer and Communications Security (AsiaCCS'23) and Contributed Talk at 9. Theory and Practice of Multi-Party Computation Workshop (TPMPC'23).

Motivation

Secure multi-party computation (MPC) allows distrusting parties to compute a public function of their private inputs without revealing any information beyond the output of the function. Decades after the introduction of MPC in 1980s, we now have not only theoretically interesting MPC protocols but also practically very efficient instantiations of those protocols that can be applied to relatively large real-world tasks and run in the order of only seconds or minutes. The tools for MPC are though still lagging behind and need improvement.

Although tools for efficient MPC exist, they are mostly fine-tuned for particular protocols or settings and allow only very specific formats, e.g., there are commonly used file formats such as the Bristol Fashion format [1], which is limited to Boolean circuits, or the HyCC format [2], which is undocumented. A major obstacle that prevents more flexibility in MPC tools is the lack of a file format for MPC that would not only be well-defined but also flexible and would support different representations, i.e., not only arithmetic and Boolean circuits but also custom building blocks, e.g., generic high-level non-cryptographic building blocks such as (secure) floating point operations that can then be replaced by an MPC framework with optimized circuits and additional cryptographic techniques such as oblivious transfer, commitments, and zero-knowledge proofs.

Goal

The main goal of this thesis is to design and fully define a new file format and in-memory intermediate representation (IR) for describing MPC functionalities that must be able to efficiently represent low-level circuits and conversions between these as well as high-level building blocks. While standardization of a set of operations is certainly necessary, the format also needs to allow custom extensions to enable protocol and implementation-specific optimizations applied by compilers. As cryptographic protocols and tooling are implemented in various programming languages, the format should be easily accessible without having to write custom parsers for each project.

The first steps towards a file format and IR for MPC were made in [3-9]. The progress made there should be taken into account and flow into the design of the new IR and its file format. Further inspiration can be found in:

Hardware description languages such as VHDL or Verilog, which also combine low-level circuits and more complex predefined components.
The ONNX file format [10], which is a portable file format for neural networks that enables interoperability among a large selection of software and can be used as an IR between user-facing frontends and the execution backends. Furthermore, the ONNX C++ library provides infrastructure for optimization passes over the network description. Since it is based on Google Protocol Buffers [11], the network description is accessible from a variety of programming languages. A similar file format would surely be useful for the MPC domain.
CrypTFlow [12] includes a simple imperative language as low-level intermediate language (LLIL).
zkInterface tool and standard [13] for inter-operable implementation-independent zero-knowledge proofs.
The LLVM compiler [14] for programming language-independent code optimizations and compilation.

On the implementation side, the student will need to implement a parser for the designed MPC file format in the MOTION framework for MPC [15] in C++ and at least one other state-of-the-art MPC framework. Also, a converter from circuit formats that are widely used in the MPC community, e.g., the Bristol [1] and HyCC [2] format, to the designed file format for MPC needs to be implemented.

Finally, the designed file format needs to be compared with related work [4-9], and the designed IR needs to be used to showcase how the performance of MPC protocols can be improved by iteratively running optimizations on the intermediate representation.

Requirements

Knowledge of secure computation is highly beneficial (e.g., via the “Cryptographic Protocols” course)
Knowledge in compiler design is beneficial
Basic knowledge of secure multi-party computation is beneficial
Good programming skills in C/C++ are beneficial
High motivation to learn and ability to work independently
Knowledge of the English language, Git, and LaTeX

References

[1] V. A. Abril, P. Maene, N. Mertens, D. Sujacic, N. Smart. “’Bristol Fashion’ MPC Circuits”. 2019.
[2] N. Büscher, D. Demmler, S. Katzenbeisser, D. Kretzmer, T. Schneider. “HyCC: Compilation of Hybrid Protocols for Practical Secure Computation”. In CCS'18.
[3] B. Kreuter, B. Mood, a. shelat, K. Butler. “PCF: A Portable Circuit Format for Scalable Two-Party Secure Computation”. In USENIX Security'13.
[4] A. Rastogi, M.A. Hammer, M. Hicks. “Wysteria: A Programming Language for Generic, Mixed-Mode Multiparty Computations”. In S&P'14.
[5] E. M. Songhori, S. U. Hussain, A.-R. Sadeghi, T. Schneider, F. Koushanfar. “TinyGarble: Highly Compressed and Scalable Sequential Garbled Circuits”. In S&P'15.
[6] S. Zahur, D. Evans. “Obliv-C: A Language for Extensible Data-Oblivious Computation”. In ePrint'15.
[7] M. Keller. “MP-SPDZ: A Versatile Framework for Multi-Party Computation”. In CCS’20.
[8] A. Aly, K. Cong, D. Cozzo, M. Keller, E. Orsini, D. Rotaru, O. Scherer, P. Scholl, N. P. Smart, T. Tanguy, T. Wood. “SCALE–MAMBA v1.10 : Documentation” (opens in new tab).
[9] B. Hiemenz. “Analysis and Extensions of the PCF Secure Two-Party Computation Compiler (opens in new tab)”. Bachelor Thesis, TU Darmstadt, 2014.
[10] ONXX Project Contributors. “Open Neural Network Exchange (ONNX)”. 2019. Paper (opens in new tab), IR.
[11] Google Inc. Protocol Buffers. 2008.
[12] N. Kumar, M. Rathee, N. Chandran, D. Gupta, A. Rastogi, R. Sharma. “CrypTFlow: Secure TensorFlow Inference”. In S&P'20.
[13] D. Benarroch, K. Gurkan, R. Kahat, A. Nicolas, E. Tromer. “zkInterface, a standard tool for zero-knowledge interoperability”.
[14] The LLVM Foundation. The LLVM compiler.
[15] L. Braun, D. Demmler, T. Schneider, O. Tkachenko. “MOTION – A Framework for Mixed-Protocol Multi-Party Computation”. In ePrint'20.

Supervisors

Oleksandr Tkachenko, M.Sc. ( tkachenko@encrypto.cs.tu-…)
Lennart Braun, M.Sc., Aarhus University ( braun@cs.au.dk)
Prof. Dr.-Ing. Thomas Schneider ( schneider@encrypto.cs.tu-…)

Awards

Best Master Thesis at CS Department 2022