Efficiently outsourcing multiparty computation under multiple keys

Andreas Peter, Erik Tews, Stefan Katzenbeisser

    Research output: Contribution to journalArticleAcademicpeer-review

    132 Citations (Scopus)
    12 Downloads (Pure)


    Secure multiparty computation enables a set of users to evaluate certain functionalities on their respective inputs while keeping these inputs encrypted throughout the computation. In many applications, however, outsourcing these computations to an untrusted server is desirable, so that the server can perform the computation on behalf of the users. Unfortunately, existing solutions are either inefficient, rely heavily on user interaction, or require the inputs to be encrypted under the same public key - drawbacks making the employment in practice very limited. We propose a novel technique based on additively homomorphic encryption that avoids all these drawbacks. This method is efficient, requires no user interaction whatsoever (except for data upload and download), and allows evaluating any dynamically chosen function on inputs encrypted under different public keys. Our solution assumes the existence of two non-colluding but untrusted servers that jointly perform the computation by means of a cryptographic protocol. This protocol is proven to be secure in the semi-honest model. By developing application-tailored variants of our approach, we demonstrate its versatility and apply it in two real-world scenarios from different domains, privacy-preserving face recognition and private smart metering. We also give a proof-of-concept implementation to highlight its feasibility.
    Original languageEnglish
    Pages (from-to)2046-2058
    Number of pages13
    JournalIEEE transactions on information forensics and security
    Issue number12
    Publication statusPublished - 1 Nov 2013


    • EWI-24199
    • IR-88718
    • METIS-302588
    • SCS-Cybersecurity


    Dive into the research topics of 'Efficiently outsourcing multiparty computation under multiple keys'. Together they form a unique fingerprint.

    Cite this