The authors present a comprehensive study of efficient protocols and techniques for secure two-party computation – both general constructions that can be used to securely compute any functionality, and protocols for specific problems of interest. The book focuses on techniques for constructing efficient protocols and proving them secure. In addition, the authors study different definitional paradigms and compare the efficiency of protocols achieved under these different definitions.
The book opens with a general introduction to secure computation and then presents definitions of security for a number of different adversary models and definitional paradigms. In the second part, the book shows how any functionality can be securely computed in an efficient way in the presence of semi-honest, malicious and covert adversaries. These general constructions provide a basis for understanding the feasibility of secure computation, and they are a good introduction to design paradigms and proof techniques for efficient protocols. In the final part, the book presents specific constructions of importance. The authors begin with an in-depth study of sigma protocols and zero knowledge, focusing on secure computation, and they then provide a comprehensive study of the fundamental oblivious transfer function. Starting from protocols that achieve privacy only, they show highly efficient constructions that achieve security in the presence of malicious adversaries for both a single and multiple batch executions. Oblivious pseudorandom function evaluation is then presented as an immediate application of oblivious transfer. Finally, the book concludes with two examples of high-level protocol problems that demonstrate how specific properties of a problem can be exploited to gain high efficiency: securely computing the kth-ranked element, and secure database and text search.
This book is essential for practitioners and researchers in the field of secure protocols, particularly those with a focus on efficiency, and for researchers in the area of privacy-preserving data mining. This book can also be used as a textbook for an advanced course on secure protocols.