Yibiao Lu,Bingsheng Zhang,Kui Ren

DOI: https://doi.org/10.1109/tifs.2024.3494547

2023-01-01

Abstract:Most existing MPC protocols consider the homogeneous setting, where all the MPC players are assumed to have identical communication and computation resources. In practice, the player with the least resources often becomes the bottleneck of the entire MPC protocol execution. In this work, we initiate the study of so-called load-balanced MPC in heterogeneous computing. A load-balanced MPC protocol can adjust the workload of each player accordingly to maximize the overall resource utilization. In particular, we propose new notions called composite circuit and composite garbling scheme , and construct two efficient server-aided protocols with malicious security and semi-honest security, respectively. Our maliciously secure protocol is over 400× faster than the authenticated garbling protocol (CCS ’17) and up to 4.3× faster than the state-of-the-art server-aided MPC protocol of Lu et al . (TDSC ’23); our semi-honest protocol is up to 173× faster than the optimized BMR protocol (CCS ’16) and is up to 3.8× faster than the protocol of Lu et al .

Yulin Wu,Xuan Wang,Willy Susilo,Guomin Yang,Zoe L. Jiang,Junyi Li,Xueqiao Liu

DOI: https://doi.org/10.1016/j.csi.2021.103570

2022-03-01

Abstract:With the rapid development of secure multi-party computation (MPC) over past decades, applications of MPC has been moving from completing simple computation tasks (e.g., private set intersection) to complex computation tasks (e.g., privacy-preserving machine learning). This is an inevitable trend when more strict privacy protection requirements face more complex and large-scale computation such as big data analytics being applied in many fields. Although the complex computation tasks are not easy to be evaluated with one type of MPC protocols from beginning to the end, it can be more efficiently evaluated by decomposing the complex task into many simple sub-tasks and evaluating each of them with the proper type of MPC protocol in sequence. Therefore, we propose a mixed-protocol MPC framework towards complex computation tasks with malicious security in this work. In particular, we utilize the homomorphic commitment technique to construct six types of share conversion protocols in the malicious model. Then, we construct the maliciously secure mixed-protocol MPC framework based on these share conversion protocols. This is the first maliciously secure mixed-protocol MPC framework relying on the standard model, providing a higher security guarantee than all the previous works in the literature. Also, this is the first general mixed-protocol MPC framework for n parties in the malicious model, in comparison to previous works that either only support fixed number of parties in the malicious model, or only handle limited types of share conversions. Furthermore, we provide the theoretical analysis of the computation and communication costs for the six types of share conversion protocols, as an important reference for future developers, who intend to implement some complex computation task by following this mixed-protocol MPC framework with malicious security.

computer science, software engineering, hardware & architecture

Yun Luo,Yuling Chen,Tao Li,Yilei Wang,Yixian Yang,Xiaomei Yu

DOI: https://doi.org/10.4018/joeuc.306752

2022-01-01

Journal of Organizational and End User Computing

Abstract:Data interaction scenarios involving multiple parties in network communities have problems of trust, data security, and reliability of the parties, and secure multiparty computation(SMPC) can effectively solve these problems. To address the security and fairness issues of SMPC, this study considers that semi-honest participants can lead to deviations in the security and fairness of the protocol, and combines information entropy and mutual information to present an n-round information exchange protocol in which each participant broadcasts a relevant information value in each round without revealing other information. The uncertainty of the correct outcome value is blurred by the interaction information in each round, and each participant is not sure of the correct outcome value until the end of the protocol, which effectively prevents malicious behavior and ensures the correct execution of the protocol. Security and fairness analysis shows that our protocol guarantees the security and relative fairness of the output obtained by the participants after completing the protocol.

Dengguo Feng,Kang Yang

DOI: https://doi.org/10.1051/sands/2021001

2022-01-01

Security and Safety

Abstract:Secure multi-party computation (MPC) allows a set of parties to jointly compute a function on their private inputs, and reveals nothing but the output of the function. In the last decade, MPC has rapidly moved from a purely theoretical study to an object of practical interest, with a growing interest in practical applications such as privacy-preserving machine learning (PPML). In this paper, we comprehensively survey existing work on concretely efficient MPC protocols with both semi-honest and malicious security, in both dishonest-majority and honest-majority settings. We focus on considering the notion of security with abort, meaning that corrupted parties could prevent honest parties from receiving output after they receive output. We present high-level ideas of the basic and key approaches for designing different styles of MPC protocols and the crucial building blocks of MPC. For MPC applications, we compare the known PPML protocols built on MPC, and describe the efficiency of private inference and training for the state-of-the-art PPML protocols. Furthermore, we summarize several challenges and open problems to break though the efficiency of MPC protocols as well as some interesting future work that is worth being addressed. This survey aims to provide the recent development and key approaches of MPC to researchers, who are interested in knowing, improving, and applying concretely efficient MPC protocols.

Christopher Harth-Kitzerow,Ajith Suresh,Yonqing Wang,Hossein Yalame,Georg Carle,Murali Annavaram

2024-06-29

Abstract:In this work, we present novel protocols over rings for semi-honest secure three-party computation (3PC) and malicious four-party computation (4PC) with one corruption. While most existing works focus on improving total communication complexity, challenges such as network heterogeneity and computational complexity, which impact MPC performance in practice, remain underexplored. Our protocols address these issues by tolerating multiple arbitrarily weak network links between parties without any substantial decrease in performance. Additionally, they significantly reduce computational complexity by requiring up to half the number of basic instructions per gate compared to related work. These improvements lead to up to twice the throughput of state-of-the-art protocols in homogeneous network settings and even larger performance improvements in heterogeneous settings. These advantages come at no additional cost: Our protocols maintain the best-known total communication complexity per multiplication, requiring 3 elements for 3PC and 5 elements for 4PC. We implemented our protocols alongside several state-of-the-art protocols (Replicated 3PC, ASTRA, Fantastic Four, Tetrad) in a novel open-source C++ framework optimized for high throughput. Five out of six implemented 3PC and 4PC protocols achieve more than one billion 32-bit multiplications or over 32 billion AND gates per second using our implementation in a 25 Gbit/s LAN environment. This represents the highest throughput achieved in 3PC and 4PC so far, outperforming existing frameworks like MP-SPDZ, ABY3, MPyC, and MOTION by two to three orders of magnitude.

Cryptography and Security

Satsuya Ohata,Koji Nuida

DOI: https://doi.org/10.48550/arXiv.1907.03415

2020-01-04

Abstract:Secure multi-party computation (MPC) allows a set of parties to compute a function jointly while keeping their inputs private. Compared with the MPC based on garbled circuits,some recent research results show that MPC based on secret sharing (SS) works at a very high speed. Moreover, SS-based MPC can be easily vectorized and achieve higher throughput. In SS-based MPC, however, we need many communication rounds for computing concrete protocols like equality check, less-than comparison, etc. This property is not suited for large-latency environments like the Internet (or WAN). In this paper, we construct semi-honest secure communication-efficient two-party protocols. The core technique is Beaver triple extension, which is a new tool for treating multi-fan-in gates, and we also show how to use it efficiently. We mainly focus on reducing the number of communication rounds, and our protocols also succeed in reducing the number of communication bits (in most cases). As an example, we propose a less-than comparison protocol (under practical parameters) with three communication rounds. Moreover, the number of communication bits is also $38.4\%$ fewer. As a result, total online execution time is $56.1\%$ shorter than the previous work adopting the same settings. Although the computation costs of our protocols are more expensive than those of previous work, we confirm via experiments that such a disadvantage has small effects on the whole online performance in the typical WAN environments.

Cryptography and Security

Yun Luo,Yuling Chen,Tao Li,Yilei Wang,Yixian Yang

DOI: https://doi.org/10.1109/dasc-picom-cbdcom-cyberscitech52372.2021.00061

2021-01-01

Abstract:Secure multi-party computation(SMPC) is an important research field in cryptography, secure multi-party computation has a wide range of applications in practice. Accordingly, information security issues have arisen. Aiming at security issues in Secure multi-party computation, we consider that semihonest participants have malicious operations such as collusion in the process of information interaction, gaining an information advantage over honest parties through collusion which leads to deviations in the security of the protocol. To solve this problem, we combine information entropy to propose an nround information exchange protocol, in which each participant broadcasts a relevant information value in each round without revealing additional information. Through the change of the uncertainty of the correct result value in each round of interactive information, each participant cannot determine the correct result value before the end of the protocol. Security analysis shows that our protocol guarantees the security of the output obtained by the participants after the completion of the protocol.

Ananya Appan,Anirudh Chandramouli,Ashish Choudhury

DOI: https://doi.org/10.1109/tit.2023.3264444

IF: 2.5

2023-01-01

IEEE Transactions on Information Theory

Abstract:Secure multi-party computation (MPC) is a fundamental problem in secure distributed computing. An MPC protocol allows a set of n mutually distrusting parties to carry out any joint computation of their private inputs, without disclosing any additional information about their inputs. MPC with information-theoretic security (also called unconditional security) provides the strongest security guarantees and remains secure even against computationally unbounded adversaries. Perfectly-secure MPC protocols are a class of information-theoretically secure MPC protocols, which provide all the security guarantees in an error-free fashion. The focus of this work is perfectly-secure MPC. Known protocols are designed assuming either a synchronous or asynchronous communication network. It is well known that perfectly-secure synchronous MPC is possible as long as the adversary can corrupt any ts < n/3 parties. On the other hand, perfectly-secure asynchronous MPC protocols can tolerate up to ta < n/4 corrupt parties. A natural question is does there exist a single MPC protocol for the setting where the parties are not aware of the exact network type and which can tolerate up to ts < n/3 corruptions in a synchronous network and up to ta < n/4 corruptions in an asynchronous network. We design such a best-of-both-worlds perfectly-secure MPC protocol, provided 3ts + ta < n holds. For designing our protocol, we design two important building blocks which are of independent interest. The first building block is a best-of-both-worlds Byzantine agreement (BA) protocol tolerating t < n/3 corruptions which remains secure both in a synchronous as well as asynchronous network. The second building block is a polynomial-based best-of-both-worlds verifiable secret-sharing (VSS) protocol, which can tolerate up to ts and ta corruptions in a synchronous and in an asynchronous network respectively.

computer science, information systems,engineering, electrical & electronic

Kemal Akkaya,Soamar Homsi,Oscar G. Bautista

DOI: https://doi.org/10.1109/LCN52139.2021.9524971

2021-10-04

Abstract:With the increasing interest in Secure Multi-Party Computation protocols (MPC), there have been several works such as the SPDZ1 protocol that tackled this problem under a malicious security with dishonest majority attack model. However, most of these MPC efforts assume that the nodes running the computations are also supplying the inputs, which is not a realistic assumption for many real-life applications. In this paper, we extend the SPDZ protocol to enable clients outsource data and computation to the clouds while ensuring the correctness of the results, in addition to integrity and confidentiality of the input and output. We guarantee that the computation among nodes is done correctly by verifying their output’s Message Authentication Codes (MACs) at the end. Specifically, we delegate this task to an honest server. Our approach strives to minimize the burden on clients while enabling cheating detection even when assuming a malicious attack model with dishonest majority.

Engineering,Computer Science

Nishat Koti,Shravani Patil,Arpita Patra,Ajith Suresh

DOI: https://doi.org/10.48550/arXiv.2206.12224

2022-06-24

Abstract:The growing volumes of data being collected and its analysis to provide better services are creating worries about digital privacy. To address privacy concerns and give practical solutions, the literature has relied on secure multiparty computation. However, recent research has mostly focused on the small-party honest-majority setting of up to four parties, noting efficiency concerns. In this work, we extend the strategies to support a larger number of participants in an honest-majority setting with efficiency at the center stage. Cast in the preprocessing paradigm, our semi-honest protocol improves the online complexity of the decade-old state-of-the-art protocol of Damgård and Nielson (CRYPTO'07). In addition to having an improved online communication cost, we can shut down almost half of the parties in the online phase, thereby saving up to 50% in the system's operational costs. Our maliciously secure protocol also enjoys similar benefits and requires only half of the parties, except for one-time verification, towards the end. To showcase the practicality of the designed protocols, we benchmark popular applications such as deep neural networks, graph neural networks, genome sequence matching, and biometric matching using prototype implementations. Our improved protocols aid in bringing up to 60-80% savings in monetary cost over prior work.

Cryptography and Security,Distributed, Parallel, and Cluster Computing,Information Theory,Machine Learning

Yun Luo,Yuling Chen,Tao Li,Yilei Wang

DOI: https://doi.org/10.1109/ithings-greencom-cpscom-smartdata-cybermatics55523.2022.00080

2022-01-01

Abstract:Many distributed interaction scenarios exist in big data networks, which require joint computation in different environments. In the traditional secure multiparty computation(SMPC), there exist constant rounds or even more rounds of interaction, which greatly increases the communication overhead. In this paper, we address the problem of optimizing the complexity of rounds by constructing a secure computation protocol that achieves semi-honest static security based on a polynomial puzzle assumption. The multiparty interactive computation is performed using multilinear maps operation, and the obtained results are transmitted over the broadcast channel. The security analysis shows that the protocol achieves static security.

Brandon Broadnax,Alexander Koch,Jeremias Mechler,Tobias Müller,Jörn Müller-Quade,Matthias Nagel

DOI: https://doi.org/10.2478/popets-2021-0072

2021-07-23

Proceedings on Privacy Enhancing Technologies

Abstract:Abstract In practice, there are numerous settings where mutually distrusting parties need to perform distributed computations on their private inputs. For instance, participants in a first-price sealed-bid online auction do not want their bids to be disclosed. This problem can be addressed using secure multi-party computation (MPC), where parties can evaluate a publicly known function on their private inputs by executing a specific protocol that only reveals the correct output, but nothing else about the private inputs. Such distributed computations performed over the Internet are susceptible to remote hacks that may take place during the computation. As a consequence, sensitive data such as private bids may leak. All existing MPC protocols do not provide any protection against the consequences of such remote hacks. We present the first MPC protocols that protect the remotely hacked parties’ inputs and outputs from leaking. More specifically, unless the remote hack takes place before the party received its input or all parties are corrupted, a hacker is unable to learn the parties’ inputs and outputs, and is also unable to modify them. We achieve these strong (privacy) guarantees by utilizing the fact that in practice parties may not be susceptible to remote attacks at every point in time, but only while they are online, i.e. able to receive messages. To this end, we model communication via explicit channels. In particular, we introduce channels with an airgap switch (disconnect-able by the party in control of the switch), and unidirectional data diodes . These channels and their isolation properties, together with very few, similarly simple and plausibly remotely unhackable hardware modules serve as the main ingredient for attaining such strong security guarantees. In order to formalize these strong guarantees, we propose the UC with Fortified Security (UC#) framework, a variant of the Universal Composability (UC) framework.

Tianpei Lu,Bingsheng Zhang,Lichun Li,Kui Ren

2024-11-14

Abstract:With the increasing emphasis on privacy regulations, such as GDPR, protecting individual privacy and ensuring compliance have become critical concerns for both individuals and organizations. Privacy-preserving machine learning (PPML) is an innovative approach that allows for secure data analysis while safeguarding sensitive information. It enables organizations to extract valuable insights from data without compromising privacy. Secure multi-party computation (MPC) is a key tool in PPML, as it allows multiple parties to jointly compute functions without revealing their private inputs, making it essential in multi-server environments. We address the performance overhead of existing maliciously secure protocols, particularly in finite rings like $\mathbb{Z}_{2^\ell}$, by introducing an efficient protocol for secure linear function evaluation. We implement our maliciously secure MPC protocol on GPUs, significantly improving its efficiency and scalability. We extend the protocol to handle linear and non-linear layers, ensuring compatibility with a wide range of machine-learning models. Finally, we comprehensively evaluate machine learning models by integrating our protocol into the workflow, enabling secure and efficient inference across simple and complex models, such as convolutional neural networks (CNNs).

Cryptography and Security

Zhelei Zhou,Bingsheng Zhang,Hong-Sheng Zhou,Kui Ren

DOI: https://doi.org/10.1109/eurosp60621.2024.00029

2024-01-01

Abstract:Single Input Functionality (SIF) is a special case of MPC, where only one distinguished party called dealer holds the secret input. SIF allows the dealer to complete a computation task and send to other parties their respective outputs without revealing any additional information about its secret input. SIF has many applications, including multiple-verifier zero-knowledge and verifiable relation sharing, etc. Recently, several works devote to round-efficient realization of SIF, and achieve 2-round communication in the honest majority setting (Applebaum et al., Crypto 2022; Baum et al., CCS 2022; Yang and Wang, Asiacrypt 2022). In this work, we focus on concrete efficiency and propose the first practical construction for SIF against a dishonest majority in the preprocessing model; moreover, the online phase of our protocol is only 2-round and is highly efficient, as it requires no cryptographic operations and achieves information theoretical security. For SIF among 5 parties, our scheme takes 152.34ms (total) to evaluate an AES-128 circuit with 7.36ms online time. Compared to the state-of-the-art (honest majority) solution (Baum et al., CCS 2022), our protocol is roughly 2 x faster in the online phase, although more preprocessing time is needed. Compared to the state-of-the-art generic MPC against a dishonest majority (Wang et al., CCS 2017; Cramer et al., Crypto 2018), our protocol outperforms them with respect to both total running time and online running time.

Helene Haagh,Aleksandr Karbyshev,Sabine Oechsner,Bas Spitters,Pierre-Yves Strub

DOI: https://doi.org/10.1109/csf.2018.00016

2018-07-01

Abstract:Secure multi-party computation (MPC) is a general cryptographic technique that allows distrusting parties to compute a function of their individual inputs, while only revealing the output of the function. It has found applications in areas such as auctioning, email filtering. and secure teleconference. Given their importance, it is crucial that the protocols are specified and implemented correctly. In the programming language community, it has become good practice to use computer proof assistants to verify correctness proofs. In the field of cryptography, EasyCrypt is the state of the art proof assistant. It provides an embedded language for probabilistic programming, together with a specialized logic, embedded into an ambient general purpose higher-order logic. It allows us to conveniently express cryptographic properties. EasyCrypt has been used successfully on many applications, including public-key encryption, signatures, garbled circuits and differential privacy. Here we show for the first time that it can also be used to prove security of MPC against a malicious adversary. We formalize additive and replicated secret sharing schemes and apply them to Maurer's MPC protocol for secure addition and multiplication. Our method extends to general polynomial functions. We follow the insights from EasyCrypt that security proofs can often be reduced to proofs about program equivalence, a topic that is well understood in the verification of programming languages. In particular, we show that for a class of MPC protocols in the passive case the non-interference-based (NI) definition is equivalent to a standard simulation-based security definition. For the active case, we provide a new non-interference based alternative to the usual simulation-based cryptographic definition that is tailored specifically to our protocol.

Xingyu Xie,Yifei Li,Wei Zhang,Tuowei Wang,Shizhen Xu,Jun Zhu,Yifan Song

DOI: https://doi.org/10.1109/sp54263.2024.00131

2024-01-01

Abstract:Proving the security of a Multiparty Computation (MPC) protocol is a difficult task. Under the current simulation-based definition of MPC, a security proof consists of a simulator, which is usually specific to the concrete protocol and requires to be manually constructed, together with a theoretical analysis of the output distribution of the simulator and corrupted parties’ views in the real world. This presents an obstacle in verifying the security of a given MPC protocol. Moreover, an instance of a secure MPC protocol can easily lose its security guarantee due to careless implementation, and such a security issue is hard to detect in practice.(p)(/p)In this work, we propose a general automated framework to verify the perfect security of instances of MPC protocols against the semi-honest adversary. Our framework has perfect soundness: any protocol that is proven secure under our framework is also secure under the simulation-based definition of MPC. We demonstrate the completeness of our framework by showing that for any instance of the well-known BGW protocol, our framework can prove its security for every corrupted party set with polynomial time. Unlike prior work that only focuses on black-box privacy which requires the outputs of corrupted parties to contain no information about the inputs of the honest parties, our framework may potentially be used to prove the security of arbitrary MPC protocols. (p)(/p)We implement our framework as a prototype. The evaluation shows that our prototype automatically proves the perfect semi-honest security of BGW protocols and B2A (binary to arithmetic) conversion protocols in reasonable durations.

Ran Cohen,Iftach Haitner,Eran Omri,Lior Rotem

DOI: https://doi.org/10.48550/arXiv.2105.00962

2021-05-06

Abstract:In the setting of secure multiparty computation (MPC), a set of mutually distrusting parties wish to jointly compute a function, while guaranteeing the privacy of their inputs and the correctness of the output. An MPC protocol is called \emph{fully secure} if no adversary can prevent the honest parties from obtaining their outputs. A protocol is called \emph{fair} if an adversary can prematurely abort the computation, however, only before learning any new information. We present highly efficient transformations from fair computations to fully secure computations, assuming the fraction of honest parties is constant (e.g., $1\%$ of the parties are honest). Compared to previous transformations that require linear invocations (in the number of parties) of the fair computation, our transformations require super-logarithmic, and sometimes even super-constant, such invocations. The main idea is to delegate the computation to chosen random committees that invoke the fair computation. Apart from the benefit of uplifting security, the reduction in the number of parties is also useful, since only committee members are required to work, whereas the remaining parties simply "listen" to the computation over a broadcast channel.

Cryptography and Security

Yulin Wu,Xuan Wang,Willy Susilo,Guomin Yang,Zoe L. Jiang,Hao Wang,Tong Wu

DOI: https://doi.org/10.1016/j.csi.2021.103571

2022-03-01

Abstract:In the artificial intelligence era, data-driven computation tasks, such as machine learning, have been playing an essential role as the decision-maker to unlock the value of big data in many fields. Moreover, the ultimate goal of pursuing accuracy and efficiency improvement to better promote the application of data-driven computation has never changed. Since the main method to improve the accuracy of these tasks (e.g., the model training of machine learning) is to increase the diversity of datasets, this requires multiple data providers to share their data. However, data providers, e.g., private companies, are reluctant to share their datasets directly, considering the privacy protection of user information and the leakage prevention of their business secrets. Therefore, how to securely and efficiently perform joint datasets based data-driven computation tasks has become the main problem. In this work, without getting the aid of any trusted-third party (e.g., the cloud server), we construct an efficient maliciously secure two-party mixed-protocol framework for data-driven computation tasks. In particular, we construct a new cryptography gadget called committed oblivious linear evaluation (C-OLE) based on the homomorphic commitments in the malicious model. Then we construct two types of share conversion protocols in the malicious model with the above C-OLE gadget to construct the two-party mixed-protocol framework for data-driven computation tasks. Without utilizing the random oracle, our framework can provide a stronger security guarantee than the other two-party mixed-protocol frameworks in the literature. Furthermore, we conscientiously evaluate the theoretical efficiency of the two shares conversion protocols and provide the result as an important reference for future developers who intend to securely and efficiently instantiate the data-driven computation tasks (e.g., privacy-preserving machine learning applications) in the malicious model.

computer science, software engineering, hardware & architecture

Shlomi Dolev,Ziyu Wang

DOI: https://doi.org/10.1109/nca51143.2020.9306699

2020-01-01

Abstract:SodsMPC is a quantum-safe smart contract system. SodsMPC permissioned servers (verification nodes) execute contracts by secure multi-party computation (MPC) protocols. MPC ensures the contract execution correctness while trivially keeping the data privacy. Moreover, SodsMPC accomplishes the contract business logic privacy while protecting the contract user anonymous identity simultaneously. We express the logic of a contract by a finite state machine (FSM). A state transition of the FSM is represented by a blind polynomial with secret-shared coefficients. When using MPC to compute this blind polynomial, the contract business logic privacy is obtained. These coefficients which control the logic are binary secret shares. We also propose a base conversion method among binary and integer secret shares by MPC. Our contract anonymity comes from the "mixing-then-contract" paradigm. The online phase of the SodsMPC mixing is a multiplication between a preprocessed permutation matrix and an input vector in the form of secret sharing, which accomplishes a fully randomized shuffle of the inputs and keeps the secret share form for the following contract execution. All SodsMPC components, including a verifiable secret sharing scheme, are quantum-safe, asynchronous, coping with t < n/3 compromised servers, and robust (tolerates Byzantine servers) in both preprocessing and online phases.

Yuxin Fan,Fu Song,Taolue Chen,Liangfeng Zhang,Wanwei Liu

DOI: https://doi.org/10.1007/978-3-031-13185-1_19

2022-01-01

Abstract:Secure multi-party computation (MPC) is a promising technique for privacy-persevering applications. A number of MPC frameworks have been proposed to reduce the burden of designing customized protocols, allowing non-experts to quickly develop and deploy MPC applications. To improve performance, recent MPC frameworks allow users to declare variables secret only for these which are to be protected. However, in practice, it is usually highly non-trivial for non-experts to specify secret variables: declaring too many degrades the performance while declaring too less compromises privacy. To address this problem, in this work we propose an automated security policy synthesis approach to declare as few secret variables as possible but without compromising security. Our approach is a synergistic integration of type inference and symbolic reasoning. The former is able to quickly infer a sound-but sometimes conservative-security policy, whereas the latter allows to identify secret variables in a security policy that can be declassified in a precise manner. Moreover, the results from symbolic reasoning are fed back to type inference to refine the security types even further. We implement our approach in a new tool PoS4MPC. Experimental results on five typical MPC applications confirm the efficacy of our approach.