Fourier-based Function Secret Sharing with General Access Structure

Function secret sharing (FSS) scheme is a mechanism that calculates a function f(x) for x in {0,1}^n which is shared among p parties, by using distributed functions f_i:{0,1}^n -> G, where G is an Abelian group, while the function f:{0,1}^n -> G is kept secret to the parties. Ohsawa et al. in 2017 observed that any function f can be described as a linear combination of the basis functions by regarding the function space as a vector space of dimension 2^n and gave new FSS schemes based on the Fourier basis. All existing FSS schemes are of (p,p)-threshold type. That is, to compute f(x), we have to collect f_i(x) for all the distributed functions. In this paper, as in the secret sharing schemes, we consider FSS schemes with any general access structure. To do this, we observe that Fourier-based FSS schemes by Ohsawa et al. are compatible with linear secret sharing scheme. By incorporating the techniques of linear secret sharing with any general access structure into the Fourier-based FSS schemes, we show Fourier-based FSS schemes with any general access structure.Comment: 12 page

An Efficient Method for Realizing Contractions of Access Structures in Cloud Storage

In single-cloud storage, ciphertext-policy attribute-based encryption (CP-ABE) allows one to encrypt any data under an access structure to a cloud server, specifying what attributes are required to decrypt. In multi-cloud storage, a secret sharing scheme (SSS) allows one to split any data into multiple shares, one to a single server, and specify which subset of the servers are able to recover the data. It is an interesting problem to remove some attributes/servers but still enable the remaining attributes/servers in every authorized set to recover the data. The problem is related to the contraction problem of access structures for SSSs. In this paper, we propose a method that can efficiently transform a given SSS for an access structure to SSSs for contractions of the access structure. We show its applications in solving the attribute removal problem in the CP-ABE based single-cloud storage and the data relocating problem in multi-cloud storage. Our method results in solutions that require either less server storage or even no additional server storage.Comment: IEEE Transactions on Services Computin

Consensus Beyond Thresholds: Generalized Byzantine Quorums Made Live

Existing Byzantine fault-tolerant (BFT) consensus protocols address only threshold failures, where the participating nodes fail independently of each other, each one fails equally likely, and the protocol's guarantees follow from a simple bound on the number of faulty nodes. With the widespread deployment of Byzantine consensus in blockchains and distributed ledgers today, however, more sophisticated trust assumptions are needed. This paper presents the first implementation of BFT consensus with generalized quorums. It starts from a number of generalized trust structures motivated by practice and explores methods to specify and implement them efficiently. In particular, it expresses the trust assumption by a monotone Boolean formula (MBF) with threshold operators and by a monotone span program (MSP), a linear-algebraic model for computation. An implementation of HotStuff BFT consensus using these quorum systems is described as well and compared to the existing threshold model. Benchmarks with HotStuff running on up to 40 replicas demonstrate that the MBF specification incurs no significant slowdown, whereas the MSP expression affects latency and throughput noticeably due to the involved computations.Comment: To appear in the proceedings of SRDS 202

Adaptive Microarchitectural Optimizations to Improve Performance and Security of Multi-Core Architectures

With the current technological barriers, microarchitectural optimizations are increasingly important to ensure performance scalability of computing systems. The shift to multi-core architectures increases the demands on the memory system, and amplifies the role of microarchitectural optimizations in performance improvement. In a multi-core system, microarchitectural resources are usually shared, such as the cache, to maximize utilization but sharing can also lead to contention and lower performance. This can be mitigated through partitioning of shared caches.However, microarchitectural optimizations which were assumed to be fundamentally secure for a long time, can be used in side-channel attacks to exploit secrets, as cryptographic keys. Timing-based side-channels exploit predictable timing variations due to the interaction with microarchitectural optimizations during program execution. Going forward, there is a strong need to be able to leverage microarchitectural optimizations for performance without compromising security. This thesis contributes with three adaptive microarchitectural resource management optimizations to improve security and/or\ua0performance\ua0of multi-core architectures\ua0and a systematization-of-knowledge of timing-based side-channel attacks.\ua0We observe that to achieve high-performance cache partitioning in a multi-core system\ua0three requirements need to be met: i) fine-granularity of partitions, ii) locality-aware placement and iii) frequent changes. These requirements lead to\ua0high overheads for current centralized partitioning solutions, especially as the number of cores in the\ua0system increases. To address this problem, we present an adaptive and scalable cache partitioning solution (DELTA) using a distributed and asynchronous allocation algorithm. The\ua0allocations occur through core-to-core challenges, where applications with larger performance benefit will gain cache capacity. The\ua0solution is implementable in hardware, due to low computational complexity, and can scale to large core counts.According to our analysis, better performance can be achieved by coordination of multiple optimizations for different resources, e.g., off-chip bandwidth and cache, but is challenging due to the increased number of possible allocations which need to be evaluated.\ua0Based on these observations, we present a solution (CBP) for coordinated management of the optimizations: cache partitioning, bandwidth partitioning and prefetching.\ua0Efficient allocations, considering the inter-resource interactions and trade-offs, are achieved using local resource managers to limit the solution space.The continuously growing number of\ua0side-channel attacks leveraging\ua0microarchitectural optimizations prompts us to review attacks and defenses to understand the vulnerabilities of different microarchitectural optimizations. We identify the four root causes of timing-based side-channel attacks: determinism, sharing, access violation\ua0and information flow.\ua0Our key insight is that eliminating any of the exploited root causes, in any of the attack steps, is enough to provide protection.\ua0Based on our framework, we present a systematization of the attacks and defenses on a wide range of microarchitectural optimizations, which highlights their key similarities.\ua0Shared caches are an attractive attack surface for side-channel attacks, while defenses need to be efficient since the cache is crucial for performance.\ua0To address this issue, we present an adaptive and scalable cache partitioning solution (SCALE) for protection against cache side-channel attacks. The solution leverages randomness,\ua0and provides quantifiable and information theoretic security guarantees using differential privacy. The solution closes the performance gap to a state-of-the-art non-secure allocation policy for a mix of secure and non-secure applications

Error-Detecting in Monotone Span Programs with Application to Communication Efficient Multi-Party Computation

Recent improvements in the state-of-the-art of MPC for non-full-threshold access structures introduced the idea of using a collision-resistant hash functions and redundancy in the secret-sharing scheme to construct a communication-efficient MPC protocol which is computationally-secure against malicious adversaries, with abort. The prior work is based on replicated secret-sharing; in this work we extend this methodology to {\em any} multiplicative LSSS implementing a $Q_2$ access structure. To do so we need to establish a folklore property of error detection for such LSSS and their associated Monotone Span Programs. In doing so we obtain communication-efficient online and offline protocols for MPC in the pre-processing model

Construction of Multiplicative Monotone Span Program

Multiplicative monotone span program is one of the important tools to realize secure multiparty computation. It is essential to construct multiplicative monotone span programs for secure multiparty computations. For any access structure, Cramer et al. gave a method to construct multiplicative monotone span programs, but its row size became double, and the column size also increased. In this paper, we propose a new construction which can get a multiplicative monotone span program with the row size less than double without changing the column size

Effective Privacy-Preserving Mechanisms for Vehicle-to-Everything Services

Owing to the advancement of wireless communication technologies, drivers can rely on smart connected vehicles to communicate with each other, roadside units, pedestrians, and remote service providers to enjoy a large amount of vehicle-to-everything (V2X) services, including navigation, parking, ride hailing, and car sharing. These V2X services provide different functions for bettering travel experiences, which have a bunch of benefits. In the real world, even without smart connected vehicles, drivers as users can utilize their smartphones and mobile applications to access V2X services and connect their smartphones to vehicles through some interfaces, e.g., IOS Carplay and Android Auto. In this way, they can still enjoy V2X services through modern car infotainment systems installed on vehicles. Most of the V2X services are data-centric and data-intensive, i.e., users have to upload personal data to a remote service provider, and the service provider can continuously collect a user's data and offer personalized services. However, the data acquired from users may include users' sensitive information, which may expose user privacy and cause serious consequences. To protect user privacy, a basic privacy-preserving mechanism, i.e, anonymization, can be applied in V2X services. Nevertheless, a big obstacle arises as well: user anonymization may affect V2X services' availability. As users become anonymous, users may behave selfishly and maliciously to break the functions of a V2X service without being detected and the service may become unavailable. In short, there exist a conflict between privacy and availability, which is caused by different requirements of users and service providers. In this thesis, we have identified three major conflicts between privacy and availability for V2X services: privacy vs. linkability, privacy vs. accountability, privacy vs. reliability, and then have proposed and designed three privacy-preserving mechanisms to resolve these conflicts. Firstly, the thesis investigates the conflict between privacy and linkability in an automated valet parking (AVP) service, where users can reserve a parking slot for their vehicles such that vehicles can achieve automated valet parking. As an optional privacy-preserving measure, users can choose to anonymize their identities when booking a parking slot for their vehicles. In this way, although user privacy is protected by anonymization, malicious users can repeatedly send parking reservation requests to a parking service provider to make the system unavailable (i.e., "Double-Reservation Attack"). Aiming at this conflict, a security model is given in the thesis to clearly define necessary privacy requirements and potential attacks in an AVP system, and then a privacy-preserving reservation scheme has been proposed based on BBS+ signature and zero-knowledge proof. In the proposed scheme, users can keep anonymous since users only utilize a one-time unlinkable token generated from his/her anonymous credential to achieve parking reservations. In the meantime, by utilizing proxy re-signature, the scheme can also guarantee that one user can only have one token at a time to resist against "Double-Reservation Attack". Secondly, the thesis investigates the conflict between privacy and accountability in a car sharing service, where users can conveniently rent a shared car without human intervention. One basic demand for car sharing service is to check the user's identity to determine his/her validity and enable the user to be accountable if he/she did improper behavior. If the service provider allows users to hide their identities and achieve anonymization to protect user privacy, naturally the car sharing service is unavailable. Aiming at this conflict, a decentralized, privacy-preserving, and accountable car sharing architecture has been proposed in the thesis, where multiple dynamic validation servers are employed to build decentralized trust for users. Under this architecture, the thesis proposes a privacy-preserving identity management scheme to assist in managing users' identities in a dynamic manner based on a verifiable secret sharing/redistribution technique, i.e. the validation servers who manage users' identities are dynamically changed with the time advancing. Moreover, the scheme enables a majority of dynamic validation servers to recover the misbehaving users' identities and guarantees that honest users' identities are confidential to achieve privacy preservation and accountability at the same time. Thirdly, the thesis investigates the conflict between privacy and reliability in a road condition monitoring service, where users can report road conditions to a monitoring service provider to help construct a live map based on crowdsourcing. Usually, a reputation-based mechanism is applied in the service to measure a user's reliability. However, this mechanism cannot be easily integrated with a privacy-preserving mechanism based on user anonymization. When users are anonymous, they can upload arbitrary reports to destroy the service quality and make the service unavailable. Aiming at this conflict, a privacy-preserving crowdsourcing-based road condition monitoring scheme has been proposed in the thesis. By leveraging homomorphic commitments and PS signature, the scheme supports anonymous user reputation management without the assistance of any third-party authority. Furthermore, the thesis proposes several zero-knowledge proof protocols to ensure that a user can keep anonymous and unlinkable but a monitoring service provider can still judge the reliability of this user's report through his/her reputation score. To sum up, with more attention being paid to privacy issues, how to protect user privacy for V2X services becomes more significant. The thesis proposes three effective privacy-preserving mechanisms for V2X services, which resolve the conflict between privacy and availability and can be conveniently integrated into current V2X applications since no trusted third party authority is required. The proposed approaches should be valuable for achieving practical privacy preservation in V2X services