## Cryptology ePrint Archive: Report 2019/922

A High-Assurance Evaluator for Machine-Checked Secure Multiparty Computation

Karim Eldefrawy and Vitor Pereira

Abstract: Secure Multiparty Computation (MPC) enables a group of $n$ distrusting parties to jointly compute a function using private inputs. MPC guarantees correctness of computation and confidentiality of inputs if no more than a threshold $t$ of the parties are corrupted. Proactive MPC (PMPC) addresses the stronger threat model of a mobile adversary that controls a changing set of parties (but only up to $t$ at any instant), and may eventually corrupt all $n$ parties over a long time.

This paper takes a first stab at developing high-assurance implementations of (P)MPC. We formalize in EasyCrypt, a tool-assisted framework for building high-confidence cryptographic proofs, several abstract and reusable variations of secret sharing and of (P)MPC protocols building on them. Using those, we prove a series of abstract theorems for the proactive setting. We implement and perform computer-checked security proofs of concrete instantiations of the required (abstract) protocols in EasyCrypt.

We also develop a new tool-chain to extract high-assurance executable implementations of protocols formalized and verified in EasyCrypt. Our tool-chain uses Why as an intermediate tool, and enables us to extract executable code from our (P)MPC formalizations. We conduct an evaluation of the extracted executables by comparing their performance to performance of manually implemented versions using Python-based Charm framework for prototyping cryptographic schemes. We argue that the small overhead of our high-assurance executables is a reasonable price to pay for the increased confidence about their correctness and security.

Category / Keywords: Secure Multi-Party Computation, Verified Implementation, High-Assurance Cryptography

Original Publication (with minor differences): ACM CCS 2019
DOI:
10.1145/3319535.3354205

Date: received 13 Aug 2019, last revised 24 Sep 2019

Contact author: vitorm2p at gmail com

Available format(s): PDF | BibTeX Citation

Short URL: ia.cr/2019/922

[ Cryptology ePrint archive ]