Auditing of Secure Multiparty Computations

Secure multiparty computations allow independent parties to collectively analyze data without compromising their input’s privacy. This data secrecy is guaranteed in some security model: in the passive model an adversary can only look at data visible to it, while in the active model adversaries can actively interfere in the computations. So from a security standpoint the active model is preferable, but carries a significant overhead. This thesis proposes an intermediate model, which builds upon a system that is secure in the passive model, but audits the computations for active attacks. It carries the same guarantees provided by the passive model, while attempting to detect active attacks without being explicitly secure against them. To facilitate auditing, systems produce audit logs, which can be examined to detect active malicious behaviour. Audit logging was added to Sharemind, an existing secure multiparty computation platform that operates in the passive model, and a prototype audit tool was created to make inspecting the logs during the auditing process accessible to human auditors with only basic knowledge of secure multiparty computations. To test the viability of this model, an Internet voting demo application was created using this modified Sharemind and possible attacks against this application were analyzed from an auditability standpoint. The analysis unveiled that since the Sharemind audit logging implementation evaluates protocols without context, it is possible to automatically verify individual protocols and detect computational forgery, but the adversary can perform semantic forgery. The audit logs do not contain the semantics of the computation and this can be abused to modify inputs to protocols, effectively modifying the results. The need to include semantic information about the computation in the audit became apparent and is set as a goal for future work.