Institute for Software Research International
School of Computer Science, Carnegie Mellon University


Configurable Security Protocols for Multi-party Data Analysis
with Malicious Participants

Bradley Malin, Edoardo Airoldi, Samuel Edoho-Eket, Yiheng Li

September 2004

Keywords: Multiparty computation, confidentiality, configurable security, secure list comparison, mali-cious behavior, quasi-commutative cryptography, communication protocols

Standard multi-party computation models assume semi-honest behavior, where the majority of participants implement protocols according to specification, an assumption not always plausible. In this paper we introduce a multi-party protocol for collaborative data analysis when participants are malicious and fail to follow specification. The protocol incorporates a semi-trusted third party, which analyzes encrypted data and provides honest responses that only intended recipients can successfully decrypt. The protocol incorporates data confidentiality by enabling participants to receive encrypted responses tailored to their own encrypted data submissions without revealing plaintext to other participants, including the third party. As opposed to previous models, trust need only be placed on a single participant with no data at stake. Additionally, the proposed protocol is configurable in a way that security features are controlled by independent subproto-cols. Various combinations of subprotocols allow for a flexible security system, appropriate for a number of distributed data applications, such as secure list comparison.

20 pages

Return to: SCS Technical Report Collection
School of Computer Science homepage

This page maintained by