Private Simultaneous Messages Based on Quadratic Residues

Private Simultaneous Messages (PSM) model is a minimal model for secure multiparty computation. Feige, Kilian, and Naor (STOC 1994) and Ishai (Cryptology and Information Security Series 2013) constructed PSM protocols based on quadratic residues. In this paper, we define QR-PSM protocols as a generalization of these protocols. A QR-PSM protocol is a PSM protocol whose decoding function outputs the quadratic residuosity of what is computed from messages. We design a QR-PSM protocol for any symmetric function $f: \{0,1\}^n \rightarrow \{0,1\}$ of communication complexity $O(n^2)$. As far as we know, it is the most efficient PSM protocol since the previously known best PSM protocol was of $O(n^2\log n)$ (Beimel et al., CRYPTO 2014). We also study the sizes of the underlying finite fields $\mathbb{F}_p$ in the protocols since the communication complexity of a QR-PSM protocol is proportional to the bit length of the prime $p$. In particular, we show that the $N$-th Peralta prime $P_N$, which is used for general QR-PSM protocols, can be taken as at most $(1+o(1))N^2 2^{2N-2}$, which improves the Peralta's known result (Mathematics of Computation 1992) by a constant factor $(1+\sqrt{2})^2$

Mental Card Gaming Protocols Supportive Of Gameplay Versatility, Robustness And Efficiency

Pennainan kad mental merupakan protokol kriptografi yang membolehkan pennainan yang ~ disahkan adil di kalangan parti-parti jauh yang penyangsi dan berpotensi menipu. Pennainan kad ini setidak-tidaknya patut menyokong-tanpa memperkenal~an parti ketiga yang dipercayai (TTP)--rahsia kad, pengesanan penipuan dan keselamatan bersyarat ke atas pakatan pemain. Tambahan kepada keperJuan asas ini, kami meninjau isu-isu pennainan kad mental yang berkaitan dengan fungsian permainan, keteguhan operasional dan kecekapan implementasi. Pengkajian kami diberangsang oleh potensi pennainan berasaskan komputer dan rangkaian yang melewati batas kemampuan kad fizikal, terutamanya pembongkaran maklumat terperinci kad (seperti warna, darjat, simbol atau kebangsawanan) sambil merahsiakan nilai keseluruhan kad tersebut. ~. Mental card games are cryptographic protocols which permit verifiably fair gameplay among a l< ~. priori distrustful and potentially untrustworthy remote parties and should minimally providewithout the introduction of a trusted third party (TTP)---for card confidentiality, fraud detection and conditional security against collusion. In addition to these basic requirements, we explore into gameplay functionality, operational robustness and implementation efficiency issues of mental card gaming. Our research is incited by the potential of computer-based and networkmediated gameplay beyond the capability of physical cards, particularly fine-grained information disclosure (such as colour, rank, symbol or courtliness) with preservation of card secrecy. On the other hand, being network connected renders the protocol susceptible to (accidental or intentional) disconnection attack, as well as other malicious behaviours

Cryptanalysis of the Legendre PRF and generalizations

The Legendre PRF relies on the conjectured pseudorandomness properties of the Legendre symbol with a hidden shift. Originally proposed as a PRG by Damgård at CRYPTO 1988, it was recently suggested as an efficient PRF for multiparty computation purposes by Grassi et al. at CCS 2016. Moreover, the Legendre PRF is being considered for usage in the Ethereum 2.0 blockchain. This paper improves previous attacks on the Legendre PRF and its higher-degree variant due to Khovratovich by reducing the time complexity from O(plogp/M) to O(plog^2p/M2) Legendre symbol evaluations when M≤p√4 queries are available. The practical relevance of our improved attack is demonstrated by breaking two concrete instances of the PRF proposed by the Ethereum foundation. Furthermore, we generalize our attack in a nontrivial way to the higher-degree variant of the Legendre PRF and we point out a large class of weak keys for this construction. Lastly, we provide the first security analysis of two additional generalizations of the Legendre PRF originally proposed by Damgård in the PRG setting, namely the Jacobi PRF and the power residue PRF

THRIVE: Threshold Homomorphic encryption based secure and privacy preserving bIometric VErification system

In this paper, we propose a new biometric verification and template protection system which we call the THRIVE system. The system includes novel enrollment and authentication protocols based on threshold homomorphic cryptosystem where the private key is shared between a user and the verifier. In the THRIVE system, only encrypted binary biometric templates are stored in the database and verification is performed via homomorphically randomized templates, thus, original templates are never revealed during the authentication stage. The THRIVE system is designed for the malicious model where the cheating party may arbitrarily deviate from the protocol specification. Since threshold homomorphic encryption scheme is used, a malicious database owner cannot perform decryption on encrypted templates of the users in the database. Therefore, security of the THRIVE system is enhanced using a two-factor authentication scheme involving the user's private key and the biometric data. We prove security and privacy preservation capability of the proposed system in the simulation-based model with no assumption. The proposed system is suitable for applications where the user does not want to reveal her biometrics to the verifier in plain form but she needs to proof her physical presence by using biometrics. The system can be used with any biometric modality and biometric feature extraction scheme whose output templates can be binarized. The overall connection time for the proposed THRIVE system is estimated to be 336 ms on average for 256-bit biohash vectors on a desktop PC running with quad-core 3.2 GHz CPUs at 10 Mbit/s up/down link connection speed. Consequently, the proposed system can be efficiently used in real life applications

Minimum disclosure proofs of knowledge

AbstractProtocols are given for allowing a “prover” to convince a “verifier” that the prover knows some verifiable secret information, without allowing the verifier to learn anything about the secret. The secret can be probabilistically or deterministically verifiable, and only one of the prover or the verifier need have constrained resources. This paper unifies and extends models and techniques previously put forward by the authors, and compares some independent related work

Prime Match: A Privacy-Preserving Inventory Matching System

Inventory matching is a standard mechanism for trading financial stocks by which buyers and sellers can be paired. In the financial world, banks often undertake the task of finding such matches between their clients. The related stocks can be traded without adversely impacting the market price for either client. If matches between clients are found, the bank can offer the trade at advantageous rates. If no match is found, the parties have to buy or sell the stock in the public market, which introduces additional costs. A problem with the process as it is presently conducted is that the involved parties must share their order to buy or sell a particular stock, along with the intended quantity (number of shares), to the bank. Clients worry that if this information were to “leak” somehow, then other market participants would become aware of their intentions and thus cause the price to move adversely against them before their transaction finalizes. We provide a solution, Prime Match, that enables clients to match their orders efficiently with reduced market impact while maintaining privacy. In the case where there are no matches, no information is revealed. Our main cryptographic innovation is a two-round secure linear comparison protocol for computing the minimum between two quantities without preprocessing and with malicious security, which can be of independent interest. We report benchmarks of our Prime Match system, which runs in production and is adopted by a large bank in the US -- J.P. Morgan. The system is designed utilizing a star topology network, which provides clients with a centralized node (the bank) as an alternative to the idealized assumption of point-to-point connections, which would be impractical and undesired for the clients to implement in reality. Prime Match is the first secure multiparty computation solution running live in the traditional financial world

A measurement study of peer-to-peer bootstrapping and implementations of delay-based cryptography

This thesis researches two distinct areas of study in both peer-to-peer networking formodern cryptocurrencies and implementations of delay-based cryptography.The first part of the thesis researches elements of peer-to-peer network mechanisms,with a specific focus on the dependencies on centralised infrastructure required for theinitial participation in such networks.Cryptocurrencies rely on decentralised peer-to-peer networks, yet the method bywhich new peers initially join these networks, known as bootstrapping, presents a significantchallenge. Our original research consists of a measurement study of 74 cryptocurrencies.Our study reveals a prevalent reliance on centralised infrastructure which leadsto censorship-prone bootstrapping techniques leaving networks vulnerable to censorshipand manipulation.In response, we explore alternative bootstrapping methods seeking solutions lesssusceptible to censorship. However, our research demonstrates operational challengesand limitations which hinder their effectiveness, highlighting the complexity of achievingcensorship-resistance in practice.Furthermore, our global measurement study uncovers the details of cryptocurrencypeer-to-peer networks, revealing instances outages and intentional protocol manipulationimpacting bootstrapping operations. Through a volunteer network of probes deployedacross 42 countries, we analyse network topology, exposing centralisation tendencies andunintentional peer exposure.Our research also highlights the pervasive inheritance of legacy bootstrapping methods,perpetuating security vulnerabilities and censorship risks within cryptocurrencysystems. These findings illuminate broader concerns surrounding decentralisation andcensorship-resistance in distributed systems.In conclusion, our study offers valuable insights into cryptocurrency bootstrappingtechniques and their susceptibility to censorship, paving the way for future research andinterventions to enhance the resilience and autonomy of peer-to-peer networks.In the second part of the thesis, attention shifts towards delay-based cryptography,where the focus lies on the creation and practical implementations of timed-release encryptionschemes. Drawing from the historical delay-based cryptographic protocols, thisthesis presents two original research contributions.The first is the creation of a new timed-release encryption scheme with a propertytermed implicit authentication. The second contribution is the development of a practicalconstruction called TIDE (TIme Delayed Encryption) tailored for use in sealed-bidauctions.Timed-Release Encryption with Implicit Authentication (TRE-IA) is a cryptographicprimitive which presents a new property named implicit authentication (IA). This propertyensures that only authorised parties, such as whistleblowers, can generate meaningfulciphertexts. By incorporating IA techniques into the encryption process, TRE-IAaugments a new feature in standard timed-release encryption schemes by ensuring thatonly the party with the encryption key can create meaningful ciphertexts. This propertyensures the authenticity of the party behind the sensitive data disclosure. Specifically, IAenables the encryption process to authenticate the identity of the whistleblower throughthe ciphertext. This property prevents malicious parties from generating ciphertextsthat do not originate from legitimate sources. This ensures the integrity and authenticityof the encrypted data, safeguarding against potential leaks of information not vettedby the party performing the encryption.TIDE introduces a new method for timed-release encryption in the context of sealedbidauctions by creatively using classic number-theoretic techniques. By integratingRSA-OEAP public-key encryption and the Rivest Shamir Wagner time-lock assumptionwith classic number theory principles, TIDE offers a solution that is both conceptuallystraightforward and efficient to implement.Our contributions in TIDE address the complexities and performance challengesinherent in current instantiations of timed-release encryption schemes. Our researchoutput creates a practical timed-release encryption implementation on consumer-gradehardware which can facilitate real-world applications such as sealed-bid auctions withclear steps for implementation.Finally, our thesis concludes with a review of the prospects of delay-based cryptographywhere we consider potential applications such as leveraging TIDE for a publicrandomness beacon.<br/

A New Approach for Homomorphic Encryption with Secure Function Evaluation on Genomic Data

Additively homomorphic encryption is a public-key primitive allowing a sum to be computed on encrypted values. Although limited in functionality, additive schemes have been an essential tool in the private function evaluation toolbox for decades. They are typically faster and more straightforward to implement relative to their fully homomorphic counterparts, and more efficient than garbled circuits in certain applications. This thesis presents a novel method for extending the functionality of additively homomorphic encryption to allow the private evaluation of functions of restricted domain. Provided the encrypted sum falls within the restricted domain, the function can be homomorphically evaluated “for free” in a single public-key operation. We will describe an algorithm for encoding private functions into the public-keys of two well-known additive cryptosystems. We extend this scheme to an application in the field of pharmacogenomics called Similar Patient Query. With the advent of human genome project, there is a tremendous availability of genomic data opening the door for a possibility of many advances in the field of medicine. Precision medicine is one such application where a patient is administered drugs based on their genetic makeup. If the genomic data is not kept private, it can lead to several information frauds, so it needs to be encrypted. To tap the full potential of the encrypted genomic data, we need to perform computations on it without compromising its security. For SPQ, we pick a query genome and compare it across a hospital data base, to find patients similar to that of the query and use the information to apply precision medicine, all of this is carried out under privacy preserving settings in the presence of a semi-honest adversary in a single transaction