4,906 research outputs found
Efficient UC Commitment Extension with Homomorphism for Free (and Applications)
Homomorphic universally composable (UC) commitments allow for the sender to reveal the result of additions and multiplications of values contained in commitments without revealing the values themselves while assuring the receiver of the correctness of such computation on committed values.
In this work, we construct essentially optimal additively homomorphic UC commitments from any (not necessarily UC or homomorphic) extractable commitment. We obtain amortized linear computational complexity in the length of the input messages and rate 1.
Next, we show how to extend our scheme to also obtain multiplicative homomorphism at the cost of asymptotic optimality but retaining low concrete complexity for practical parameters.
While the previously best constructions use UC oblivious transfer as the main building block, our constructions only require extractable commitments and PRGs, achieving better concrete efficiency and offering new insights into the sufficient conditions for obtaining homomorphic UC commitments.
Moreover, our techniques yield public coin protocols, which are compatible with the Fiat-Shamir heuristic.
These results come at the cost of realizing a restricted version of the homomorphic commitment functionality where the sender is allowed to perform any number of commitments and operations on committed messages but is only allowed to perform a single batch opening of a number of commitments.
Although this functionality seems restrictive, we show that it can be used as a building block for more efficient instantiations of recent protocols for secure multiparty computation and zero knowledge non-interactive arguments of knowledge
ARPA Whitepaper
We propose a secure computation solution for blockchain networks. The
correctness of computation is verifiable even under malicious majority
condition using information-theoretic Message Authentication Code (MAC), and
the privacy is preserved using Secret-Sharing. With state-of-the-art multiparty
computation protocol and a layer2 solution, our privacy-preserving computation
guarantees data security on blockchain, cryptographically, while reducing the
heavy-lifting computation job to a few nodes. This breakthrough has several
implications on the future of decentralized networks. First, secure computation
can be used to support Private Smart Contracts, where consensus is reached
without exposing the information in the public contract. Second, it enables
data to be shared and used in trustless network, without disclosing the raw
data during data-at-use, where data ownership and data usage is safely
separated. Last but not least, computation and verification processes are
separated, which can be perceived as computational sharding, this effectively
makes the transaction processing speed linear to the number of participating
nodes. Our objective is to deploy our secure computation network as an layer2
solution to any blockchain system. Smart Contracts\cite{smartcontract} will be
used as bridge to link the blockchain and computation networks. Additionally,
they will be used as verifier to ensure that outsourced computation is
completed correctly. In order to achieve this, we first develop a general MPC
network with advanced features, such as: 1) Secure Computation, 2) Off-chain
Computation, 3) Verifiable Computation, and 4)Support dApps' needs like
privacy-preserving data exchange
Multi-party Quantum Computation
We investigate definitions of and protocols for multi-party quantum computing
in the scenario where the secret data are quantum systems. We work in the
quantum information-theoretic model, where no assumptions are made on the
computational power of the adversary. For the slightly weaker task of
verifiable quantum secret sharing, we give a protocol which tolerates any t <
n/4 cheating parties (out of n). This is shown to be optimal. We use this new
tool to establish that any multi-party quantum computation can be securely
performed as long as the number of dishonest players is less than n/6.Comment: Masters Thesis. Based on Joint work with Claude Crepeau and Daniel
Gottesman. Full version is in preparatio
Infinite Secret Sharing -- Examples
The motivation for extending secret sharing schemes to cases when either the
set of players is infinite or the domain from which the secret and/or the
shares are drawn is infinite or both, is similar to the case when switching to
abstract probability spaces from classical combinatorial probability. It might
shed new light on old problems, could connect seemingly unrelated problems, and
unify diverse phenomena.
Definitions equivalent in the finitary case could be very much different when
switching to infinity, signifying their difference. The standard requirement
that qualified subsets should be able to determine the secret has different
interpretations in spite of the fact that, by assumption, all participants have
infinite computing power. The requirement that unqualified subsets should have
no, or limited information on the secret suggests that we also need some
probability distribution. In the infinite case events with zero probability are
not necessarily impossible, and we should decide whether bad events with zero
probability are allowed or not.
In this paper, rather than giving precise definitions, we enlist an abundance
of hopefully interesting infinite secret sharing schemes. These schemes touch
quite diverse areas of mathematics such as projective geometry, stochastic
processes and Hilbert spaces. Nevertheless our main tools are from probability
theory. The examples discussed here serve as foundation and illustration to the
more theory oriented companion paper
Cryptographic Tools for Privacy Preservation
Data permeates every aspect of our daily life and it is the backbone of our digitalized society. Smartphones, smartwatches and many more smart devices measure, collect, modify and share data in what is known as the Internet of Things.Often, these devices don’t have enough computation power/storage space thus out-sourcing some aspects of the data management to the Cloud. Outsourcing computation/storage to a third party poses natural questions regarding the security and privacy of the shared sensitive data.Intuitively, Cryptography is a toolset of primitives/protocols of which security prop- erties are formally proven while Privacy typically captures additional social/legislative requirements that relate more to the concept of “trust” between people, “how” data is used and/or “who” has access to data. This thesis separates the concepts by introducing an abstract model that classifies data leaks into different types of breaches. Each class represents a specific requirement/goal related to cryptography, e.g. confidentiality or integrity, or related to privacy, e.g. liability, sensitive data management and more.The thesis contains cryptographic tools designed to provide privacy guarantees for different application scenarios. In more details, the thesis:(a) defines new encryption schemes that provide formal privacy guarantees such as theoretical privacy definitions like Differential Privacy (DP), or concrete privacy-oriented applications covered by existing regulations such as the European General Data Protection Regulation (GDPR);(b) proposes new tools and procedures for providing verifiable computation’s guarantees in concrete scenarios for post-quantum cryptography or generalisation of signature schemes;(c) proposes a methodology for utilising Machine Learning (ML) for analysing the effective security and privacy of a crypto-tool and, dually, proposes a secure primitive that allows computing specific ML algorithm in a privacy-preserving way;(d) provides an alternative protocol for secure communication between two parties, based on the idea of communicating in a periodically timed fashion
Verifiable Differential Privacy
Differential Privacy (DP) is often presented as a strong privacy-enhancing
technology with broad applicability and advocated as a de-facto standard for
releasing aggregate statistics on sensitive data. However, in many embodiments,
DP introduces a new attack surface: a malicious entity entrusted with releasing
statistics could manipulate the results and use the randomness of DP as a
convenient smokescreen to mask its nefariousness. Since revealing the random
noise would obviate the purpose of introducing it, the miscreant may have a
perfect alibi. To close this loophole, we introduce the idea of
\textit{Verifiable Differential Privacy}, which requires the publishing entity
to output a zero-knowledge proof that convinces an efficient verifier that the
output is both DP and reliable. Such a definition might seem unachievable, as a
verifier must validate that DP randomness was generated faithfully without
learning anything about the randomness itself. We resolve this paradox by
carefully mixing private and public randomness to compute verifiable DP
counting queries with theoretical guarantees and show that it is also practical
for real-world deployment. We also demonstrate that computational assumptions
are necessary by showing a separation between information-theoretic DP and
computational DP under our definition of verifiability
- …