資訊安全中,針對安全多方計算的問題已經發展了許多解法。其中一派以計
算上安全(Computationally Secure)出發,嘗試對安全計算提出通用性(general)的解
法 , 但 是 這 類 作 法 需 要 的 效 能 甚 鉅 。 另 外 一 派 是 以 資 訊 上 安 全 (Information
-theoretically Secure)為前提,透過可信任的第三者公正伺服器來提供亂數資料輔
助實際運作的兩方計算,這個方法雖然需要的效能比前者低,但是擴充成多方計
算會造成設計的複雜度變高,一般實際的安全多方運用不見得需要這麼完整的解
法。
為了進一步推廣安全多方計算的運用,需要一個設計上較簡單,執行效率較
高,在處理常用的安全多方計算時能套用或擴充的模型 (model),我們利用加法分
持的概念設計了一個安全多方應用程式的模型,適合解決保障隱私的選舉投票的
類似問題,並以安全會議排程為例,闡述如何考量安全多方計算的需求來應用這
個模型。

Secure multiparty computation (SMC) allows several untrusting parties to conduct
certain computations over their private data jointly without compromising their privacy.
Since Yao's pioneer work on secure two-party computation, there have been many
proposals of protocols for specific problems as well as of general approaches for secure
protocol development.
However, those proposals, though general, are all very complex and take a lot of
computation resources, thus making people consider them impractical for real-world
applications. This thesis focuses on a simple approach to secure multiparty computation,
namely additive secret sharing, and presents a framework for developing some
real-world applications using it. We argue that, although this approach can solve only a
limited scope of SMC problems, it is easy to apply and is computationally efficient.
Besides showing some typical examples supported by our framework, we have
developed a secure meeting time scheduler to demonstrate the feasibility of this
approach.

[1] A. C. Yao. Protocols for secure computation. SFCS 1982: Proceedings of the 23rd Annual IEEE
Symposium on Foundations of Computer Science; 1982 Nov 3-5; 1982. p. 160-4.
[2] Goldreich O, Micali S, Wigderson A. How to play ANY mental game. Proceedings of the 19th
Annual ACM Symposium on Theory of Computing; 1987. p. 218-29.
[3] A. C. Yao. How to generate and exchange secrets. In IEEE Symposium on Foundations of
Computer Science (FOCS’86), pages 162–167. IEEE, 1986.
[4] Goldreich O, Secure multi-party computation (working draft). Available from
http://www.wisdom.weizmann, ac.il/home/oded/public_html/foc.html, 1998.
[5] M. Naor, B. Pinkas, and R. Sumner. Privacy preserving auctions and mechanism design. In ACM
Conf. on Electronic Commerce, pages 129–139, 1999.
[6] M. Barni, P. Failla, V. Kolesnikov, R. Lazzeretti, A.-R. Sadeghi, and T. Schneider. Secure evaluation
of private linear branching programs with medical applications. In European Symposium on Research
in Computer Security (ESORICS’09),volume 5789 of LNCS, pages 424–439. Springer, 2009.
[7] A.-R. Sadeghi, T. Schneider, and I. Wehrenberg. Efficient privacy-preserving face recognition. In
12th International Conference on Information Security and Cryptology (ICISC ’09), LNCS. Springer,
2009.
[8] B. Chor, O. Goldreich, E. Kushilevitz, and M. Sudan. Private information retrieval. In Proceedings
of IEEE Symp. on Foundations of Computer Science, Milwaukee, WI USA, October 23-25 1995.
[9] Y. Lindell and B. Pinkas. Secure multiparty computation for privacy-preserving data mining. J. of
Privacy and Confidentiality, 1(1):59–98, 2009.
[10] Du and M. J. Atallah. Secure multi-party computation problems and their applications: A review
and open problems. In New Security Paradigms Workshop, pages 11-20, Cloudcroft, New Mexico,
USA, September 11-13 2001.
[11] P. Paillier. Public-key cryptosystems based on composite degree residuosity classes. In Advances
in Cryptology – EUROCRYPT’99, volume 1592 of LNCS, pages 223–238. Springer, 1999.
[12] I. Damgard and M. Jurik. A generalisation, a simplification and some applications of paillier’s
probabilistic public-key system. In Public-Key Cryptography (PKC’01), volume 1992 of LNCS, pages
119–136. Springer, 2001.
[13] M. Dijk, C. Gentry, S. Halevi, and V. Vaikuntanathan. Fully homomorphic encryption over the integers. In Advances in Cryptology –EUROCRYPT’10, LNCS, pages 24–43. Springer, 2010.
[14] Beaver D. Commodity-based cryptography (extended abstract). STOC 1997: Proceedings of the
29th Annual ACM Symposium on Theory of Computing; 1997 May 4-6; El Paso, Texas, USA. New
York, NY, USA: ACM Press; 1997. p. 446-55.
[15] Du W, Zhan Z. A practical approach to solve Secure Multi-party Computation problems. NSPW
2002: Proceedings of the 2002 Workshop on New Security Paradigms; 2002 Sep 23-26; Virginia
Beach, Virginia USA. New York, NY, USA: ACM Press; 2002. p. 127-35.
[16] Da-Wei Wang, Chrun-Jung Liau, Yi-Ting Chiang, Tsan-sheng Hsu, "Information Theoretical
Analysis of Two-Party Secret Computation," Data and Application Security,
Lecture Notes in Computer Science, number 4127, Springer, pages 310-317, July 2006.
[17] Chih-Hao Shen, Justin Zhan, Da-Wei Wang, Tsan-Sheng Hsu, Churn-Jung Liau,
"Information-Theoretically Secure Number-Product Protocol," 2007 International Conference on
Machine Learning and Cybernetics, volume 5, pages 3006-3011, August 2007.
[18] Wang IC, Chih-Hao Shen, Tsan-sheng Hsu, Churn-Jung Liau, Da-Wei Wang, and
Justin Zhan, "Towards Empirical Aspects of Secure Scalar Product," IEEE Transactions on Systems,
Man, and Cybernetics, volume 39, pages 440-447, July 2009.
[19] Wang IC, Shen CH, Kung Chen, Tsan-sheng Hsu, Liau CJ, Da-Wei Wang. An empirical study on
privacy and secure multi-party computation using exponentiation. Secure- Com 2009: International
Symposium on Secure Compu- ting; 2009 Aug 29-31; Vancouver, Canada. 2009. p. 182- 8.
[20] Wang IC, Kung Chen, Tsan-sheng Hsu, Liau CJ, Shen CH, Da-Wei Wang. Protocols for secure
multi- party computation: design, implementation and performance evaluation. Institute of Information
Science, Academia Sinica, Taiwan; 2009 Report No.: TR-IIS-09-005.
[21] Wang IC, Kung Chen, J.H. Chuang, C.H. Lee, Tsan-sheng Hsu, Liau CJ, P.Y. Wang, and Da-Wei
Wang, “On Applying Secure Multi-party Computation: A Case Report”, Proc. of Asia-Pacific
Association Medical Informatics (APAMI 2009), Hiroshima, Japan, Nov. 22-24, 2009.
[22] 疾病管制局,登革熱疾病飯擔之估計與應用,行政院衛生署疾病管制局 97 年度科技研究發
展計畫。
[23] Shamir, Adi (1979), How to Share a Secret, Communications of the ACM, Vol.22(11), 612-613