The Intersection of Modern Cryptography and Blockchain: How are Fully Homomorphic Encryption, Multiparty Computation, and Zero-knowledge Proofs useful in the cryptocurrency ecosystem?
By: Roger A. Hallman
1 Introduction
Blockchain technology utilizes cryptographic protocols [46] such as hash functions and digital signature schemes to verify and record transactions in a distributed manner. These protocols are well-established within the field, so much so that most of any blockchain’s cryptographic fundamentals are sufficiently covered in most undergraduate introductory cryptography courses [34]. This use of cryptography for recording blockchain transactions has led to the misconception that users are anonymous, rather than pseudonymous, and this made the cryptocurrency ecosystem attractive to members of illicit economies. This belief that the use of cryptographic protocols and confusing pseudonymity for anonymity has enabled law enforcement agencies to shut down dark web markets, as well as identify, arrest, and prosecute criminals all over the world. However, as legal economic activities incorporate blockchain technology, there is increased interest in the privacy protections afforded by modern cryptography and how these newer cryptographic primitives may be integrated into blockchain protocols.
This blog article delves into modern cryptography, specifically Fully Homomorphic Encryption (FHE), Multiparty Computation (MPC), and Zero-knowledge Proofs (ZkPs), as well as how they are being used by blockchain developers within the cryptocurrency ecosystem. FHE is a cryptographic primitive which enables computations on encrypted data. MPC allows for collaborative computation while protecting the privacy of individual contributors. ZkPs give one party the ability to verify the validity of a statement by another party without leaking any further information. Each of these cryptographic primitives will be described in greater detail below. However, we will endeavor to avoid too much mathematical rigor, and will provide references for readers so inclined to pursue it.
The duration of this article is organized as follows: Section 2 will give background information on the cryptographic primitives above, along with information on leading software libraries. Section 3 will survey how these modern cryptographic protocols are being used by blockchain developers to improve data privacy within the cryptocurrency ecosystem. Finally, concluding remarks will be given in Section 4.
2 Modern Cryptography
Cryptography [34] is the ancient mathematical art and science of protecting information from adversarial attacks. In many cases, these protocols take structured data and make it appear as random noise [29]. We have covered cryptographic basics in a previous blog post [30], and so we refer readers there rather than rehash it here. However, before we introduce several modern cryptographic protocols, we must discuss general scenarios where cryptographic techniques are employed, as well as cover two cryptographic techniques which are critical to blockchain functionality: hash functions and digital signatures.
There are three general scenarios where we would like to employ cryptographic techniques for data protection [9]: data-at-rest, data-in-transit, and data-in-use. Data-at-rest protection refers to protecting data in storage, often using a symmetric encryption protocol. An example of this scenario is the full disk encryption capability that is available on many personal computers. Data-in-transit protection can be seen as encrypting a data object for the purposes of communication with another entity, utilizing asymmetric cryptographic or key exchange protocols. Any person ordering a product through an Internet-based marketplace is using data-in-transit protection.
The protection of data-in-use [55] is a scenario that falls very much within the broader scope of this article. Classic cryptography has largely solved the problems of protecting data-at-rest and data-in-transit; but if we wanted to actually use those data objects for any kind of work, then we were required to decrypt that data and operate on that as a plaintext object. A major focus on modern cryptography is enabling meaningful computation on encrypted data without compromising data protection.
Cryptographic hash functions [53] convert an input into a fixed-length output—usually compressing a larger input into a much smaller output. The key aspect of hash functions is the reliance of an “avalanche effect,” wherein miniscule changes in the input create significant differences in the output. This leads to a characteristic called collision resistance, which means that it is highly unlikely for two different input values to generate identical outputs. For this reason, hash functions are commonly used for software security. Many software companies will provide customers a hash value to ensure that they downloaded an officially sanctioned piece of software, rather than a counterfeit copy that is infected with malware. Hash functions are used in cryptocurrencies like Bitcoin to create tamper-evident log, which means that an adversary cannot alter data earlier in the chain without being detected by every other node on the network.
Digital signatures [4] are an asymmetric cryptographic primitive that are analogous to a person’s handwritten signature, and used to verify the authenticity of a message being sent. A message is signed with a secret key and verified with the corresponding public key. A desirable characteristic for a digital signature is unforgeability, which is to say that an adversary cannot learn the signer’s secret key, even with access to some large (but finite) number of signed messages. Cryptocurrency networks such as Bitcoin and Ethereum use the Elliptic Curve Digital Signature Algorithm (ECDSA) [22], a well-established and standardized digital signature scheme to sign transactions on their respective blockchains.
2.1 Fully Homomorphic Encryption
The first modern cryptographic primitive that we will discuss is Fully Homomorphic Encryption (FHE). Without getting bogged down in mathematical formalism, a homomorphism can be thought of as a structure-preserving relationship. Given a function f and an operation +, then f (a + b) = f (a) + f (b). In the context of cryptography [31], a homomorphism would enable ENC(a + b) = ENC(a) + ENC(b). In fact, Rivest, Adleman, and Dertouzos theorized in the late ‘70s that this should be possible based on the underlying mathematics of the RSA protocol [52]; they used the term “privacy homomorphisms.” The coming years saw the development of Partially Homomorphic Encryption protocols, which could be used for computation over encrypted data with a single operation (e.g., an operation corresponding to addition or multiplication, but not both). FHE, which would allow for an arbitrary number of encrypted additions and multiplications, was seen for decades as one of Cryptography’s “Holy Grails [42].”
Craig Gentry developed the working FHE scheme in 2009 [24], which led to a subsequent explosion of FHE schemes and software libraries. At the present time, all FHE schemes are built on variants of a hard lattice problem known as the Learning With Errors (LWE) problem [51], which can be thought of as a noisy least squares regression over a finite field. Because of the hardness of LWE, FHE schemes are believed to be resistant to quantum computer-based attacks. (It is worth noting that the LWE problem also underpins the CRYSTALS post-quantum cryptography schemes [2], which NIST has published as standards [47, 48].) There are three general classes of FHE schemes [31]:
- Boolean arithmetic schemes represent plaintext values as bits, and computations as Boolean circuits.
- Modular arithmetic schemes represent plaintext as integers modulo a plaintext modulus “t”, and express computations as integer arithmetic circuits mod t.
- Approximate arithmetic schemes represent plaintext data as real or complex numbers, and computations are similar to floating point arithmetic.
Each of these scheme classes have their strengths, as well as scenarios where they will perform optimally. For instance, approximate arithmetic schemes are popular for encrypted machine learning. On the other hand, Boolean arithmetic schemes perform certain operations such as comparison (i.e. less/greater than) efficiently, while these operations are much more difficult to perform with other schemes.
FHE’s early days were marred by incredibly slow computations, with even relatively simple computations being many orders of magnitude too slow for practical application [45]. These slower computation speeds are one of the major impediments to widespread adoption of FHE, and the United States Government has made considerable investments in improving FHE’s computational performance. This includes funding for major fundamental and applied research programs such as DARPA’s PROCEED [19] and DPRIVE [20] programs, as well as IARPA’s HECTOR [33] program. As a result of these efforts, homomorphically encrypted computations have gone from taking days to compute, to often taking minutes. While these improvements are still too slow for many real-world applications [27], FHE now performs at a level where it can be a significant value add to many commercial applications.
There are two professional organizations organized by FHE researchers, the Homomorphic Encryption Standardization Consortium [32], and FHE.org [23]. Participants in the Standardization Consortium include leading researchers from academia, industry R&D firms, and relevant government agencies and standardization organizations. They have produced a security standard document and are spearheading standardization through international organizations such as ISO/IEC. FHE.org, loosely associated with the Swiss company Zama, is based in Europe and hosts monthly symposiums which are open to any interested person. They also host an annual conference which is affiliated with IACR conferences; however, they do not focus on standards documentation.
Software libraries have been developed by teams in the United States, Europe, and the Republic of Korea. Most of these libraries are written in C++, though there are other languages used as well. Microsoft SEAL [54], OpenFHE [5], HElib [28], TFHE [15], HEEAN [18] are all written in C++, and many of these libraries have sanctioned Python or Rust wrappers. Lattigo [1] is written in Go, while Zama has developed many libraries, including a Boolean Arithmetic library in Rust [62]. Some of these libraries are actively maintained open source projects, while others have been transitioned into proprietary enterprises. Support for developers wishing to use these libraries in their projects will find that available documentation and community assistance is variable, but OpenFHE and Zama certainly have active development communities with forums where people can ask for help, as well as share their project successes.
FHE enables companies to outsource computationally expensive data processing services such as commercial cloud computing platforms while protecting sensitive data. There are cases where machine learning models are trained to run on encrypted data [59]; similarly, there are also instances where a machine learning model may itself be encrypted to protect proprietary information. FHE can be used by law enforcement investigators to make certain encrypted queries against databases [35], minimizing the risk that the database owner will know about the query subject or what result was rendered. Researchers have also shown that FHE is viable for defending data flows in cyber-physical systems [13]. As FHE is believed to be resistant to quantum attacks, use cases will likely emerge that don’t inherently require computation, but will benefit from the added security provided by a lattice-based cryptography scheme.
As FHE is a very recent achievement, accessible literature is somewhat limited. The topic is briefly mentioned in Katz’s textbook [34], but otherwise the majority of available literature comes from journal articles and refereed conferences. However, the Standardization Consortium has published a relatively accessible book [38] which includes an introduction to FHE schemes, the security standard document, along with many chapters on use case scenarios.
2.2 Multiparty Computation
Multiparty Computation (MPC) [17] is another cryptographic primitive which enables several different parties to collaboratively compute a function over their inputs, while keeping the value of their individual inputs secret. This class of cryptographic protocols was first introduced as a two-party protocol by Andrew Yao [60, 61], dubbed the “Garbled Circuit.” The garbled circuit treats computations as Boolean circuits with AND and XOR operations, in combination with other cryptographic protocols such as AES. Yao’s original protocol was limited to two parties, with later research expanding it to multiparty settings, as well as to arithmetic circuits [7].
The fundamental building [16] blocks for MPC schemes include commitments, which make it difficult for an adversary to tell the difference between two messages, and secret sharing schemes, which distribute a secret s and distribute it among n parties. Linear secret sharing schemes allow parties to compute linear functions on secret values, and there are a number of such schemes based on a desired security model (e.g., a semi-honest vs. a malicious adversary). A final cryptographic primitive for MPC is oblivious transfer, wherein a sender transfers information to a receiver; but, as the name indicates, the receiver does not know what information they have received.
Several mature MPC frameworks are widely available, including SCALE-MAMBA [37] and MP-SPDZ [36]. MAMBA is a Python-like frontend language which compiles into bytecode, while SCALE is the runtime where those bytecodes are executed. MP-SPDZ supports more than 30 MPC variants with a programming interface that is very similar to Python. Underlying protocols supported include garbled circuits, secret sharing, oblivious transfer, and some homomorphic encryption. MP-SPDZ is heavily used in machine learning cases where sensitive information must be protected.
MPC protocols are far more mature than FHE, and there are a wealth of resources that are publicly available. These range from refereed literature in the form of journal articles and refereed conference papers, textbooks, and software libraries. In terms of instructional textbooks, Cramer, et al.’s Secure Multiparty Computation and Secret Sharing [17] is well organized and relatively accessible to somebody who has taken an undergraduate-level cryptography course. Both SCALE-MAMBA and MP-SPDZ are available in publicly accessible repositories. Moreover, there is at least one professional organization that focuses on MPC, the MPC Alliance [44]. The Alliance consists of academic researchers and industry practitioners from around the world.
2.3 Zero-knowledge Proofs
Zero-knowledge Proofs [39] (ZkPs) are a cryptographic primitive which enables one party to prove the veracity of a computational statement to another party, without revealing any further information about that statement. ZkPs were introduced by Goldwasser, Micali, and Rackoff [26] in the late ‘80s, where they introduced an interactive proof system, by which a prover convinces (with high probability) a verifier as to the correctness of a mathematical statement. This may involve multiple rounds of interaction between the prover and verifier. More recent research has led to advances to make these proofs more computationally efficient, non-interactive proofs [3] such as SNARKS [12], STARKS [8], and BulletProofs [10], to name a few. Non-interactive in this context means that the prover sends only one message, and there is no possibility of interaction between the prover and verifier.
There are several prominent non-interactive proof protocols, such as:
- The Fiat-Shamir Heuristic [11] uses digital signatures or hash functions to make interactive proofs non-interactive. The prover sends a commitment to the verifier and computes a challenge of the hash of the commitment, then sends the challenge response and the original commitment to the verifier.
- zk-SNARKs give a prover the ability to prove to the verifier that they know the solution to a mathematical problem without revealing the solution itself. zk-SNARKs offer succinct, efficient proofs, often less than a kilobyte irrespective of the complexity of the statement being proven. These proofs require complicated mathematical techniques such as pairing-based cryptography, quadratic arithmetic programs, and require trusted setup phase.
- zk-STARKs make several improvements on zk-SNARKs by not requiring a trusted setup phase and allowing the simultaneous verification of multiple statements, thus greatly improving upon the efficiency of zk-SNARKs.
There is a professional organization comprised of academics and industry practitioners, ZK Proof [64], which is focused on developing formal standards in collaboration with organizations like NIST. They host an annual workshop where recent advances in the field are reviewed, and strategic moves are planned as they pursue the further development of standardization documentation. Additionally, they serve as a repository for a curated body of knowledge on ZkPs, including textbooks [57, 14], refereed literature, and software tools.
3 Modern Cryptography and its Integration into the Cryptocurrency Ecosystem
Now that we have given introductions to FHE, MPC, and ZkPs, we are now ready to survey how various cryptocurrency projects and blockchain platforms are utilizing these cryptographic protocols. ZkPs and MPC, being more mature protocols, have seen wider use than FHE. However, the excitement over FHE’s capabilities has led to R&D efforts that show great promise, including here at CAT Labs.
ZkPs see widespread use within the cryptocurrency ecosystem [56]. Perhaps the most high profile example of this is the use of zk-Rollups on Ethereum and other smart contract platforms [25]. zk-Rollups aggregate multiple transactions into a single proof, which improves network scalability by reducing the amount of information which must be stored on-chain, while ensuring that the underlying transaction data is valid. ZkPs are also prominent within privacy-focused cryptocurrencies like ZCash [6]. ZCash uses zk-SNARKS to hide transaction details—including the identities of the sender and receiver, as well as the transaction amounts—from public view, while confirming the transaction validity on the network.
Cryptocurrencies are popular among criminals for their ability to transfer funds almost globally, enabling illicit economic activities like money laundering. ZkPs are an important tool in combating money laundering operations while protecting the privacy of legitimate blockchain network users. Financial institutions are bound to regulatory compliance regimes via anti-money laundering (AML) and know your customer (KYC) laws. There is a sense of tension between AML/KYC compliance and other data privacy requirements (e.g., GDPR) [50], and ZkPs offer a technically sound methodology to balance these regulations [41]. ZkPs enable financial institutions to confirm that transactions have been vetted according to AML requirements, even though customer information and transaction details are kept hidden. Similarly, financial institutions can utilize ZkPs to allow customers to prove KYC details such as age or citizenship without revealing any underlying data.
Key generation and key management are a perennial challenge for asymmetric cryptographic systems, and this carries over to the cryptocurrency ecosystem. As the maxim goes, “not your keys, not your crypto.” Private keys are used to sign transactions, and so there it is prudent for financial institutions—which control millions or billions of dollars’ worth of cryptocurrency assets—to require multiple signatories for transactions. MPC [21] offers institutions the ability to split private keys into n pieces and share portions of those keys among a set of authorized signers. Those institutions then require multi-signature protocols such as a threshold signature scheme, which require a minimum number t of n of signatures to allow a transaction. This has proven to be an effective defense against hackers gaining access to and absconding with institutions’ cryptocurrency assets, though it is worth noting that even cryptographically sophisticated MPC wallets may have vulnerabilities under certain conditions [40].
FHE emerged at roughly the same time as blockchain technology, and so it makes sense that cryptocurrency projects are interested in how to incorporate this technology. For instance, the cryptocurrency project NuCypher (now merged with the Threshold Network [58]) has experimented with FHE, even developing a Python-based Boolean arithmetic FHE library [49]. Threshold focuses on privacy-enhancing DAOs and integrating end-to-end encryption into dApps.
Zama has put a major focus on opportunities to employ FHE on the blockchain. They developed a homomorphically encrypted Ethereum Virtual Machine (fhEVM) [43], which supports running smart contracts on encrypted data. This supports confidentiality in transactions and other applications, including token/real-world asset swaps, private transfers, blind auctions, and e-voting. The company also hosted a bug bounty challenge to explore the possibility of homomorphically encrypted transaction signatures. This is important because there is research showing that even cryptographically sophisticated multi-signature wallets may be vulnerable to key reconstruction attacks, and a homomorphically encrypted ECDSA would make for an excellent safeguard against this risk. This challenge of a homomorphically encrypted ECDSA was successfully accomplished in 2023 [63]—though with an extremely slow runtime, taking as long as two days on a 64-core machine.
While we cannot discuss it in-depth at this moment, CAT Labs is working to integrate FHE into cryptocurrency security. In this effort, we are interested in key management, with a focus on key backup and recovery. Additionally, we are designing tools to improve the robustness of cryptocurrency investigations by integrating FHE into tools which can protect cryptocurrency artifacts and other digital assets which are recovered from seized devices.
4 Conclusion
Blockchains and cryptocurrency rely heavily on various cryptographic protocols, and blockchain developers are constantly exploring how to integrate recent cryptographic advances into their projects and services. In this blog article, we introduced the reader to three of these modern cryptographic primitives: FHE, MPC, and ZkPs. With a goal of avoiding too much mathematical rigor, we briefly described cryptographic schemes and developed protocols. Finally, we briefly described how each primitive is used within the blockchain ecosystem.
While we have described three modern cryptographic primitives, it is important to remember that cryptography is a dynamic science, and advances occur every year. The primitives discussed in this article are hardly the only recent cryptographic advances to catch the eyes of blockchain developers, and many projects are experimenting with other protocols.
References
[1] Lattigo v5. Online: https://github.com/tuneinsight/lattigo, Nov. 2023. EPFL-LDS, Tune Insight SA.
[2] Crystals: Cryptographic suite for algebraic lattices, 2024. https://pq-crystals.org/.
[3] Aad, I. Zero-knowledge proof. Trends in Data Protection and Encryption Technologies (2023), 25–30.
[4] Aggarwal, S., and Kumar, N. Digital signatures. In Advances in Computers, vol. 121. Elsevier, 2021, pp. 95–107.
[5] Badawi, A. A., Alexandru, A., Bates, J., Bergamaschi, F., Cousins, D. B., Erabelli, S., Genise, N., Halevi, S., Hunt, H., Kim, A., Lee, Y., Liu, Z., Micciancio, D., Pascoe, C., Polyakov, Y., Quah, I., R.V., S., Rohloff, K., Saylor, J., Suponitsky, D., Triplett, M., Vaikuntanathan, V., and Zucca, V. OpenFHE: Open-source fully homomorphic encryption library. Cryptology ePrint Archive, Paper 2022/915, 2022. https://eprint.iacr.org/2022/915.
[6] Banerjee, A., Clear, M., and Tewari, H. Demystifying the role of zk-snarks in zcash. In 2020 IEEE conference on application, information and network security (AINS) (2020), IEEE, pp. 12–19.
[7] Bayatbabolghani, F., and Blanton, M. Secure multi-party computation. In Proceedings of the 2018 ACM SIGSAC conference on computer and communications security (2018), pp. 2157–2159.
[8] Ben-Sasson, E., Bentov, I., Horesh, Y., and Riabzev, M. Scalable, transparent, and post-quantum secure computational integrity. Cryptology ePrint Archive (2018).
[9] Bhatia, T., and Verma, A. Data security in mobile cloud computing paradigm: a survey, taxonomy and open research issues. The Journal of Supercomputing 73 (2017), 2558–2631.
[10] B¨unz, B., Bootle, J., Boneh, D., Poelstra, A., Wuille, P., and Maxwell, G. Bulletproofs: Short proofs for confidential transactions and more. In 2018 IEEE symposium on security and privacy (SP) (2018), IEEE, pp. 315–334.
[11] Canetti, R., Chen, Y., Holmgren, J., Lombardi, A., Rothblum, G. N., Rothblum, R. D., and Wichs, D. Fiat-shamir: from practice to theory. In Proceedings of the 51st Annual ACM SIGACT Symposium on Theory of Computing (2019), pp. 1082–1090.
[12] Chen, T., Lu, H., Kunpittaya, T., and Luo, A. A review of zk-snarks. arXiv preprint arXiv:2202.06877 (2022).
[13] Cheon, J. H., Han, K., Hong, S.-M., Kim, H. J., Kim, J., Kim, S., Seo, H., Shim, H., and Song, Y. Toward a secure drone system: Flying with real-time homomorphic authenticated encryption. IEEE access 6 (2018), 24325–24339.
[14] Chiesa, A., and Yogev, E. Building cryptographic proofs from hash functions, 2024. https://snargsbook.org/.
[15] Chillotti, I., Gama, N., Georgieva, M., and Izabach`ene, M. TFHE: Fast fully homomorphic encryption library, August 2016. https://tfhe.github.io/tfhe/.
[16] Cramer, R., Damg˚ard, I., and Nielsen, J. B. Multiparty computation, an introduction.
[17] Cramer, R., Damg˚ard, I. B., and Nielsen, J. B. Secure Multiparty Computation and Secret Sharing. Cambridge University Press, 2015.
[18] CryptoLab. Heaan private ai: Homomorphic encryption library, 2024. https://heaan.it/.
[19] Defense Advanced Research Projects Agency (DARPA). Programming computation on encrypted data (proceed), 2014.
[20] Defense Advanced Research Projects Agency (DARPA). Data protection in virtual environments (dprive), 2022.
[21] Eyal, I. On cryptocurrency wallet design. In 3rd International Conference on Blockchain Economics, Security and Protocols (Tokenomics 2021) (2022), Schloss-Dagstuhl-Leibniz Zentrum f¨ur Informatik.
[22] Fang, W., Chen, W., Zhang, W., Pei, J., Gao, W., and Wang, G. Digital signature scheme for information non-repudiation in blockchain: a state of the art review. EURASIP Journal on Wireless Communications and Networking 2020 (2020), 1–15.
[23] FHE.org. Fhe.org, 2024. https://fhe.org/.
[24] Gentry, C. A fully homomorphic encryption scheme. Stanford university, 2009.
[25] Gogol, K., Messias, J., Miori, D., Tessone, C., and Livshits, B. Quantifying arbitrage in automated market makers: An empirical study of ethereum zk rollups. arXiv preprint arXiv:2403.16083 (2024).
[26] Goldwasser, S., Micali, S., and Rackoff, C. The knowledge complexity of interactive proof-systems. In Proceedings of the seventeenth annual ACM symposium on Theory of computing (1985), pp. 291–304.
[27] Gong, Y., Chang, X., Miˇsi´c, J., Miˇsi´c, V. B., Wang, J., and Zhu, H. Practical solutions in fully homomorphic encryption: a survey analyzing existing acceleration methods. Cybersecurity 7, 1 (2024), 5.
[28] Halevi, S., and Shoup, V. Helib: an open-source software library that implements homomorphic encryption, 2023. https://github.com/shaih/HElib.
[29] Hallman, R. A. Poster evegan: Using generative deep learning for cryptanalysis. In Proceedings of the 2022 ACM SIGSAC Conference on Computer and Communications Security (2022), pp. 3355–3357.
[30] Hallman, R. A. Neural cryptanalysis – an introduction to attacking cryptography with deep learning. CAT Labs Blog (February 9, 2024). https://blog.catlabs.io/neural-cryptanalysis-an-introduction-to-attacking-cryptography-with-deep-learning/.
[31] Hallman, R. A., Laine, K., Dai, W., Gama, N., Malozemoff, A. J., Polyakov, Y., and Carpov, S. Building applications with homomorphic encryption. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (2018), pp. 2160–2162. http://homomorphicencryption.org/wp-content/uploads/2018/10/CCS-HE-Tutorial-Slides.pdf.
[32] Homomorphic Encryption Standardization Consortium. Homomorphic encryption standardization: An open industry / government / academic consortium to advance secure computation, 2024. https://homomorphicencryption.org/.
[33] Intelligence Advanced Research Projects Activity. Hector: Homomorphic encryption computing techniques with overhead reduction, 2019.
[34] Katz, J., and Lindell, Y. Introduction to modern cryptography: principles and protocols. Chapman and hall/CRC, 2007.
[35] Kaushik, A. R. Enhancing Privacy and Security in AI using Fully Homomorphic Encryption. PhD thesis, Faculty of the Graduate School of the University at Buffalo, The State . . . , 2024.
[36] Keller, M. MP-SPDZ: A versatile framework for multi-party computation. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (2020). https://github.com/data61/MP-SPDZ.
[37] KU Leuven-COSIC. Repository for the scale-mamba mpc system, 2022. https://github.com/KULeuven-COSIC/SCALE-MAMBA.
[38] Lauter, K. E., Dai, W., and Laine, K. Protecting privacy through homomorphic encryption. Springer, 2022.
[39] Li, F., and McMillin, B. A survey on zero-knowledge proofs. In Advances in computers, vol. 94. Elsevier, 2014, pp. 25–69.
[40] Makriyannis, N., Yomtov, O., and Galansky, A. Practical key-extraction attacks in leading mpc wallets. Cryptology ePrint Archive (2023).
[41] Malhotra, D., Saini, P., and Singh, A. K. How blockchain can automate kyc: Systematic review. Wireless Personal Communications 122, 2 (2022), 1987–2021.
[42] Micciancio, D. A first glimpse of cryptography’s holy grail. Communications of the ACM 53, 3 (2010), 96–96.
[43] Morten Dahl, Cl´ement Danjou, D. D. T. F. P. I. M. J. D. R. N. S. L. T. T. Confidential evm smart contracts using fully homomorphic encryption. Tech. rep., Zama, 2023.
[44] MPC Alliance. Mpc alliance, 2024. https://www.mpcalliance.org/.
[45] Naehrig, M., Lauter, K., and Vaikuntanathan, V. Can homomorphic encryption be practical? In Proceedings of the 3rd ACM workshop on Cloud computing security workshop (2011), pp. 113–124.
[46] Narayanan, A., Bonneau, J., Felten, E., Miller, A., and Goldfeder, S. Bitcoin and Cryptocurrency Technologies: A Comprehensive Introduction. Princeton University Press, 2016.
[47] National Institute of Standards and Technology. Fips 203: Module-lattice-based key-encapsulation mechanism standard, August 13, 2024.
[48] National Institute of Standards and Technology. Fips 204: Module-lattice-based digital signature standard, August 13, 2024.
[49] NuCypher. Nufhe, a gpu-powered torus fhe implementation, 2018. https://nufhe.readthedocs.io/.
[50] Poskriakov, F., Chiriaeva, M., and Cavin, C. Cryptocurrency compliance and risks: A european kyc/aml perspective. Blockchain & Cryptocurrency Regulation 2020 (2020).
[51] Regev, O. The learning with errors problem. Invited survey in CCC 7, 30 (2010), 11.
[52] Rivest, R. L., Adleman, L., Dertouzos, M. L., et al. On data banks and privacy homomorphisms. Foundations of secure computation 4, 11 (1978), 169–180.
[53] Rogaway, P., and Shrimpton, T. Cryptographic hash-function basics: Definitions, implications, and separations for preimage resistance, second-preimage resistance, and collision resistance. In Fast Software Encryption: 11th International Workshop, FSE 2004, Delhi, India, February 5-7, 2004. Revised Papers 11 (2004), Springer, pp. 371–388.
[54] Microsoft SEAL (release 4.1). https://github.com/Microsoft/SEAL, Jan. 2023. Microsoft Research, Redmond, WA.
[55] Sidorov, V., and Ng, W. K. Transparent data encryption for data-in-use and data-at-rest in a cloud-based database-as-a-service solution. In 2015 IEEE world congress on services (2015), IEEE, pp. 221–228.
[56] Sun, X., Yu, F. R., Zhang, P., Sun, Z., Xie, W., and Peng, X. A survey on zero-knowledge proof in blockchain. IEEE network 35, 4 (2021), 198–205.
[57] Thaler, J. Proofs, arguments, and zero-knowledge, 2023. https://people.cs.georgetown.edu/jthaler/ProofsArgsAndZK.pdf.
[58] Threshold Network. Threshold, 2024. https://threshold.network/.
[59] Xie, Q., Jiang, S., Jiang, L., Huang, Y., Zhao, Z., Khan, S., Dai, W., Liu, Z., and Wu, K. Efficiency optimization techniques in privacy-preserving federated learning with homomorphic encryption: A brief survey. IEEE Internet of Things Journal 11, 14 (2024), 24569–24580.
[60] Yao, A. C. Protocols for secure computations. In 23rd annual symposium on foundations of computer science (sfcs 1982) (1982), IEEE, pp. 160–164.
[61] Yao, A. C.-C. How to generate and exchange secrets. In 27th annual symposium on foundations of computer science (Sfcs 1986) (1986), IEEE, pp. 162–167.
[62] Zama. TFHE-rs: A Pure Rust Implementation of the TFHE Scheme for Boolean and Integer Arithmetics Over Encrypted Data, 2022. https://github.com/zama-ai/tfhe-rs.
[63] Zama. zama-ai/bounty-ecdsa-signature, 2023. https://github.com/zama-ai/bounty-ecdsa-signature.
[64] ZKProof. Zkproof standards: A global movement to standardize and mainstream advanced cryptography by building a community-driven trust ecosystem, 2024. https://zkproof.org/.