Paper 2019/470

A Practical Approach to the Secure Computation of the Moore-Penrose Pseudoinverse over the Rationals

Niek J. Bouman and Niels de Vreede


Solving linear systems of equations is a universal problem. In the context of secure multiparty computation (MPC), a method to solve such systems, especially for the case in which the rank of the system is unknown and should remain private, is an important building block. We devise an efficient and data-oblivious algorithm (meaning that the algorithm's execution time and branching behavior are independent of all secrets) for solving a bounded integral linear system of unknown rank over the rational numbers via the Moore-Penrose pseudoinverse, using finite-field arithmetic. I.e., we compute the Moore-Penrose inverse over a finite field of sufficiently large order, so that we can recover the rational solution from the solution over the finite field. While we have designed the algorithm with an MPC context in mind, it could be valuable also in other contexts where data-obliviousness is required, like secure enclaves in CPUs. Previous work by Cramer, Kiltz and Padró (CRYPTO 2007) proposes a constant-rounds protocol for computing the Moore-Penrose pseudoinverse over a finite field. The asymptotic complexity (counted as the number of secure multiplications) of their solution is $O(m^4 + n^2 m)$, where $m$ and $n$, $m\leq n$, are the dimensions of the linear system. To reduce the number of secure multiplications, we sacrifice the constant-rounds property and propose a protocol for computing the Moore-Penrose pseudoinverse over the rational numbers in a linear number of rounds, requiring only $O(m^2n)$ secure multiplications. To obtain the common denominator of the pseudoinverse, required for constructing an integer-representation of the pseudoinverse, we generalize a result by Ben-Israel for computing the squared volume of a matrix. Also, we show how to precondition a symmetric matrix to achieve generic rank profile while preserving symmetry and being able to remove the preconditioner after it has served its purpose. These results may be of independent interest.

Note: Minor revision

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. MINOR revision.ACNS 2020
secure multiparty computationsecure linear algebraMoore-Penrose pseudoinverseoblivious algorithms
Contact author(s)
niek bouman @ rosemanlabs com
n d vreede @ tue nl
2020-04-23: last of 3 revisions
2019-05-10: received
See all versions
Short URL
Creative Commons Attribution


      author = {Niek J.  Bouman and Niels de Vreede},
      title = {A Practical Approach to the Secure Computation of the Moore-Penrose Pseudoinverse over the Rationals},
      howpublished = {Cryptology ePrint Archive, Paper 2019/470},
      year = {2019},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.