Kinan Dak Albab, Boston University

Abstract

Secure multi-party computation (MPC) is a cryptographic primitive that enables several parties to compute jointly over their collective private data sets. Over the past decade, a number of general and special-purpose MPC software frameworks have been developed. The designs of these frameworks focus on optimizing commonly used primitives or on providing efficient MPC implementations of specific algorithms. However, they have certain limitations that hinder their adoption (and consequently the adoption of MPC) in practical real-world applications: (1) Many of these frameworks are built using legacy software stacks or domain specific languages that make them difficult to use as part of a larger application. (2) Existing frameworks do not provide easy-to-use abstractions for expressing asymmetries in the roles and capabilities of participating parties. (3) Existing frameworks are often tied to the underlying assumptions that are used to optimize their protocols; customizing them to support a similar set of assumptions, or updating them with new primitives, is non-trivial. (4) Deploying and using MPC applications built with these frameworks requires substantial technical, logistical, and maintenance effort and expertise; detection and recovery from failures during deployment must be done manually.

The JavaScript Implementation of Federated Functionalities (JIFF) is an MPC framework built specifically to address the above concerns. JIFF is built using JavaScript to support MPC applications that run on web and mobile platforms. It supports MPC applications in which parties join and leave the computation dynamically and carry out the computation asynchronously, while providing mechanisms for recovery from network and crash failures. JIFF supports and simplifies designing and deploying arbitrarily asymmetric MPC applications, and is highly customizable to accommodate the idiosyncrasies of deployment scenarios: users have the ability to easily specialize or modify any of the underlying primitives, protocols, preprocessing stages, and assumptions. Thanks to these features and flexibilities, MPC applications written with JIFF can be integrated easily as components within server-client(s) web and mobile applications and server(s)-to-server(s) systems. We used JIFF to implement several MPC libraries and applications spanning data-structures (sorting and searching), machine learning (linear regression and principle component analysis), and relational data workflows (i.e., SQL-like queries). Several of these applications use various levels of asymmetry (e.g., the outsourced, parallelized, or hierarchical MPC models). JIFF has been deployed in real-world privacy-preserving studies on income inequality and on diversity in contracting by large businesses, both in Boston.

Video