Fast Networks for High-Performance Distributed Trust
Yicheng Liu, Rafail Ostrovsky, Scott Shenker, Sam Kumar
TL;DR
This work argues that the performance bottlenecks of high-performance distributed trust (HPDT) systems—typically studied over WANs—can be alleviated by designing MPC software specifically for fast LANs. By kernel-bypass networking and targeted software redesign, the authors demonstrate substantial gains using either garbled-circuit-based MPC (≈4.5× over the baseline with VAES and RDMA) or secret-sharing-based MPC (≈10× over the baseline with one-sided RDMA and single-thread execution), while highlighting that RDMA uncovers new bottlenecks that require rethinking parallelism and machine topology. They propose Distributed But Proximate Trust (DBPT) deployment models to preserve distributed trust while obtaining LAN-like performance, including near-homogeneous datacenters for well-resourced parties, cloud-colocation adaptations, and colocated edge facilities for broader access. The paper argues that these DBPT architectures can unlock practical secure collaborative analytics and AI by shifting the performance frontier from WAN-bound constraints to fast-LAN designs, and it outlines a research agenda for both systems and cryptographic theory to embrace high-performance distributed trust. Overall, the work lays groundwork for making HPDTs significantly more practical by leveraging fast LANs and proximate trust models, and it identifies concrete optimization opportunities and future directions to push performance toward multi-fold gains.
Abstract
Organizations increasingly need to collaborate by performing a computation on their combined dataset, while keeping their data hidden from each other. Certain kinds of collaboration, such as collaborative data analytics and AI, require a level of performance beyond what current cryptographic techniques for distributed trust can provide. This is because the organizations run software in different trust domains, which can require them to communicate over WANs or the public Internet. In this paper, we explore how to instead run such applications using fast datacenter-type LANs. We show that, by carefully redesigning distributed trust frameworks for LANs, we can achieve up to order-of-magnitude better performance than naïvely using a LAN. Then, we develop deployment models for Distributed But Proximate Trust (DBPT) that allow parties to use a LAN while remaining physically and logically distinct. These developments make secure collaborative data analytics and AI significantly more practical and set new research directions for developing systems and cryptographic theory for high-performance distributed trust.