Helper Party networks with a single coordinator vs multiple coordinators

[eriktaubeneck]

I think it is reasonable to consider the case where there is a single coordinator. In that model, to violate user privacy, collusion still needs to happen since the coordinator must collude with the report collector (similar to a 2-pc MPC with the report collector acting as an aggregator).

It's of course a weaker model, but it still provides some level of security.

_Originally posted by @csharrison in https://github.com/patcg/docs-and-reports/pull/14#discussion_r1001879258_

[eriktaubeneck]

This relates to what is (newly) included in section 1.4:

All parties in a helper party network should be known a priori and web platform vendors should be able to evaluate risk of an attacker that is more powerful than our assumption, e.g., the attacker is able to control more than the (protocol specific) subset of helper parties in the network.

My contention is that the report collector isn't known a priori, and thus the vendor isn't able to evaluate the risk sufficiently. Moving this over to a new issue, as this is worth having a more detailed conversation on.

[csharrison]

I don't feel too strongly on this point but it's worth mentioning a few options:

• We could make it possible for a deployment to know / trust a priori the report collectors.
• A deployment could accept a weaker security bar where we assume an "untrusted" and "semi-trusted" party will not collude, instead of two "semi-trusted" parties not colluding. This still provides strictly more security than giving all the data to the semi-trusted party.

[eriktaubeneck]

This still provides strictly more security than giving all the data to the semi-trusted party.

One of my working assumptions is that because this is an "open" API, we generally need to assume that report collectors are entirely untrusted, and we should defend against assume collusion with at least one helper party, which is how I arrived at the assumption that a single coordinator is insufficient. I agree that it is strictly more secure than a single semi-trusted party, but it seems to be very marginally so.

I would also say that with multiple coordinators, we are much more aligned in the threat model between the MPC and TEE instantiations, and the difference is almost entirely concentrated on the hardware vs crypto-software dimension. This seems like it would help minimize the layering we're attempting to do here.

I know you don't feel too strongly on this point, but I do think it's valuable to make an intentional decision on this point.

[csharrison]

Those justifications sound good to me @eriktaubeneck. Happy to keep the doc as-is for now.