Inferensys

Glossary

SPDZ Protocol

A family of maliciously secure multi-party computation protocols that uses message authentication codes (MACs) to detect cheating and is highly efficient for arithmetic circuits in the preprocessing model.
Developer demonstrating multi-agent tool use, agent tool selection interface on laptop, casual tech demo moment.
MALICIOUSLY SECURE MULTI-PARTY COMPUTATION

What is SPDZ Protocol?

The SPDZ protocol is a family of secure multi-party computation (MPC) protocols that provides active security against malicious adversaries by using information-theoretic message authentication codes (MACs) to detect cheating during computation.

The SPDZ protocol (pronounced "Speedz") is a maliciously secure multi-party computation framework that operates in the preprocessing model, separating the protocol into an input-independent offline phase and a fast, input-dependent online phase. It uses information-theoretic MACs on secret-shared values, allowing parties to detect any attempt by an adversary to deviate from the protocol with overwhelming probability.

SPDZ is optimized for arithmetic circuits over finite fields, making it highly efficient for machine learning tasks involving linear algebra. The protocol's security guarantees hold against active adversaries who may corrupt up to n-1 out of n computing parties, ensuring robust privacy and correctness even when a majority of participants are malicious.

PROTOCOL ARCHITECTURE

Key Features of SPDZ

The SPDZ protocol family achieves malicious security in multi-party computation by combining additive secret sharing with information-theoretic message authentication codes (MACs), enabling efficient arithmetic operations in the preprocessing model.

01

Malicious Security with MACs

SPDZ provides security against active adversaries who may arbitrarily deviate from the protocol. Each secret-shared value is accompanied by a message authentication code (MAC)—a random linear combination held jointly by the parties. Any attempt to cheat during computation corrupts the MAC relationship, causing the protocol to abort with overwhelming probability. This information-theoretic guarantee eliminates reliance on computational assumptions for integrity.

02

Preprocessing Model Efficiency

SPDZ separates computation into two phases:

  • Preprocessing (offline): Parties generate correlated randomness—Beaver triples, random shared values, and MAC keys—independent of the function inputs
  • Online phase: Parties consume preprocessed material to evaluate the circuit using only lightweight operations (addition, scalar multiplication)

This architecture shifts heavy cryptography to the input-independent offline phase, enabling sub-millisecond online multiplication in the arithmetic setting.

03

Arithmetic Circuit Optimization

SPDZ operates natively over arithmetic circuits modulo a prime p, making it exceptionally efficient for machine learning workloads involving matrix multiplications and dot products. Unlike garbled circuits that require decomposing arithmetic into boolean gates, SPDZ performs additions with zero communication and multiplications with constant-round interaction. This makes it the protocol of choice for secure neural network inference and secure stochastic gradient descent.

05

Overdrive: Removing the Bottleneck

The original SPDZ offline phase required somewhat homomorphic encryption (SHE) with high computational cost. The Overdrive protocol variant dramatically improves preprocessing throughput by:

  • Using oblivious transfer extensions for triple generation
  • Batching SHE operations across many triples simultaneously
  • Reducing ciphertext expansion through clever packing techniques

These optimizations make maliciously secure MPC practical for production-scale workloads with hundreds of millions of gates.

06

Information-Theoretic Online Phase

Once preprocessing material is generated, the SPDZ online phase achieves information-theoretic security—security that holds against computationally unbounded adversaries. The only cryptographic assumption resides in the offline phase. This property means:

  • Online operations are unconditionally secure given correct preprocessing
  • No reliance on hardness assumptions during function evaluation
  • Post-quantum security in the online phase
  • Extremely low computational overhead per gate
PROTOCOL COMPARISON

SPDZ vs. Other MPC Protocols

A technical comparison of the SPDZ family against other prominent secure multi-party computation protocols across key architectural and security dimensions.

FeatureSPDZ FamilyBMRGarbled Circuits (Yao)BGW/Shamir

Security Model

Malicious (active) with abort

Malicious (active)

Semi-honest (passive)

Malicious (active) with honest majority

Corruption Threshold

Dishonest majority (n-1 of n)

Dishonest majority

Dishonest majority

Honest majority (< n/2 malicious)

Circuit Type

Arithmetic (prime fields, rings)

Boolean

Boolean

Arithmetic (prime fields)

Preprocessing Model

Cheating Detection

Information-theoretic MACs

Garbled circuit output verification

Error correction via polynomial shares

Online Phase Complexity

Highly efficient (linear ops only)

Heavy (OT per AND gate)

Heavy (OT per AND gate)

Efficient (local computation)

Round Complexity

Constant rounds for multiplication

Constant rounds

Constant rounds

Logarithmic depth

Communication Overhead

Low (amortized MAC checking)

High (broadcast per gate)

High (4 ciphertexts per AND gate)

Low (broadcast shares only)

SPDZ PROTOCOL INSIGHTS

Frequently Asked Questions

Clear, technical answers to the most common questions about the SPDZ family of maliciously secure multi-party computation protocols, covering its mechanisms, performance, and practical deployment.

The SPDZ protocol (pronounced "Speedz") is a family of maliciously secure multi-party computation (MPC) protocols that enables a group of mutually distrusting parties to jointly compute a function over their private inputs while guaranteeing correctness and privacy even if an active adversary corrupts a subset of the parties. It operates in the preprocessing model, separating the protocol into two distinct phases: an input-independent offline phase that generates correlated randomness (primarily Beaver triples for multiplication and authentication values), and a highly efficient online phase where the actual computation occurs using the pre-generated material. The core innovation is its use of information-theoretic message authentication codes (MACs) on secret-shared values. Every secret value x is represented as a share [x] along with a MAC share [m_x] that binds x to a global secret key α. During the online phase, any attempt by a corrupted party to cheat—such as announcing an incorrect share—will be detected with overwhelming probability when the MACs are checked, causing the honest parties to abort. This MAC-based approach is what elevates SPDZ from semi-honest security to active, malicious security without relying on expensive zero-knowledge proofs for every operation.

Prasad Kumkar

About the author

Prasad Kumkar

CEO & MD, Inference Systems

Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.

His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.