Secure multiparty computation is a basic concept of growing interest in modern cryptography. It allows a set of mutually distrusting parties to perform a computation on their private information in such a way that as little as possible is revealed about each private input. The early results of multiparty computation have only theoretical signi??cance since they are not able to solve computationally complex functions in a reasonable amount of time. Nowadays, e??ciency of secure multiparty computation is an important topic of cryptographic research. As a case study we apply multiparty computation to solve the problem of secure linear programming. The results enable, for example in the context of the EU-FP7 project SecureSCM, collaborative supply chain management. Collaborative supply chain management is about the optimization of the supply and demand con??guration of a supply chain. In order to optimize the total bene??t of the entire chain, parties should collaborate by pooling their sensitive data. With the focus on e??ciency we design protocols that securely solve any linear program using the simplex algorithm. The simplex algorithm is well studied and there are many variants of the simplex algorithm providing a simple and e??cient solution to solving linear programs in practice. However, the cryptographic layer on top of any variant of the simplex algorithm imposes restrictions and new complexity measures. For example, hiding the number of iterations of the simplex algorithm has the consequence that the secure implementations have a worst case number of iterations. Then, since the simplex algorithm has exponentially many iterations in the worst case, the secure implementations have exponentially many iterations in all cases. To give a basis for understanding the restrictions, we review the basic theory behind the simplex algorithm and we provide a set of cryptographic building blocks used to implement secure protocols evaluating basic variants of the simplex algorithm. We show how to balance between privacy and e??ciency; some protocols reveal data about the internal state of the simplex algorithm, such as the number of iterations, in order to improve the expected running times. For the sake of simplicity and e??ciency, the protocols are based on Shamir's secret sharing scheme. We combine and use the results from the literature on secure random number generation, secure circuit evaluation, secure comparison, and secret indexing to construct e??cient building blocks for secure simplex. The solutions for secure linear programming in this thesis can be split into two categories. On the one hand, some protocols evaluate the classical variants of the simplex algorithm in which numbers are truncated, while the other protocols evaluate the variants of the simplex algorithms in which truncation is avoided. On the other hand, the protocols can be separated by the size of the tableaus. Theoretically there is no clear winner that has both the best security properties and the best performance
