Report security issue in the truncpr protocols

[GuopengLin]

Hello Keller,

In the paper "Efficient 3PC for Binary Circuits with Application to Maliciously-Secure DNN Inference" (Usenix Security 2023), the authors point out that the truncpr protocol proposed in several works [1][2][3] may have security vulnerabilities. I notice that the truncpr protocol in MP-SPDZ appears to be implemented based on these papers, and therefore, it may also be insecure.

[1] SecureML: A System for Scalable Privacy-Preserving Machine Learning
[2] ABY3: A Mixed Protocol Framework for Machine Learning
[3] Improved Primitives for Secure Multiparty Integer Computation

[Maffo1408]

Hi, in the paper "Efficient 3PC for Binary Circuits with Application to Maliciously-Secure DNN Inference" they showed the truncation does not securely realise the functionality they had defined. Recently, Santos et al. [1] have shown if the ideal functionality is modified to imitate the probabilistic behavior at the cost of an acceptable leak, it can be proved the protocol is secure.

[1] Santos, Manuel B., et al. "Curl: Private LLMs through Wavelet-Encoded Look-Up Tables." Cryptology ePrint Archive (2024).https://ia.cr/2024/1127