Cryptology ePrint Archive: Report 2019/080

Turbospeedz: Double Your Online SPDZ! Improving SPDZ using Function Dependent Preprocessing

Aner Ben Efraim and Michael Nielsen and Eran Omri

Abstract: Secure multiparty computation allows a set of mutually distrusting parties to securely compute a function of their private inputs, revealing only the output, even if some of the parties are corrupt. Recent years have seen an enormous amount of work that drastically improved the concrete efficiency of secure multiparty computation protocols. Many secure multiparty protocols work in an ``offline-online" model. In this model, the computation is split into two main phases: a relatively slow ``offline phase", which the parties execute before they know their input, and a fast ``online phase", which the parties execute after receiving their input.

One of the most popular and efficient protocols for secure multiparty computation working in this model is the SPDZ protocol (Damgaard et al., CRYPTO 2012). The SPDZ offline phase is function independent, i.e., does not requires knowledge of the computed function at the offline phase. Thus, a natural question is: can the efficiency of the SPDZ protocol be improved if the function is known at the offline phase?

In this work, we answer the above question affirmatively. We show that by using a function dependent preprocessing protocol, the online communication of the SPDZ protocol can be brought down significantly, almost by a factor of 2, and the online computation is often also significantly reduced. In scenarios where communication is the bottleneck, such as strong computers on low bandwidth networks, this could potentially almost double the online throughput of the SPDZ protocol, when securely computing the same circuit many times in parallel (on different inputs).

We present two versions of our protocol: Our first version uses the SPDZ offline phase protocol as a black-box, which achieves the improved online communication at the cost of slightly increasing the offline communication. Our second version works by modifying the state-of-the-art SPDZ preprocessing protocol, Overdrive (Keller et al., Eurocrypt 2018). This version improves the overall communication over the state-of-the-art SPDZ when the function is known at the offline phase.

Category / Keywords: cryptographic protocols / Secure Multiparty Computation, SPDZ, concrete efficiency, offline/online

Original Publication (with minor differences): ACNS 2019

Date: received 24 Jan 2019, last revised 9 May 2019

Contact author: anermosh at post bgu ac il, omrier at gmail com, michael at cryptax com

Available format(s): PDF | BibTeX Citation

Version: 20190509:172041 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]