[private-measurement] Feature Discussion: Managing Collusion Risk (#13)

martinthomson has just created a new issue for https://github.com/patcg/private-measurement:

== Feature Discussion: Managing Collusion Risk ==
## Feature Discussion

As a general topic, there are a number of things we might want to consider when it comes to managing the risk of collusion in any multi-party system.  (This need not be MPC strictly, as a TEE-based system also involves multiple parties, as Nigel Smart was so good to point out.)

Things that have come up in the discussion thus far:

1. Different entities with operational control seems necessary (this is the obvious one we always assume)
2. Different cloud platforms might mitigate the risk of the platform being an attack vector
3. Different implementations might mitigate the risk of supply chain attacks

There are also supplementary things, like auditing, open source code, and physical controls, all of which might be used to strengthen such a system.

It's very easy to get into irrelevant details here, so we should probably not belabour any particular point.

Please view or discuss this issue at https://github.com/patcg/private-measurement/issues/13 using your GitHub account


-- 
Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config

Received on Thursday, 7 April 2022 14:27:11 UTC