Cointelegraph| 安全多方计算对早期隐私格局的影响

热度: 7091
本文由著名区块链科技媒体Cointelegraph于2020年3月29日首次报道,作者为安德鲁·罗索(Andrew Rossow)。

原标题:What Will Be the Early Privacy Impact of Secure Multiparty Computation?


本文由著名区块链科技媒体Cointelegraph于2020年3月29日首次报道,作者为安德鲁·罗索(Andrew Rossow)。原文链接见文末。


Andrew Rossow is a millennial attorney, law professor, entrepreneur, writer and speaker on privacy, cybersecurity, AI, AR/VR, blockchain and digital currencies. He has written for many outlets and contributed to cybersecurity and technology publications. Utilizing his millennial background to its fullest potential, Rossow provides a well-rounded perspective on social media crime, technology and privacy implications.


安德鲁·罗索(Andrew Rossow)是新生代律师、法学教授、创业者、作家和演讲者。他专注于隐私保护、网络安全、人工智能、AR / VR、区块链和数字货币领域。他曾为许多媒体撰稿,并为网络安全和技术出版做出了贡献。 Rossow充分利用其千禧一代的背景法学知识,对社交媒体犯罪、技术和隐私的影响提供了全面的视角和专业的分享。


Currently, one of the most rigorously examined corners of the surging cryptography space, secure multiparty computation, or sMPC, is widely considered a viable solution to many practical situations in the real world. The concept has some promising implications ranging from privacy to scalability and efficiency, and it’s lasting impact lay outside the purview of only blockchain technology.


现如今各类加密技术蓬勃发展,其中 「多方安全计算」(Multiparty Computation, MPC)一直备受关注,并被普遍认为是落地于现实世界最可行的解决方案。安全多方计算的一些有潜力的应用包括了隐私性、可扩展性和高效性,而且其深远的影响已经超出了区块链技术的应用。


However, many crypto and blockchain platforms are among the early pioneers in actively applying the technology to finance, advertising, insurance and other industries.




“The beauty of multi-party protocols is that they use a rich body of tools and sub-protocols, some of which have been developed especially for MPC and others previously developed for the cryptographic non-distributed setting,” detailed Dragos Rotaru, a researcher for ARPA, in the team’s white paper


ARPA研究人员Dragos Rotaru在详细介绍团队白皮书时说到:多方协议的美妙之处在于它们使用了大量的工具和分布协议,其中部分是专门为安全多方计算开发的,还有一些先前是为加密非分布式情景开发的。


The rich feature-set of tools includes the lauded protocols of zero-knowledge proofs, message authentication codes, commitment schemes and secret sharing models, like Shamir’s Secret Sharing. The compatibility of sMPC with such blossoming cryptography subfields, along with its recent development that surpassed many of its performance limitations, is poised to unleash a new suite of features for many public blockchains, financial applications and data sharing.


安全多方计算中的工具包括广受赞誉的零知识证明协议、MAC安全校验、承诺方案和秘密共享模型,例如Shamir的秘密共享。 安全多方计算与这些工具的融合及开发,有望为许多公链、金融应用和数据共享带来新的功能和落地。


A brief history and introduction of sMPCs



The concept of sMPCs gained traction in the early 1980s as a solution to “Yao’s Millionaire Problem.” The problem is a classic example of two parties, Alice and Bob, wishing to determine which party is wealthier without revealing their explicit wealth value.




The goal of sMPC is to enable both Alice and Bob to compute a function over the shared inputs — e.g., their wealth — without revealing the value of the inputs. As a result, the counterparties can discern which is wealthier without exposing private financial data. Contrary to most cryptographic goals, sMPC protects participating user privacy from one another and is not explicitly created to protect a communication channel from third-party snooping.




The applications of sMPC are numerous, but its early potential was handcuffed by its performance limitations. Those handcuffs have been removed. As the ARPA white paper details:


MPC所能覆盖的应用领域众多,但其早期发展受到计算效率的限制。如今许多限制已被解决。 ARPA白皮书介绍道:


“With theoretical constructions going back 35 years, there are substantial improvements in algorithmic and engineering designs over the past decade to improve performance.”




ARPA references that the overall performance of sMPCs has increased by four to five orders of magnitude in the last decade alone — which are drastic improvements. As a result, the applications of sMPCs are no longer relegated to theoretical designs and are now firmly planted in the practical world.




For example, sMPCs can play the primary role in mitigating one of crypto’s most endemic problems — exchange transparency. Endeavors like Blockstream’s Bitcoin proof-of-reserves attempt to self-regulate exchange treasuries to ensure customers that their deposits are fully-backed by the exchange. Instances like the QuadrigaCX debacle would fade away, and exchanges would garner more regulatory trust in the process.




The sentiment for better exchange reserve transparency is also consistently touted by Castle Island Ventures’s Nic Carter, who views the progression as inevitable. And while PoR protocols like the one from Blockstream still need to improve privacy, others, such as ARPA’s, are on the cusp of bolstering the prospects of PoR significantly. The ARPA MPC network is in its pre-Alpha mainnet stage. Users can stake their tokens, join the privacy-preserving computation network, complete tasks and get computation rewards.


Castle Island Ventures的Nic Carter也大力支持提高外汇储备的透明度,他认为这种发展是大势所趋。PoR协议(如Blockstream的协议)仍需要改善隐私性,但其他协议(如ARPA协议)正处于显著提升PoR前景的风口浪尖。 ARPA MPC网络处于Pre-Alpha主网阶段,用户可以加入计算主网、参与质押,完成任务并获得计算奖励。


In addition, institutional and personal account key management requirements stimulated by distributed ledgers have also spawned many wallet applications, and this change has also affected traditional enterprises. No matter in the blockchain or traditional financial institutions, the threshold signature scheme enabled by sMPC can bring security and privacy improvements in various scenarios.




Wallets based on a threshold signature are more secure because the private key doesn’t need to be rebuilt. Also, without all signatures posted publicly, anonymity can be achieved. Compared to the multi-signature, a threshold signature needs lower transaction fees. Similar to key management applications, the administration of digital asset accounts can also be more flexible. Furthermore, a threshold signature wallet can support various blockchains that do not natively support multi-signature, which reduces the risk of smart contract bugs.


基于门限签名的钱包更加安全,因为不需要重建私钥。 同样,无需公开发布所有签名,就可以实现匿名。 与多重签名相比,门限签名耗费的交易费用更少。 类似于密钥管理应用程序,数字资产帐户的管理也可以更加灵活。 此外,门限签名钱包可以支持各种无法实现多签的区块链,从而降低了智能合约出错的风险。


The remaining barriers to the proliferation of sMPC hinge on education and making the technology more accessible. For example, developers are working on abstracting away the underlying complexity of the technology and building “plug-and-play” setups for businesses to tap into the technology. As Rotaru continued:





“Our goal is to build an MPC network with high availability for the first time where any business needs for secure computation can be conducted on the network or by using smart contracts on existing blockchains such as Ethereum or EOS.” 




By reducing the costs and barriers to access sMPCs, businesses can leverage one of cryptography’s most venerated achievements. However, the direct impact on sMPCs extends beyond PoR for exchanges well into the depths of the battle for digital privacy.




Privacy advantages of sMPC 



Applications can be layered on top of sMPC protocols, masking the exceptional complexity that underscores them — something businesses do not want to pay for to implement themselves. Once the barriers to accessing sMPC protocols are reduced, the practical applications for privacy become pretty obvious.




The primary target area? Privacy.



For example, outside the scope of blockchains, imagine any scenario where two or more parties want to come together; they do not explicitly trust each other and would like to determine an outcome without revealing sensitive internal details about each other.




Situations like data sharing, such as calculating the average age of a group of web users visiting a website without exposing other (non-pertinent) personal user data, immediately come to mind. Others, like insurance providers analyzing risk without having to control vast quantities of data (no more Equifax hacks), are also enticing. And some, like secure monetization for user data by renting personal data to advertisers, might be the tip of the privacy spear that shatters the glass ceiling of user privacy abuse.




ARPA views sMPC as also playing a critical role in health care, an industry rife with data privacy and security problems.




“Individual medical data contains sensitive information that is risky to run a diagnosis using third-party models or tools,” says Rotaru. He added:






“With sMPC protocols, such as ARPA’s, medical data for diagnoses can be computed without leaking data to third-party model providers, specifically AI specialists that are prevailing as pivotal algorithmic providers to medical institutions.”




It’s unlikely that enterprises will recognize the advent of sMPCs to their advantage in the short-term. Their incorporation of the technology will likely follow its proven accolades among public blockchains, and specifically, financial applications running on those networks. Enterprises that have been investing in both researching and implementation of sMPC have also come together to form an alliance to bring global awareness to this technology. The MPC Alliance now has over a dozen members.





Yet, the question is whether or not the technology will become more sophisticated from this point forward: 

Should the technology become a ubiquitous, accessible tool on the web, expect an entire generation of companies to provide privacy services to web surfers, advertisers and companies with>




The trajectory of sMPC’s impact on privacy appears inevitably fruitful in the long-term. Now, the onus is on crypto companies and blockchains to tinker and promote the technology that has cryptographers so excited about the future of privacy.



The views, thoughts and opinions expressed here are the author’s alone and do not necessarily reflect or represent the views and opinions of Cointelegraph.




ARPA 致力于为企业与个人提供基于加密运算和区块链的隐私数据安全流转解决方案。

ARPA 安全多方计算网络可以作为协议层为公链实现隐私计算能力,并赋能开发人员在私密智能合约上构建高效、安全、能保护数据隐私的的商业应用。企业和个人数据可以在ARPA 计算网络上被安全分析或利用,而不必担心将数据暴露给任何第三方。ARPA多方计算技术支持安全数据市场,精准营销,信用评分计算,甚至个人数据的安全变现。



转载请联系网页底部:内容合作栏目,邮件进行授权。授权后转载时请注明出处、作者和本文链接。 未经许可擅自转载本站文章,将追究相关法律责任,侵权必究。