MPC threat models – honest majority

[bmcase]

I see there is already some feedback around considering semi-honest or malicious trust models. I’d like to add it would also be good to consider honest majority vs dishonest majority MPC. We’ve found the 3-party honest majority malicious setting to particularly useful.

I think there is some distinction to be made here between VDAFs and PPM where in the PPM spec the decision has been to focus on two-parties.

[cjpatton]

Hi Ben, (sorry it took me so long to get reply!)

I guess it depends somewhat on what we decide the scope of the draft to be.

Right now our intent is to focus on DAP, and for the moment DAP is not compatible with any 3-party, honest majority MPC. This could change, depending on your requirements, but this is a discussion for DAP and not this draft in particular.

If we decide to extend the scope beyond DAP, then I think there are two directions we might go in.

1. If we want to spell out how in full detail how to run a DP policy alongside the protocol (like we do for DAP), then we need to have a concrete protocol in mind. Further, this would need to be something that some WG at IETF is working on (or likely will work on the future).
2. We could re-scope the draft to be not specific to any particular protocol.