| The advent of pervasive computation and the internet has resulted in a world in which a vast amount of private information resides in computers and networks. Unfortunately, recent events have proven that this information is unsafe. In just the last two years, retailers such as Target and Ebay, government agencies such as the Internal Revenue Service and the Office of Personnel Management, and companies as diverse as Ashley Madison (a Canadian dating company specializing in extramarital relationships) and JP Morgan Chase (the largest bank in the US) have all been hacked. Add in the revelations about large-scale spying by government agencies and state-sponsored hacking, and our security is very much in doubt.;Secure function evaluation (SFE), also known as secure multi-party computation (SMPC), allows multiple parties to jointly compute a function while maintaining input and output privacy. The two-party variant, known as 2P-SFE, was first introduced by Yao in the 1980s [1] and was largely a theoretical curiosity. 2P-SFE has become vastly more efficient in recent years, owing to advances in hardware, faster encryption libraries, and, of course, improved protocols [2, 3, 4]. Given all of the threats to our private information, strong cryptography and secure computation should be ubiquitous. However, various technical, economic, and social factors have resulted in a situation in which cryptographic and security technology is not nearly as widely used as it should be.;In this thesis, I present a set of results aimed at making SFE more suitable for real-life deployment. First, I present PartialGC, which fundamentally changes the communication pattern of SFE from a complex many-to-many pattern to a simple, star-like pattern and introduces the ability to save state across multiple secure computations. To facilitate the creation of secure programs, I then present a complete garbled-circuit compiler for 2P-SFE computations, called Frigate, that is two orders of magnitude faster than the previous state of the art. Next, I combine these technologies with Intel's new Software Guard Extensions to achieve security guarantees akin to that of SFE while achieving execution speeds almost as fast as those of privacy-invasive protocols. Finally, I present a tool that allows naive users to search and specify their security needs and assumptions and produces a list of known cryptographic protocols suited for the scenario specified or indicates that no such protocols are known. |
