A Note on Perfect Correctness by Derandomization

In this note, we show how to transform a large class of erroneous cryptographic schemes into perfectly correct ones. The transformation works for schemes that are correct on every input with probability noticeably larger than half, and are secure under parallel repetition. We assume the existence of one-way functions and of functions with deterministic (uniform) time complexity $2^{O(n)}$ and non-deterministic circuit complexity $2^{\Omega(n)}$. The transformation complements previous results showing that public-key encryption and indistinguishability obfuscation that err on a noticeable fraction of inputs can be turned into ones that are often correct {\em for all inputs}. The technique relies on the idea of ``reverse randomization\u27\u27 [Naor, Crypto 1989] and on Nisan-Wigderson style derandomization, which was previously used in cryptography to obtain non-interactive witness-indistinguishable proofs and commitment schemes [Barak, Ong and Vadhan, Crypto 2003]

Enabling Efficient Secure Multiparty Computation Development in ANSI C

Secure Multi-Party Computation (SMPC) enables parties to compute a pub- lic function over private inputs. A classical example is the millionaires problem, where two millionaires want to figure out who is wealthier without revealing their actual wealth to each other. The insight gained from the secure computa- tion is nothing more than what is revealed by the output (in this case, who was wealthier but not the actual value of the wealth). Other applications of secure computation include secure voting, on-line bidding and privacy-preserving cloud computations, to name a few. Technological advancements are making secure computations practical, and recent optimizations have made dramatic improve- ments on their performance. However, there is still a need for effective tools that facilitate the development of SMPC applications using standard and famil- iar programming languages and techniques, without requiring the involvement of security experts with special training and background. This work addresses the latter problem by enabling SMPC application de- velopment through programs (or repurposing existing code) written in a stan- dard programming language such as ANSI C. Several high-level language (HLL) platforms have been proposed to enable secure computation such as Obliv-C [1], ObliVM [2] and Frigate [3] These platforms utilize a variation of Yao's garbled circuits [4] in order to evaluate the program securely. The source code written for these frameworks is then converted into a lower-level intermediate language that utilizes garbled circuits for program evaluation. Garbled Circuits have one party (garbler) who compiles the program that the other party (evaluator) runs, and the communication between the two parties happens through oblivi- ous transfer. Garbled circuits allow two parties to do this evaluation without a need for a trusted third party. These frameworks have two common characteristics: either define a new language [2] or make a restricted extension of a current language [1]. This is somewhat prohibitive as it requires the programmer to have a sufficient under- standing of SMPCs related constructs and semantics. This process is error-prone and time-consuming for the programmer. The other characteristic is that they use combinational circuits, which often require creating and materializing the entire circuit (circuit size may be huge) before evaluation. This introduces a restriction on the program being written. TinyGarble [5], however, is a secure two-party computation framework that is based on sequential circuits. Compared with the frameworks mentioned earlier, TinyGarble outperforms them by orders of magnitude. We are developing a framework that can automatically convert a HLL pro- gram (in this case ANSI C) into an hardware definition language, which is then evaluated securely. The benefit of having such transformation is that it does not require knowledge of unfamiliar SMPC constructs and semantics, and per- forms the computation in a much more efficient manner. We are combining the efficiency of sequential circuits for computation as well as the expressiveness of a HLL like ANSI C to be able to develop a secure computation framework that is expected to be effective and efficient. Our proposed approach is two-fold: first, it offers a separation of concern between the function of computation, written in C, and a secure computation policy to be enforced. This leaves the original source code unchanged, and the programmer is only required to specify a policy file where he/she specifies the function/variables which need secure computations. Secondly, it leverages the current state-of-the-art framework to generate sequential circuits. The idea is to covert the original source code to Verilog (a Hardware Definition Language) as this can then be transformed into standard circuit description which TinyGarble [5] would run. This will enable us to leverage TinyGarbles efficient sequential circuits. The result would be having the best of both worlds where we have HLL that would be converted and evaluated as a sequential circuit.qscienc

Low-Complexity Cryptographic Hash Functions

Cryptographic hash functions are efficiently computable functions that shrink a long input into a shorter output while achieving some of the useful security properties of a random function. The most common type of such hash functions is collision resistant hash functions (CRH), which prevent an efficient attacker from finding a pair of inputs on which the function has the same output

Improved Distance Sensitivity Oracles with Subcubic Preprocessing Time

We consider the problem of building Distance Sensitivity Oracles (DSOs). Given a directed graph $G=(V, E)$ with edge weights in $\{1, 2, \dots, M\}$, we need to preprocess it into a data structure, and answer the following queries: given vertices $u,v\in V$ and a failed vertex or edge $f\in (V\cup E)$, output the length of the shortest path from $u$ to $v$ that does not go through $f$. Our main result is a simple DSO with $\tilde{O}(n^{2.7233}M)$ preprocessing time and $O(1)$ query time. Moreover, if the input graph is undirected, the preprocessing time can be improved to $\tilde{O}(n^{2.6865}M)$. The preprocessing algorithm is randomized with correct probability $\ge 1-1/n^C$, for a constant $C$ that can be made arbitrarily large. Previously, there is a DSO with $\tilde{O}(n^{2.8729}M)$ preprocessing time and $\operatorname{polylog}(n)$ query time [Chechik and Cohen, STOC'20]. At the core of our DSO is the following observation from [Bernstein and Karger, STOC'09]: if there is a DSO with preprocessing time $P$ and query time $Q$, then we can construct a DSO with preprocessing time $P+\tilde{O}(n^2)\cdot Q$ and query time $O(1)$. (Here $\tilde{O}(\cdot)$ hides $\operatorname{polylog}(n)$ factors.)Comment: To appear in ESA'2

Secure multiparty PageRank algorithm for collaborative fraud detection

Collaboration between financial institutions helps to improve detection of fraud. However, exchange of relevant data between these institutions is often not possible due to privacy constraints and data confidentiality. An important example of relevant data for fraud detection is given by a transaction graph, where the nodes represent bank accounts and the links consist of the transactions between these accounts. Previous works show that features derived from such graphs, like PageRank, can be used to improve fraud detection. However, each institution can only see a part of the whole transaction graph, corresponding to the accounts of its own customers. In this research a new method is described, making use of secure multiparty computation (MPC) techniques, allowing multiple parties to jointly compute the PageRank values of their combined transaction graphs securely, while guaranteeing that each party only learns the PageRank values of its own accounts and nothing about the other transaction graphs. In our experiments this method is applied to graphs containing up to tens of thousands of nodes. The execution time scales linearly with the number of nodes, and the method is highly parallelizable. Secure multiparty PageRank is feasible in a realistic setting with millions of nodes per party by extrapolating the results from our experiments

The Secure Link Prediction Problem

Link Prediction is an important and well-studied problem for social networks. Given a snapshot of a graph, the link prediction problem predicts which new interactions between members are most likely to occur in the near future. As networks grow in size, data owners are forced to store the data in remote cloud servers which reveals sensitive information about the network. The graphs are therefore stored in encrypted form. We study the link prediction problem on encrypted graphs. To the best of our knowledge, this secure link prediction problem has not been studied before. We use the number of common neighbors for prediction. We present three algorithms for the secure link prediction problem. We design prototypes of the schemes and formally prove their security. We execute our algorithms in real-life datasets.Comment: This has been accepted for publication in Advances in Mathematics of Communications (AMC) journa

Fine-Grained Derandomization: From Problem-Centric to Resource-Centric Complexity

We show that popular hardness conjectures about problems from the field of fine-grained complexity theory imply structural results for resource-based complexity classes. Namely, we show that if either k-Orthogonal Vectors or k-CLIQUE requires n^{epsilon k} time, for some constant epsilon>1/2, to count (note that these conjectures are significantly weaker than the usual ones made on these problems) on randomized machines for all but finitely many input lengths, then we have the following derandomizations: - BPP can be decided in polynomial time using only n^alpha random bits on average over any efficient input distribution, for any constant alpha>0 - BPP can be decided in polynomial time with no randomness on average over the uniform distribution This answers an open question of Ball et al. (STOC \u2717) in the positive of whether derandomization can be achieved from conjectures from fine-grained complexity theory. More strongly, these derandomizations improve over all previous ones achieved from worst-case uniform assumptions by succeeding on all but finitely many input lengths. Previously, derandomizations from worst-case uniform assumptions were only know to succeed on infinitely many input lengths. It is specifically the structure and moderate hardness of the k-Orthogonal Vectors and k-CLIQUE problems that makes removing this restriction possible. Via this uniform derandomization, we connect the problem-centric and resource-centric views of complexity theory by showing that exact hardness assumptions about specific problems like k-CLIQUE imply quantitative and qualitative relationships between randomized and deterministic time. This can be either viewed as a barrier to proving some of the main conjectures of fine-grained complexity theory lest we achieve a major breakthrough in unconditional derandomization or, optimistically, as route to attain such derandomizations by working on very concrete and weak conjectures about specific problems

Private hospital workflow optimization via secure k-means clustering

Optimizing the workflow of a complex organization such as a hospital is a difficult task. An accurate option is to use a real-time locating system to track locations of both patients and staff. However, privacy regulations forbid hospital management to assess location data of their staff members. In this exploratory work, we propose a secure solution to analyze the joined location data of patients and staff, by means of an innovative cryptographic technique called Secure Multi-Party Computation, in which an additional entity that the staff members can trust, such as a labour union, takes care of the staff data. The hospital, owning location data of patients, and the labour union perform a two-party protocol, in which they securely cluster the staff members by means of the frequency of their patient facing times. We describe the secure solution in detail, and evaluate the performance of our proof-of-concept. This work thus demonstrates the feasibility of secure multi-party clustering in this setting