Secure multi-party computation has seen substantial performance improvements in recent years and is being increasingly used in commercial products. While a significant amount of work was dedicated to improving its efficiency under standard security models, the threat models do not account for information leakage from the output of secure function evaluation. Quantifying information disclosure about private inputs from observing the function outcome is the subject of this work. Motivated by the City of Boston gender pay gap studies, in this work we focus on the computation of the average of salaries and quantify information disclosure about private inputs of one or more participants (the target) to an adversary via information-theoretic techniques. We study a number of distributions including log-normal, which is typically used for modeling salaries. We consequently evaluate information disclosure after repeated evaluation of the average function on overlapping inputs, as was done in the Boston gender pay study that ran multiple times, and provide recommendations for using the sum and average functions in secure computation applications. Our goal is to develop mechanisms that lower information disclosure about participants' inputs to a desired level and provide guidelines for setting up real-world secure evaluation of this function.

翻译：安全多方计算近年来在性能上取得了显著提升，并被越来越多地应用于商业产品中。尽管大量研究致力于在标准安全模型下提高其效率，但这些威胁模型并未考虑安全函数评估结果可能带来的信息泄露问题。本研究旨在量化通过观察函数结果所泄露的关于私有输入的信息量。受波士顿市性别薪资差距研究的启发，我们聚焦于薪资平均值的计算，并采用信息论方法量化一个或多个参与者（目标对象）的私有输入向对手泄露的信息量。我们研究了包括对数正态分布（常用于建模薪资数据）在内的多种分布。随后，我们评估了重复计算包含重叠输入的同一平均值函数（如波士顿性别薪资研究多次运行的情况）所导致的信息泄露，并为安全计算应用中求和与平均值函数的使用提出了建议。我们的目标是开发能够将参与者输入的信息泄露降低至理想水平的机制，并为现实中安全评估该函数的设置提供指导。