Quick scan multi-party-computation
We are performing a quick scan for a pilot with secure multi-party computation (MPC) in Amsterdam.
The Responsible Sensing Lab aims to make smart city systems more responsible on 4 levels: hardware, software, user-interface design and governance. On the software level, we are performing a quick scan to run a pilot with secure multi-party computation (MPC) in Amsterdam.
Multi-party-computation (MPC)
MPC is a cryptographic method that allows the analysis of different data sets without the need to share the data between parties. With this technique, repurposing data after an analysis with multiple parties is not possible. Also, MPC enables analyzing sensitive data without harming privacy or similar risks.
Zeki Erkin, associate professor at TU Delft and expert on MPC, is in the lead for the quick scan. Together with Zeki, we are looking for use cases that allow us to test MPC in Amsterdam. We see multiple opportunities in the mobility domain, in which many data are being produced and shared. The goal of a future pilot is to study how MPC could support the municipality in both data minimization and analyzing data without the risks that accompany data sharing.
Data sharing for operational services and intelligence is crucial for a safe digital society. While doing so, it is also vital to protect our people against any privacy breaches. I believe MPC will play a key role in building safe and privacy-preserving solutions.”
— Dr. Zeki Erkin, Cybersecurity- en privacyconsultant en trainer bij ZEC Security en universitair hoofddocent bij TU Delft
A basic example of how MPC works
A basic example of how MPC works. Alice, Bob, Julia and Charles want to find out their group's average salary but don’t want to share how much they earn. The MPC protocol assigns each of them a secret, random value, the sum of which is equal to zero. The values are added to the salary figure which is shared with the MPC protocol. Now, the average salary can be calculated using the adjusted salary figures as the random values cancel out.
Quick-scan report on the use of Multiparty Computation for Mobility Services in Amsterdam
In this report, we first introduce the concept of MPC. We try to address the questions like how MPC works, what are the limitations of MPC, which use cases can be solved using MPC, and what are the differences between MPC and other relevant solutions.
Second, we present privacy considerations in the use cases we investigated. Third, we provide a list of use cases that we identified based on our interviews with the experts in the field. Fourth, we analyse these use cases and cluster them in short-term, mid-term or long-term project based on criteria such as the number of parties involved, and the type of data resources needed.
Finally, we provide advice on how to proceed in two dimensions, namely use cases suitable for development and deployment, and use cases that involve scientific challenges and thus require further research.