universal privacy Commons: 4/5

Secure Multi-Party Computation (SMPC or MPC)

Also known as:

1. Overview

Secure Multi-Party Computation (SMPC or MPC) is a pattern for building resilient value creation systems.

Problem: Multiple parties, each holding private data, want to collaboratively compute a joint function of their data without revealing their individual inputs to each other. For example, a group of competing hospitals may want to calculate the average salary of their doctors to benchmark themselves, but no hospital is willing to reveal its salary data to the others.

Context: You are designing a system where multiple, mutually distrusting parties need to collaborate to generate a valuable insight. Centralizing the data is not an option due to privacy, confidentiality, or legal constraints. You need a way to perform the computation in a completely decentralized and private manner.

2. Core Principles

Use Secure Multi-Party Computation (SMPC), a cryptographic protocol that allows a set of parties to jointly compute a function over their inputs while keeping those inputs private. The protocol ensures that no party learns anything more than its own input and the final, computed output.

SMPC works by having the parties engage in a complex protocol of exchanging encrypted and “secret-shared” pieces of their data. The computation is performed on these encrypted shares, and at the end of the protocol, the parties can combine their results to reveal only the final answer. The underlying data is never revealed to any other party or to a central coordinator.

3. Rationale

SMPC provides one of the strongest possible guarantees of privacy for collaborative computation. It:

  • Eliminates the Need for a Trusted Third Party: The computation can be performed without having to trust a central server to handle the sensitive data.
  • Provides Cryptographic Guarantees: The privacy of the inputs is protected by formal, mathematical proofs.
  • Enables New Forms of Collaboration: Allows for valuable data collaboration in scenarios where it would otherwise be impossible due to trust and privacy barriers.

4. Consequences

  • Positive:
    • Enables privacy-preserving collaboration between competing or mutually distrusting organizations.
    • Unlocks significant value from data that cannot be centralized.
    • Provides very strong, provable privacy guarantees.
  • Negative:
    • High Performance Overhead: SMPC protocols are computationally intensive and can have very high communication overhead, making them much slower than traditional, centralized computation.
    • High Complexity: Designing and implementing SMPC protocols is extremely complex and requires deep cryptographic expertise.
    • Limited Scalability: The performance of many SMPC protocols degrades significantly as the number of parties increases.

5. Application Context

Best Used For:

  • Value creation systems requiring strong privacy and security foundations
  • Organizations operating in regulated environments
  • Systems handling sensitive data or requiring high trust

6. Known Uses

  • Private Auctions: In 2008, a secure auction was conducted in Denmark to determine the market clearing price for sugar beet contracts without any of the farmers revealing their individual bids.
  • Financial Benchmarking: Banks have used SMPC to benchmark their performance on metrics like fraud detection rates without revealing their sensitive transaction data.
  • Cryptocurrency: Some privacy-enhancing features in cryptocurrencies use SMPC-like techniques.