Open Access

Georg Neugebauer

• Today's Internet is full of applications by which users share potentially private information with each other. Recently, the privacy concerns of users are rising and users gradually become more suspicious with respect to the use of their (personal) information. In this thesis, we aim at bringing secure multi-party computation closer to common Internet users. The main goal is to design and implement privacy-preserving reconciliation-based applications for multiple users which are secure against passive and active attackers. Additionally, our solutions should be efficient enough to be practical and usable enough even for non-technical users.As a main contribution in theory, we present different privacy-preserving multi-party reconciliation protocols based on an additively homomorphic cryptosystem that are secure against passive attackers (semi-honest model). We also propose reconciliation protocols that are secure against active attackers (malicious model) by applying zero-knowledge proof techniques. The stronger security model comes at the price of efficiency. As a prerequisite, we develop several novel cryptographic tools in the areas of privacy-preserving set operations and zero-knowledge proofs of knowledge. We also analyze to what extent fully homomorphic cryptosystems can be used for multi-party privacy-preserving reconciliation protocols. As a main contribution in practice, we introduce SMC-MuSe, a framework for Secure Multi-Party Computation on MultiSets. SMC-MuSe is a carefully designed framework for secure multi-party computation including an implementation of different cryptographic components, a support infrastructure, multi-party privacy-preserving reconciliation protocols, and two user-friendly applications for the desktop and mobile environment. We also evaluate the efficiency of the SMC-MuSe framework. In particular, we measure the computation and communication overhead of all implemented components within the SMC-MuSe framework. As a third line of work, we propose different application scenarios in the areas of event scheduling, e-voting, and electronic auctions for reconciliation protocols. We examine the practicability of one particular user-friendly application of SMC-MuSe by conducting a user study on our Android application Prefer. The user study shows that Prefer is a useful and very interesting application for today's smartphone users. Finally, we show the potential of reconciliation protocols for common Internet users by conducting a user study on privacy-preserving reconciliation in the Internet. The user study shows that our reconciliation protocols are useful in different application scenarios for common Internet users.