Dear students, my name is Dominik Schröder and I am the head of the Applied Cortography

Group at FAU.

In this short video I am giving you an introduction into the new lecture Secure Multi-Party Computation.

Of course this is not given from my office at FAU, I am basically doing this at my home

office like you are doing as well.

So what is Secure Multi-Party Computation?

Well this is an amazing primitive that allows you to compute an arbitrary function securely.

So let me motivate this with a very common problem.

Suppose that Bob is looking for his perfect match in life.

He is looking for Alice.

How can he find Alice and be sure that Alice actually is also interested in him?

Well he could go to Alice and basically say, Alice, you are the love of my life.

Please go out and have dinner with me.

But what's happening if Alice essentially says, sorry Bob, there is Steve or Carol or

whoever.

That would be quite embarrassing for Bob.

So what can he do instead?

Well he could run his Secure to Party Computation where he essentially engages in a protocol

to find out who is actually loving him as well.

This problem was initially suggested by Andy Yau in a slightly different setting.

There it was called the AUS Millionaires Problem and the problem is quite similar.

There are two millionaires, Alice and Bob and they would like to find out who is richer.

But they don't want to reveal the bank statement, right?

They could simply show the bank statement and compare the wealth.

No, they don't want to reveal that.

And this problem can abstractly be described as two parties engaging in a computation and

at the end of the day they would like to learn the result.

And what does it mean to compute a function securely?

Understanding the security models of course will be part of this lecture as well.

In general we say that of course you learn the result of the computation but the input

should remain private.

Clearly the inputs cannot remain completely private because if the computation reveals

your input then there is nothing that you can do about that.

Therefore the security notion will essentially say the inputs remain private except for the

information that you can trivially deduce from the result of the computation itself.

So I really hope that I got you interested into this class.

We are now going to take a short break and take a look at the structure of the lecture

and the formal requirements.

Thank you very much.

The following table summarizes the structure of this class.

We will start with the green box here and this green box corresponds to everything that

is a basis and introduction.

So in particular we will discuss the structure of the class in the first lecture.

We call it essentially the zero lecture because there is no content discussed and this is

essentially the lecture that you are watching right now.

The first lecture will be next week and in this lecture we will talk about the basics

that we require.

So in particular we will talk about algorithms with some advice.

We will introduce circuits and one-way functions as well.

In the second lecture we will review the notion of CPA secure encryption and in particular