Michael Zohner (TU Darmstadt)
|
|
- Kory Williamson
- 5 years ago
- Views:
Transcription
1 ABY -A Framework for Efficient Mixed-Protocol Secure Two-Party Computation Michael Zohner (TU Darmstadt) Joint work with Daniel Demmler and Thomas Schneider ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 1
2 Secure Two-Party Computation x y f f(x,y) This work: semi-honest adversaries ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 2
3 Applications Auctions [NPS99],... Private Set Intersection [PSZ14],... Machine Learning [BPTG15],... Biometric Identification [EFGKLT09],... - several cool applications from different fields ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 3
4 Protocol Development Idea Function Abstract Languages Representation Arithmetic Circuits... Boolean Circuits Protocol DGK? Paillier... Yao? GMW Existing Frameworks Optimizations Point-andpermute Fixed-Key Garbling Free-XOR Half-Gates Secure computation is a vast area and protocol development is a tedious task ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 4
5 Example: Minimum Euclidean Distance Minimum Euclidean Distance: min( d i=1 (S i,1 C i )2,, d i=1 (S i,n C i ) 2 ) Server holds database S, client holds query C Used in biometric matching (face-recognition, fingerprint, ) Function Arithmetic Circuits Boolean Circuits DGK Paillier... Yao GMW ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 5
6 Our Contributions Function 1) Efficient multiplication using symmetric crypto 3.ABY 1.OT-ext. Arithmetic Circuits 2.Conversion DGK Paillier... Yao Boolean Circuits GMW 2) Efficient conversion 3) Mixed-protocol framework called ABY ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 6
7 Multiplication using OT [Gilboa99] School Multiplication z= x* ywith x=x 3 x 2 x 1 x 0 and y=y 3 y 2 y 1 y 0 x 3 x 2 x 1 x 0 * y 3 y 2 y 1 y 0 (x 3 x 2 x 1 x 0 ) * y 0 + (x 3 x 2 x 1 x 0 0) * y 1 + (x 3 x 2 x 1 x 0 0 0) * y 2 + (x 3 x 2 x 1 x ) * y 3 z 7 z 6 z 5 z 4 z 3 z 2 z 1 z 0 r 0 Є R Z 2 8 (r 0, r 0 +x) r 1 Є R Z 2 8 (r 1, r 1 +2x) r 3 Є R Z 2 8 (r 3, r 3 +8x) OT OT... OT y 0 s 0 =r 0 +x*y 0 y 1 s 1 = r 1 +2x*y 1 y 3 s 3 = r 3 +8x*y 3 [z] A = 3 i=0 (-r i ) [z] B = 3 i=0 s i = 3 i=0 r i + 3 i=0 2i x*y i z= [z] A +[z] B ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 7
8 Multiplication using OT Results Use a multiplication protocol that is based on OT extension Compare one amortized multiplication using Paillier, DGK, and OT extension Communication (Bytes) Communication Run-time (μs) Run-Time Paillier (WAN) DGK (WAN) Paillier (LAN) DGK (LAN) OT-Ext (WAN) OT-Ext (LAN) Bit-Length of Values Bit-Length of Values Communication and run-time for 1 multiplication in LAN and WAN for long-term security ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 8
9 Scalar Multiplication (1) Minimum Euclidean Distance: min( d i=1 (S i,1 C i )2,, d i=1 (S i,n C i )2 ) Rewrite: d i=1 (S i,1 C i )2 = d i=1 S2 i,1 d i=1 2C i S i,1 + d i=1 C2 i Assume values of bit-length l Naive: 2l*n*d OTs C i S i,1 S i,2.. S i,n Scalar: 2l*d OTs C i (S i,1 S i,2..s i,n ) ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 9
10 Scalar Multiplication (2) Scalar Multiplication (z 1,...,z n ) = (x 1,..,x n ) * ywith y=y 3 y 2 y 1 y 0 (r 0,1... r 0,n, r 0,1 +x 1... r 0,n +x n ) (r 3,1... r 3,n, r 3,1 +8x 1... r 3,n +8x n ) OT... OT y 0 s 0,1... s 0,n y 3 s 3,1... s 3,n [z 1,...,z n ] A = 3 i=0 (-r i,1 ),, 3 i=0 (- r i,n ) [z 1,...,z n ] B = 3 i=0 s i,1,, 3 i=0 s i,n z 1,...,z n = [z 1,...,z n ] A +[z 1,...,z n ] B ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 10
11 The ABY framework Combine: Arithmetic sharing Boolean sharing (GMW) Yao's garbled circuits A Efficient conversions between schemes Use efficient techniques: batch pre-compute crypto use fixed-key AES where possible use sub-protocols with recent optimizations B Y ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 11
12 Benchmarking Secure Computation Schemes Benchmark primitive operations (+,*,>,=,...) A c=a*b A B Y rithmetic sharing: Free addition / cheap multiplication Good for multiplication oolean sharing: Free XOR / one interaction per AND Good for multiplexing ao's garbled circuits: Free XOR / no interaction per AND Good for comparison B Multiplication (amort.) Y Protocol Yao Mixed LAN [ms] Comm. [KB] c=a*b Rounds ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 12
13 Example: Minimum Euclidean Distance Minimum Euclidean Distance: min( d i=1 (S i,1 C i )2,, d i=1 (S i,n C i )2 ) dist min LAN [s] WAN [s] Comm [MB] #Msg Y Y B B A Y A B Euclidean distance for n = 512 values of 32-bit length and d = ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 13
14 Future Work Generalize and implement special purposeoperations Automatically assign operations to protocols [KSS14] Extension to malicious adversaries ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 14
15 ABY -A Framework for Efficient Mixed-Protocol Secure Two-Party Computation Questions? Contact: Code: ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 15
16 ABY Development Idea Function Extensibility Representation ABY Arithmetic Circuit Boolean Special purpose circuits Protocol Schemes A Optimize existing / implement new schemes B Y Optimizations OT-Ext. Efficient Conversion Efficient Garbling Implement further optimizations ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 16
17 Mixed-Protocols - Some functionalities have a more efficient circuit representation Multiplication in Boolean circuits: O(n 2 ) Comparison in Arithmetic circuits: O(n) multiplications of q-bit values - TASTY [HKSSW10] combines Paillier (Arithmetic) and Yao (Boolean) Paillier Yao - Multiplication and conversion requires public-key operation For long-term security, Yao-only is often most efficient [KSS14] ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 17
18 OT Extension Input: Alice holds two strings (x 0, x 1 ), Bob holds a choice bit r Output: Alice learns nothing, Bob only learns x r Traditionally, OT requires public-key crypto OT extensionallows extending few real OTs to arbitrary many OTs using symmetric key cryptography only ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 18
19 References [NPS99]: Moni Naor, Benny Pinkas, Reuban Sumner: Privacy preserving auctions and mechanism design. EC 1999: [BPTG15] Raphael Bost, Raluca Ada Popa, Stephen Tu, Shafi Goldwasser: Machine Learning Classification over Encrypted Data. NDSS [EFGKLT09]: Zekeriya Erkin, Martin Franz, Jorge Guajardo, Stefan Katzenbeisser, Inald Lagendijk, Tomas Toft: Privacy-Preserving Face Recognition. Privacy Enhancing Technologies 2009: [KSS14]: Florian Kerschbaum, Thomas Schneider, Axel Schröpfer: Automatic Protocol Selection in Secure Two-Party Computations. ACNS 2014: DGK: Ivan Damgård, Martin Geisler, Mikkel Krøigaard: A correction to 'efficient and secure comparison for online auctions'. IJACT 1(4): (2009). Paillier: Pascal Paillier: Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. EUROCRYPT 1999: , GMW: Oded Goldreich, Silvio Micali, Avi Wigderson: How to Play any Mental Game or A Completeness Theorem for Protocols with Honest Majority. STOC 1987: Yao: Andrew Chi-Chih Yao: Protocols for Secure Computations (Extended Abstract). FOCS 1982: ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 19
20 References [BG11]: Marina Blanton, Paolo Gasti: Secure and Efficient Protocols for Iris and Fingerprint Identification. ESORICS 2011: [HKSSW10]: Wilko Henecka, Stefan Kögl, Ahmad-Reza Sadeghi, Thomas Schneider, Immo Wehrenberg: TASTY: tool for automating secure two-party computations. ACM Conference on Computer and Communications Security 2010: [Gilboa99]: Niv Gilboa: Two Party RSA Key Generation. CRYPTO 1999: ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 20
21 Protocol Overview Special Purpose Protocols Generic Protocols Arithmetic Circuit Boolean Circuit Homomorphic Encryption Yao GMW OT Public Key Crypto >> Symmetric Crypto >> One-Time Pad ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 21
22 Example: Minimum Euclidean Distance Minimum Euclidean Distance: min( d i=1 (S i,1 C i )2,, d i=1 (S i,n C i )2 ) Server holds database S, client holds query C Used in biometric matching (face-recognition, fingerprint, ) 1) Evaluate in Arithmetic circuits using Paillier [EFGJKT09] or DGK [BG11] Comparison is costly 2) Multiplication in Arithmetic; Comparison in Boolean circuits [HKSSW10] Costly conversion/multiplication: expensive public-key crypto 3) Evaluate everyting in Boolean circuits using Yao [KSS14] ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 22
23 Take Away Message Developed a mixed-protocol secure computation framework A B Y Abstract from underlying secure computation protocol Use only fast symmetric key crypto Code is available at GitHub: ABY: Mixed-Protocol Secure Two-Party Computation Michael Zohner Slide 23
Michael Zohner (TU Darmstadt)
ABY - A Framework for Efficient Mixed-Protocol Secure Two-Party Computation Michael Zohner (TU Darmstadt) Joint work with Daniel Demmler and Thomas Schneider 11.02.14 ABY: Mixed-Protocol Secure Two-Party
More informationFaster Private Set Intersection based on OT Extension
Faster Private Set Intersection based on OT Extension Michael Zohner (TU Darmstadt) Joint work with Benny Pinkas (Bar Ilan University) Thomas Schneider (TU Darmstadt) 22.08.14 Faster PSI based on OT extension
More information- Presentation 25 minutes + 5 minutes for questions. - Presentation is on Wednesday, 11:30-12:00 in B05-B06
Information: - Presentation 25 minutes + 5 minutes for questions. - Presentation is on Wednesday, 11:30-12:00 in B05-B06 - Presentation is after: Abhi Shelat (fast two-party secure computation with minimal
More informationMichael Zohner (TU Darmstadt)
Efficient OT Extension and its Impact on Secure Computation Pushing the Communication Barrier of Passive Secure Two-Party Computation Michael Zohner (TU Darmstadt) Joint work with Ghada Dessouky, Ahmad-Reza
More informationRational Oblivious Transfer
Rational Oblivious Transfer Xiong Fan xfan@cs.umd.edu Kartik Nayak kartik1507@gmail.com May 14, 2014 Abstract Oblivious transfer is widely used in secure multiparty computation. In this paper, we propose
More informationPractical Secure Two-Party Computation and Applications
Practical Secure Two-Party Computation and Applications Lecture 2: Private Set Intersection Estonian Winter School in Computer Science 2016 Overview of this lecture Private Set Intersection Special Purpose
More informationEfficient Oblivious Parallel Array Reads and Writes for Secure Multiparty Computation
Efficient Oblivious Parallel Array Reads and Writes for Secure Multiparty Computation Peeter Laud Cybernetica AS peeter.laud@cyber.ee August 16, 2014 Abstract In this note we describe efficient protocols
More informationNon-interactive and Output Expressive Private Comparison from Homomorphic Encryption
Non-interactive and Output Expressive Private Comparison from Homomorphic Encryption Wen-jie Lu 1, Jun-jie Zhou 1, Jun Sakuma 1,2,3 1.University of Tsukuba 2.JST/CREST 3.RIKEN AIP Center Target Function:
More informationSecure Set Intersection with Untrusted Hardware Tokens
Secure Set Intersection with Untrusted Hardware Tokens Thomas Schneider Engineering Cryptographic Protocols Group, TU Darmstadt http://encrypto.de joint work with Marc Fischlin (TU Darmstadt) Benny Pinkas
More informationCS573 Data Privacy and Security. Cryptographic Primitives and Secure Multiparty Computation. Li Xiong
CS573 Data Privacy and Security Cryptographic Primitives and Secure Multiparty Computation Li Xiong Outline Cryptographic primitives Symmetric Encryption Public Key Encryption Secure Multiparty Computation
More informationSecure Two-Party Computation: Generic Approach and Exploiting Specific Properties of Functions Approach
Secure Two-Party Computation: Generic Approach and Exploiting Specific Properties of Functions Approach A. Anasuya Threse Innocent, K. Sangeeta Department of CSE Amrita School of Engineering Amrita Vishwa
More informationSecure Multiparty Computation
Secure Multiparty Computation Li Xiong CS573 Data Privacy and Security Outline Secure multiparty computation Problem and security definitions Basic cryptographic tools and general constructions Yao s Millionnare
More informationCompiling Low Depth Circuits for Practical Secure Computation
Compiling Low Depth Circuits for Practical Secure Computation Niklas Buescher 1, Andreas Holzer 2, Alina Weber 1, Stefan Katzenbeisser 1 1 Technische Universität Darmstadt, Germany 2 University of Toronto,
More informationCompacting Privacy-Preserving k-nearest Neighbor Search using Logic Synthesis
Compacting Privacy-Preserving k-nearest Neighbor Search using Logic Synthesis Ebrahim M. Songhori Dept. of ECE Rice University Houston, TX, USA ebrahim@rice.edu Siam U. Hussain Dept. of ECE Rice University
More informationBlind Machine Learning
Blind Machine Learning Vinod Vaikuntanathan MIT Joint work with Chiraag Juvekar and Anantha Chandrakasan Problem 1. Blind Inference (application: Monetizing ML) 6)(asdpasfz $0.1 Convolutional NN MRI Image
More informationPrivate Set Intersection for Unequal Set Sizes with Mobile Applications
Private Set Intersection for Unequal Set Sizes with Mobile Applications Ágnes Kiss (TU Darmstadt) Jian Liu (Aalto University) Thomas Schneider (TU Darmstadt) N. Asokan (Aalto University) Benny Pinkas (Bar-Ilan
More informationCBMC-GC: An ANSI C Compiler for Secure Two-Party Computations
CBMC-GC: An ANSI C Compiler for Secure Two-Party Computations Martin Franz 1, Andreas Holzer 2, Stefan Katzenbeisser 3, Christian Schallhart 4, and Helmut Veith 3 1 Deutsche Bank 2 TU Wien 3 TU Darmstadt
More informationTASTY: Tool for Automating Secure Two-partY computations
TASTY: Tool for Automating Secure Two-partY computations Wilko Henecka, Stefan Kögl, Ahmad-Reza Sadeghi, Thomas Schneider, Immo Wehrenberg System Security Lab Ruhr-University Bochum Germany {ahmad.sadeghi,thomas.schneider}@trust.rub.de,
More informationChameleon: A Hybrid Secure Computation Framework for Machine Learning Applications
Chameleon: A Hybrid Secure Computation Framework for Machine Learning Applications M. Sadegh Riazi UC San Diego mriazi@eng.ucsd.edu Christian Weinert TU Darmstadt, Germany christian.weinert@crisp-da.de
More informationEfficient Privacy-Preserving Face Recognition
Efficient Privacy-Preserving Face Recognition Ahmad-Reza Sadeghi, Thomas Schneider, and Immo Wehrenberg Horst Görtz Institute for IT-Security, Ruhr-University Bochum, Germany {ahmad.sadeghi,thomas.schneider}@trust.rub.de,
More informationA Systematic Approach to Practically Efficient General Two-Party Secure Function Evaluation Protocols and Their Modular Design
A Systematic Approach to Practically Efficient General Two-Party Secure Function Evaluation Protocols and Their Modular Design Vladimir Kolesnikov Alcatel-Lucent Bell Laboratories Murray Hill, NJ 07974,
More informationSecure Multiparty Computation
CS573 Data Privacy and Security Secure Multiparty Computation Problem and security definitions Li Xiong Outline Cryptographic primitives Symmetric Encryption Public Key Encryption Secure Multiparty Computation
More informationExpression Rewriting for Optimizing Secure Computation
Expression Rewriting for Optimizing Secure Computation Florian Kerschbaum SAP Research Karlsruhe, Germany florian.kerschbaum@sap.com ABSTRACT In theory secure computation offers a solution for privacy
More informationIntroduction to Secure Multi-Party Computation
Introduction to Secure Multi-Party Computation Many thanks to Vitaly Shmatikov of the University of Texas, Austin for providing these slides. slide 1 Motivation General framework for describing computation
More informationTASTY: Tool for Automating Secure Two-partY computations
TASTY: Tool for Automating Secure Two-partY computations (Full Version) Wilko Henecka, Stefan Kögl, Ahmad-Reza Sadeghi, Thomas Schneider, Immo Wehrenberg System Security Lab Ruhr-University Bochum Germany
More informationL1 - An Intermediate Language for Mixed-Protocol Secure Computation
L1 - An Intermediate Language for Mixed-Protocol Secure Computation Axel Schröpfer SAP Research Karlsruhe, Germany Email: axel.schroepfer@sap.com Florian Kerschbaum SAP Research Karlsruhe, Germany Email:
More informationGarbledCPU: A MIPS Processor for Secure Computation in Hardware
CPU: A MIPS Processor for Secure Computation in Hardware Ebrahim M. Songhori Rice University Houston, TX, USA ebrahim@rice.edu Thomas Schneider thomas.schneider@crispda.de Shaza Zeitouni shaza.zeitouni@trust.tudarmstadt.de
More informationSecure Multiparty Computation: Introduction. Ran Cohen (Tel Aviv University)
Secure Multiparty Computation: Introduction Ran Cohen (Tel Aviv University) Scenario 1: Private Dating Alice and Bob meet at a pub If both of them want to date together they will find out If Alice doesn
More informationModulo Reduction for Paillier Encryptions and Application to Secure Statistical Analysis (Extended Abstract)
Modulo Reduction for Paillier Encryptions and Application to Secure Statistical Analysis (Extended Abstract) Jorge Guajardo 1, Bart Mennink,2 and Berry Schoenmakers,3 1 Information and System Security
More informationAn Overview of Active Security in Garbled Circuits
An Overview of Active Security in Garbled Circuits Author: Cesar Pereida Garcia Supervisor: Pille Pullonen Department of Mathematics and Computer Science. University of Tartu Tartu, Estonia. December 15,
More informationHow to (not) Share a Password:
How to (not) Share a Password: Privacy preserving protocols for finding heavy hitters with adversarial behavior Moni Naor Benny Pinkas Eyal Ronen Passwords First modern use in MIT's CTSS (1961) Passwords
More informationSearchable Encryption. Nuttiiya Seekhao
Searchable Encryption Nuttiiya Seekhao Overview Motivation Literature Background Solutions Scheme I, II, III, IV Discussion Runtime Possible Extensions Conclusion Motivation Motivation Motivation Searchable
More informationThe Challenges of Distributing Distributed Cryptography. Ari Juels Chief Scientist, RSA
The Challenges of Distributing Distributed Cryptography Ari Juels Chief Scientist, RSA What is this new and mysterious technology? Hint: It s 20+ years old. R. Ostrovsky and M. Yung. How to withstand
More informationPrivacy-Preserving Face Recognition
See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/221655685 Privacy-Preserving Face Recognition Conference Paper August 2009 DOI: 10.1007/978-3-642-03168-7_14
More informationYuval Ishai Technion
Winter School on Bar-Ilan University, Israel 30/1/2011-1/2/2011 Bar-Ilan University Yuval Ishai Technion 1 Zero-knowledge proofs for NP [GMR85,GMW86] Bar-Ilan University Computational MPC with no honest
More informationCBMC-GC: An ANSI C Compiler for Secure Two-Party Computations ffi
CBMC-GC: An ANSI C Compiler for Secure Two-Party Computations ffi Martin Franz 1, Andreas Holzer 2, Stefan Katzenbeisser 3, Christian Schallhart 4, and Helmut Veith 2 1 Deutsche Bank 2 TU Wien 3 TU Darmstadt
More informationABSTRACT. Ebrahim M. Songhori
ABSTRACT TinyGarble: Efficient, Scalable, and Versatile Privacy-Preserving Computation Through Sequential Garbled Circuit by Ebrahim M. Songhori Privacy-preserving computation is a standing challenge central
More informationHow to (not) Share a Password:
How to (not) Share a Password: Privacy preserving protocols for finding heavy hitters with adversarial behavior Moni Naor Benny Pinkas Eyal Ronen Passwords First modern use in MIT's CTSS (1961) Passwords
More informationGarbled Circuits via Structured Encryption Seny Kamara Microsoft Research Lei Wei University of North Carolina
Garbled Circuits via Structured Encryption Seny Kamara Microsoft Research Lei Wei University of North Carolina Garbled Circuits Fundamental cryptographic primitive Possess many useful properties Homomorphic
More informationOutsourcing Secure Two-Party Computation as a Black Box
Outsourcing Secure Two-Party Computation as a Black Box Abstract. Secure multiparty computation (SMC) offers a technique to preserve functionality and data privacy in mobile applications. Current protocols
More informationAlex J. Malozemoff. University of Maryland
CompGC: Efficient Offline/Online Semi-honest Two-party Computation Adam Groce Reed College Alex Ledger Reed College Alex J. Malozemoff University of Maryland Arkady Yerukhimovich MIT Lincoln Laboratory
More informationSecurity and Efficiency Analysis of The Hamming Distance Computation Protocol Based On Oblivious Transfer
1 Security and Efficiency Analysis of The Hamming Distance Computation Protocol Based On Oblivious Transfer Mehmet Sabır Kiraz, Ziya Alper Genç, Süleyman Kardaş Abstract In Financial Cryptography 2013,
More informationHomomorphic Encryption
Homomorphic Encryption Travis Mayberry Cloud Computing Cloud Computing Cloud Computing Cloud Computing Cloud Computing Northeastern saves money on infrastructure and gets the benefit of redundancy and
More informationTools for Computing on Encrypted Data
Tools for Computing on Encrypted Data Scribe: Pratyush Mishra September 29, 2015 1 Introduction Usually when analyzing computation of encrypted data, we would like to have three properties: 1. Security:
More informationComparative Study on Securing Biometrics Data
MERIT BIEN 2011 Final Report 1 Comparative Study on Securing Biometrics Data Brigitte Liu and Melonie Hardy Abstract The use of biometrics for identity verification and access control has remarkably increased
More informationPrivacy-Preserving Fingercode Authentication
Privacy-Preserving Fingercode Authentication Mauro Barni Dipartimento di Ingegneria dell Informazione Università di Siena barni@dii.unisi.it Mario Di Raimondo Dipartimento di Matematica e Informatica Università
More informationSecure Computation of Functionalities based on Hamming Distance and its Application to Computing Document Similarity
Secure Computation of Functionalities based on Hamming Distance and its Application to Computing Document Similarity Ayman Jarrous 1 and Benny Pinkas 2,* 1 University of Haifa, Israel. 2 Bar Ilan University,
More informationImprovement of Camenisch-Neven-Shelat Oblivious Transfer Scheme
Improvement of Camenisch-Neven-Shelat Oblivious Transfer Scheme Zhengjun Cao and Hanyue Cao Department of Mathematics, Shanghai University, Shanghai, China caozhj@shu.edu.cn Abstract. In 2007, Camenisch,
More informationSEMBA: SEcure Multi-Biometric Authentication
SEMBA: SEcure Multi-Biometric Authentication Giulia Droandi, Tommaso Pignata and Mauro Barni Department of Information Engineering and Mathematics University of Siena, Siena, Italy Email: {giulia.droandi,pignata.tommaso}@gmail.com
More informationEfficient Private Matching and Set Intersection
Efficient Private Matching and Set Intersection Mike Freedman, NYU Kobbi Nissim, MSR Benny Pinkas, HP Labs EUROCRYPT 2004 A Story Is there any chance we might be compatible? We could see if we have similar
More informationChoose Wisely: A Comparison of Secure Two-Party Computation Frameworks
Choose Wisely: A Comparison of Secure Two-Party Computation Frameworks Jan Henrik Ziegeldorf, Jan Metzke, Martin Henze, Klaus Wehrle Communication and Distributed Systems (COMSYS), RWTH Aachen University,
More informationImplementation Techniques
4 Implementation Techniques Although secure computation protocols (as described in Section 3) were known since the 1980s, the first full implementation of a generic secure computation system was Fairplay
More informationCombining Secret Sharing and Garbled Circuits for Efficient Private IEEE 754 Floating-Point Computations
Combining Secret Sharing and Garbled Circuits for Efficient Private IEEE 754 Floating-Point Computations Pille Pullonen 1,2 and Sander Siim 1,2 1 Cybernetica AS, Tartu, Estonia 2 University of Tartu, Tartu,
More informationVlad Kolesnikov Bell Labs
Vlad Kolesnikov Bell Labs DIMACS/Northeast Big Data Hub Workshop on Privacy and Security for Big Data Apr 25, 2017 You are near Starbucks; here is a special Legislation may require user consent each time
More informationPrivacy Protection in Biometric-Based Recognition Systems. cryptography and signal processing]
[ Mauro Barni, Giulia Droandi, and Riccardo Lazzeretti ] Privacy Protection in Biometric-Based Recognition Systems [ A marriage between cryptography and signal processing] istockphoto.com/greyfebruary
More informationResearch Statement. Yehuda Lindell. Dept. of Computer Science Bar-Ilan University, Israel.
Research Statement Yehuda Lindell Dept. of Computer Science Bar-Ilan University, Israel. lindell@cs.biu.ac.il www.cs.biu.ac.il/ lindell July 11, 2005 The main focus of my research is the theoretical foundations
More informationKiss, Ágnes; Liu, Jian; Schneider, Thomas ; Asokan, N.; Pinkas, Benny Private Set Intersection for Unequal Set Sizes with Mobile Applications
Powered by TCPDF (www.tcpdf.org) This is an electronic reprint of the original article. This reprint may differ from the original in pagination and typographic detail. Kiss, Ágnes; Liu, Jian; Schneider,
More informationEfficient Verification of Input Consistency in Server-Assisted Secure Function Evaluation
Efficient Verification of Input Consistency in Server-Assisted Secure Function Evaluation Vladimir Kolesnikov 1, Ranjit Kumaresan 2, and Abdullatif Shikfa 3 1 Bell Labs Research, Alcatel-Lucent, Murray
More informationWhitewash: Outsourcing Garbled Circuit Generation for Mobile Devices
Whitewash: Outsourcing Garbled Circuit Generation for Mobile Devices Annual Computer Security Applications Conference 2014 Henry Hank Carter, Charles Lever, Patrick Traynor SMC on mobile devices Mobile
More informationPost-Quantum Zero-Knowledge and Signatures from Symmetric-Key Primitives
Post-Quantum Zero-Knowledge and Signatures from Symmetric-Key Primitives Sebastian Ramacher Joint work with Melissa Chase, David Derler, Steven Goldfeder, Claudio Orlandi, Christian Rechberger, Daniel
More informationAn Efficient Protocol for Yao s Millionaires Problem
An Efficient Protocol for Yao s Millionaires Problem Ioannis Ioannidis and Ananth Grama Department of Computer Sciences, Purdue University, W. Lafayette, IN 47907. {ioannis, ayg}@cs.purdue.edu Abstract
More information2018: Problem Set 1
crypt@b-it 2018 Problem Set 1 Mike Rosulek crypt@b-it 2018: Problem Set 1 1. Sometimes it is not clear whether certain behavior is an attack against a protocol. To decide whether something is an attack
More informationUsing Fully Homomorphic Encryption for Statistical Analysis of Categorical, Ordinal and Numerical Data
Using Fully Homomorphic Encryption for Statistical Analysis of Categorical, Ordinal and Numerical Data Wen-jie Lu 1, Shohei Kawasaki 1, Jun Sakuma 1,2,3 1. University of Tsukuba, Japan 2. JST CREST 3.
More informationAd-Hoc Secure Two-Party Computation on Mobile Devices using Hardware Tokens
Ad-Hoc Secure Two-Party Computation on Mobile Devices using Hardware Tokens (Full Version) Daniel Demmler, Thomas Schneider, and Michael Zohner Technische Universität Darmstadt, Germany {daniel.demmler,thomas.schneider,michael.zohner}@ec-spride.de
More informationEfficiency Improvements for Two-party Secure Computation
Efficiency Improvements for Two-party Secure Computation Vladimir Kolesnikov 1 and Ranjit Kumaresan 2 1 Bell Labs Research, Alcatel-Lucent 600 Mountain Avenue, Murray Hill, NJ 07974, USA 2 University of
More informationBUILDING SECURE (CLOUD) APPLICATIONS USING INTEL S SGX
BUILDING SECURE (CLOUD) APPLICATIONS USING INTEL S SGX FLORIAN KERSCHBAUM, UNIVERSITY OF WATERLOO JOINT WORK WITH BENNY FUHRY (SAP), ANDREAS FISCHER (SAP) AND MANY OTHERS DO YOU TRUST YOUR CLOUD SERVICE
More informationMulti-Party 2 Computation Part 1
ECRYPT.NET Cloud Summer School Multi-Party 2 Computation Part 1 Claudio Orlandi, Aarhus University Plan for the next 3 hours Part 1: Secure Computation with a Trusted Dealer Warmup: One-Time Truth Tables
More informationGeneral Secure Function Evaluation Using Standard Trusted Computing Hardware
Published in the Proceedings of the 9th Annual Conference on Privacy, Security, and Trust (PST), pp. 221 228, 2011. General Secure Function Evaluation Using Standard Trusted Computing Hardware Stephen
More informationCombining Secret Sharing and Garbled Circuits for Efficient Private IEEE 754 Floating-Point Computations
Combining Secret Sharing and Garbled Circuits for Efficient Private IEEE 754 Floating-Point Computations Pille Pullonen 1,2 and Sander Siim 1,2 1 Cybernetica AS 2 University of Tartu {pille.pullonen, sander.siim}@cyber.ee
More informationPrivacy-preserving query processing over encrypted data in cloud
Scholars' Mine Doctoral Dissertations Student Research & Creative Works Fall 2015 Privacy-preserving query processing over encrypted data in cloud Yousef M. Elmehdwi Follow this and additional works at:
More information3 Applied Cryptography
3 Applied Cryptography 3-1 On the Construction of Fast Secure Set-Intersection Protocols In this paper, we consider a two-party secure set-intersection protocol. In this protocol, there are two parties,
More informationFormal Methods and Cryptography
Formal Methods and Cryptography Michael Backes 1, Birgit Pfitzmann 2, and Michael Waidner 3 1 Saarland University, Saarbrücken, Germany, backes@cs.uni-sb.de 2 IBM Research, Rueschlikon, Switzerland, bpf@zurich.ibm.com
More informationFor your phone only: custom protocols for efficient secure function evaluation on mobile devices
SECURITY AND COMMUNICATION NETWORKS Security Comm. Networks 2014; 7:1165 1176 Published online 23 July 2013 in Wiley Online Library (wileyonlinelibrary.com)..851 RESEARCH ARTICLE For your phone only: custom
More informationSecurely Outsourcing Garbled Circuit Evaluation
Securely Outsourcing Garbled Circuit Evaluation USENIX Security Symposium 2013 Henry Hank Carter Patrick Traynor Benjamin Mood Kevin Butler SMC on mobile devices Mobile devices loaded with private and
More informationMULTIPARTY COMPARISON An Improved Multiparty Protocol for Comparison of Secret-shared Values
MULTIPARTY COMPARISON An Improved Multiparty Protocol for Comparison of Secret-shared Values Tord Ingolf Reistad Department of Telematics, O.S. Bragstads plass 2B, NTNU, Trondheim, Norway tordr@item.ntnu.no
More informationSecure Hamming Distance based Biometric Authentication
Secure Hamming Distance based Biometric Authentication ohan Kulkarni Anoop Namboodiri International Institute of Information Technology Hyderabad {rohan.kulkarni@research, anoop@}.iiit.ac.in Abstract Concerns
More informationBuilding a Privacy-Preserving Semantic Overlay for Peer-to-Peer Networks
Building a Privacy-Preserving Semantic Overlay for Peer-to-Peer Networks Niels Zeilemaker #1, Zekeriya Erkin 2, Paolo Palmieri #3, Johan Pouwelse #4 # Parallel and Distributed Systems Group, Delft University
More informationPhasing: Private Set Intersection using Permutation-based Hashing
Phasing: Private Set Intersection using Permutation-based Hashing (Full Version) Benny Pinkas Bar-Ilan University, Israel benny@pinkas.net Abstract Thomas Schneider TU Darmstadt, Germany thomas.schneider@ec-spride.de
More informationPrivacy-Preserving Algorithms for Distributed Mining of Frequent Itemsets
Privacy-Preserving Algorithms for Distributed Mining of Frequent Itemsets Sheng Zhong August 15, 2003 Abstract Standard algorithms for association rule mining are based on identification of frequent itemsets.
More informationFast Oblivious AES A dedicated application of the MiniMac protocol
Fast Oblivious AES A dedicated application of the MiniMac protocol Ivan Damgård and Rasmus Zakarias Department of Computer Science, Aarhus University Abstract. We present an actively secure multi-party
More informationAn Overview of Secure Multiparty Computation
An Overview of Secure Multiparty Computation T. E. Bjørstad The Selmer Center Department of Informatics University of Bergen Norway Prøveforelesning for PhD-graden 2010-02-11 Outline Background 1 Background
More informationPractical Secure Two-Party Computation and Applications
Practical Secure Two-Party Computation and Applications Lecture 4: Hardware-Assisted Cryptographic Protocols Estonian Winter School in Computer Science 2016 Motivation 2 Two Areas Cryptographic Protocols
More informationBig Data - Security and Privacy
Big Data - Security and Privacy Elisa Bertino CS Department, Cyber Center, and CERIAS Purdue University Cyber Center Big Data EveryWhere! Lots of data is being collected, warehoused, and mined Web data,
More informationResearch Statement. Vinod Vaikuntanathan
Research Statement Vinod Vaikuntanathan The main focus of my research is the theoretical foundations of cryptography and distributed protocols. Thanks to the impressive developments in cryptography over
More informationPrivacy-Preserving Multibiometric Authentication in Cloud with Untrusted Database Providers
Privacy-Preserving Multibiometric Authentication in Cloud with Untrusted Database Providers Christina-Angeliki Toli, Abdelrahaman Aly, Bart Preneel Department of Electrical Engineering KU Leuven COSIC
More informationEmerging Cryptographic Challenges in Image and Video Processing
Emerging Cryptographic Challenges in Image and Video Processing William Puech, Zekeriya Erkin, Mauro Barni, Shantanu Rane, Rinald Lagendijk To cite this version: William Puech, Zekeriya Erkin, Mauro Barni,
More informationSecure Multi-Party Computation
Secure Multi-Party Computation A Short Tutorial By no means a survey! Manoj Prabhakaran :: University of Illinois at Urbana-Champaign Secure Multi-Party Computation A Short Tutorial Part I Must We Trust?
More informationImplementing AES via an Actively/Covertly Secure Dishonest-Majority MPC Protocol
Implementing AES via an Actively/Covertly Secure Dishonest-Majority MPC Protocol I. Damgård 1, M. Keller 2, E. Larraia 2, C. Miles 2, and N.P. Smart 2 1 Department of Computer Science, University of Aarhus,
More information1 A Tale of Two Lovers
CS 120/ E-177: Introduction to Cryptography Salil Vadhan and Alon Rosen Dec. 12, 2006 Lecture Notes 19 (expanded): Secure Two-Party Computation Recommended Reading. Goldreich Volume II 7.2.2, 7.3.2, 7.3.3.
More informationEfficient Private Information Retrieval
Efficient Private Information Retrieval K O N S T A N T I N O S F. N I K O L O P O U L O S T H E G R A D U A T E C E N T E R, C I T Y U N I V E R S I T Y O F N E W Y O R K K N I K O L O P O U L O S @ G
More informationSimple, Black-Box Constructions of Adaptively Secure Protocols
Simple, Black-Box Constructions of Adaptively Secure Protocols Seung Geol Choi 1, Dana Dachman-Soled 1, Tal Malkin 1, and Hoeteck Wee 2 1 Columbia University {sgchoi,dglasner,tal}@cs.columbia.edu 2 Queens
More informationSpringerBriefs in Computer Science
SpringerBriefs in Computer Science Series editors Stan Zdonik, Brown University, Providence, Rhode Island, USA Shashi Shekhar, University of Minnesota, Minneapolis, Minnesota, USA Xindong Wu, University
More informationABY Developer Guide. Engineering Cryptographic Protocols Group (Encrypto) TU Darmstadt. April 4, 2017
ABY Developer Guide Engineering Cryptographic Protocols Group (Encrypto) TU Darmstadt www.encrypto.de April 4, 27 Contents ABY Overview 4. Terminology........................................ 6.. Sharings......................................
More informationEmerging Cryptographic Challenges in Image and Video Processing
MITSUBISHI ELECTRIC RESEARCH LABORATORIES http://www.merl.com Emerging Cryptographic Challenges in Image and Video Processing Puech, W.; Erkin, Z.; Barni, M.; Rane, S.; Lagendijk, R.L. TR2012-067 September
More informationParallel Coin-Tossing and Constant-Round Secure Two-Party Computation
Parallel Coin-Tossing and Constant-Round Secure Two-Party Computation Yehuda Lindell Department of Computer Science and Applied Math, Weizmann Institute of Science, Rehovot, Israel. lindell@wisdom.weizmann.ac.il
More informationMEG: Memory and Energy Efficient Garbled Circuit Evaluation on Smartphones
JOURNAL OF L A TEX CLASS FILES, VOL. 14, NO. 8, DECEMBER 2017 1 MEG: Memory and Energy Efficient Garbled Circuit Evaluation on Smartphones Qing Yang, Ge Peng, Paolo Gasti, Member, IEEE, Kiran S. Balagani,
More informationPrivacy-Preserving Clustering Using Representatives over Arbitrarily Partitioned Data
Privacy-Preserving Clustering Using Representatives over Arbitrarily Partitioned Data Yu Li, Sheng Zhong Computer Science and Engineering Department State University of New York at Buffalo Amherst, NY
More informationWhite-box attack resistant cryptography
White-box attack resistant cryptography Hiding cryptographic keys against the powerful attacker Dušan Klinec, Petr Švenda {xklinec, svenda}@fi.muni.cz Outline CEF&CED, fully homomorphic encryption Whitebox
More informationPractical Private Regular Expression Matching
Practical Private Regular Expression Matching Florian Kerschbaum SAP Research Karlsruhe, Germany Florian.Kerschbaum@sap.com Abstract. Regular expressions are a frequently used tool to search in large texts.
More informationLecture 9: Zero-Knowledge Proofs
Great Ideas in Theoretical Computer Science Summer 2013 Lecture 9: Zero-Knowledge Proofs Lecturer: Kurt Mehlhorn & He Sun A zero-knowledge proof is an interactive protocol (game) between two parties, a
More information