A set of terminals that observe correlated data seek to compute a function of the data using public communication. It is required that the value of the function be not revealed by the communication. When is this possible? We show that the function is securely computable if and only if its entropy is less than the capacity of an associated secrecy generation model, for which a single-letter formula is provided. This talk is based on joint work with Himanshu Tyagi and Piyush Gupta.