22 research outputs found
Towards Practical Privacy Preserving Technology Adoption Analysis Service Platform
Technology adoption analysis is one of the key exercises in managing technology innovation and diffusion. In this paper, we present a service platform for technology adoption analysis, with aim tailored to provide service provisioning to potential technology users and providers. With two service models provided in this platform, a practical privacy preserving framework is developed to help relieve privacy concerns of the platform participants. To illustrate the feasibility of the privacy preserving framework of this platform, an adoption process for RFID technology adoption analysis in logistics and supply chain management is presented to identify key sensitive attributes for background knowledge leading to unique identification of an individual or company.published_or_final_versio
On the Communication Complexity of Secure Computation
Information theoretically secure multi-party computation (MPC) is a central
primitive of modern cryptography. However, relatively little is known about the
communication complexity of this primitive.
In this work, we develop powerful information theoretic tools to prove lower
bounds on the communication complexity of MPC. We restrict ourselves to a
3-party setting in order to bring out the power of these tools without
introducing too many complications. Our techniques include the use of a data
processing inequality for residual information - i.e., the gap between mutual
information and G\'acs-K\"orner common information, a new information
inequality for 3-party protocols, and the idea of distribution switching by
which lower bounds computed under certain worst-case scenarios can be shown to
apply for the general case.
Using these techniques we obtain tight bounds on communication complexity by
MPC protocols for various interesting functions. In particular, we show
concrete functions that have "communication-ideal" protocols, which achieve the
minimum communication simultaneously on all links in the network. Also, we
obtain the first explicit example of a function that incurs a higher
communication cost than the input length in the secure computation model of
Feige, Kilian and Naor (1994), who had shown that such functions exist. We also
show that our communication bounds imply tight lower bounds on the amount of
randomness required by MPC protocols for many interesting functions.Comment: 37 page
Communication Complexity and Secure Function Evaluation
We suggest two new methodologies for the design of efficient secure
protocols, that differ with respect to their underlying computational models.
In one methodology we utilize the communication complexity tree (or branching
for f and transform it into a secure protocol. In other words, "any function f
that can be computed using communication complexity c can be can be computed
securely using communication complexity that is polynomial in c and a security
parameter". The second methodology uses the circuit computing f, enhanced with
look-up tables as its underlying computational model. It is possible to
simulate any RAM machine in this model with polylogarithmic blowup. Hence it is
possible to start with a computation of f on a RAM machine and transform it
into a secure protocol.
We show many applications of these new methodologies resulting in protocols
efficient either in communication or in computation. In particular, we
exemplify a protocol for the "millionaires problem", where two participants
want to compare their values but reveal no other information. Our protocol is
more efficient than previously known ones in either communication or
computation
Secure Two-Party Computation with Low Communication
We propose a 2-party UC-secure protocol that can compute any function securely. The protocol requires only two messages, communication that is poly-logarithmic in the size of the circuit description of the function, and the workload for one of the parties is also only poly-logarithmic in the size of the circuit. This implies, for instance,
delegatable computation that requires no expensive off-line phase
and remains secure even if the server learns whether the client accepts
its results. To achieve this, we define two new notions of extractable hash functions, propose an instantiation based on the knowledge of exponent in an RSA group, and build succinct zero-knowledge arguments in the CRS model
Small, Stupid, and Scalable: Secure Computing with Faerieplay *
ABSTRACT How can Agnes trust a computation C occurring at Boris's computer? In particular, how can Agnes can trust that C is occurring without Boris even being able to observe its internal state? One way is for Agnes to house C in a strong tamper-protected secure coprocessor at Boris's site. However, this approach is not scalable: neither in terms of computation-once C gets larger than the coprocessor, it becomes vulnerable to Boris again-nor in terms of cost. In this paper, we report on our Faerieplay project: rather than worrying about the limited size of a secure coprocessor, we try to make it as small as possible, with limited RAM and CPU. We start with the Fairplay work of Malkhi et al on implementing Yao's blinded-circuit solution to secure multiparty computation with software-this permits Agnes to trust C, but is too inefficient for all but small C. We then use our own prior work on using trusted third parties for practical Private Information Retrieval to design and prototype tiny trusted third parties (TTTPs) that substantially reduce the overhead involved in blind circuit evaluation
MPC with Low Bottleneck-Complexity: Information-Theoretic Security and More
The bottleneck-complexity (BC) of secure multiparty computation (MPC) protocols is a measure of the maximum number of bits which are sent and received by any party in a protocol. As the name suggests, the goal of studying BC-efficient protocols is to increase overall efficiency by making sure that the workload in the protocol is somehow amortized\u27\u27 by the protocol participants.
Orlandi et al. (PKC 2022) initiated the study of BC-efficient protocols from simple assumptions in the correlated randomness model and for semi-honest adversaries. In this work, we extend the study of Orlandi et al. in two primary directions: (a) to a larger and more general class of functions and (b) to the information-theoretic setting.
In particular, we offer semi-honest secure protocols for the useful function classes of abelian programs, \u27read-\u27 non-abelian programs, and \u27read-\u27 generalized formulas.
Our constructions use a novel abstraction, called \u27incremental function secret-sharing\u27 (IFSS), that can be instantiated with unconditional security or from one-way functions (with different efficiency trade-offs)
Garbled Circuit Lookup Tables with Logarithmic Number of Ciphertexts
Garbled Circuit (GC) is a basic technique for practical secure computation. GC handles Boolean circuits; it consumes significant network bandwidth to transmit encoded gate truth tables, each of which scales with the computational security parameter . GC optimizations that reduce bandwidth consumption are valuable.
It is natural to consider a generalization of Boolean two-input one-output gates (represented by -row one-column lookup tables, LUTs) to arbitrary -row -column LUTs. Known techniques for this do not scale, with naive size- garbled LUT being the most practical approach in many scenarios.
Our novel garbling scheme -- logrow -- implements GC LUTs while sending only a logarithmic in number of ciphertexts! Specifically, let . We allow the GC parties to evaluate a LUT for bits of communication. logrow is compatible with modern GC advances, e.g. half gates and free XOR.
Our work improves state-of-the-art GC handling of several interesting applications, such as privacy-preserving machine learning, floating-point arithmetic, and DFA evaluation
Near Optimal Rate Homomorphic Encryption for Branching Programs
We initiate the study of good rate homomorphic encryption schemes.
Based on previous work on securely evaluating (binary I/O) branching programs, we propose a leveled homomorphic encryption scheme
for {\em large-output} polynomial-size branching programs (which we call ) that possesses near optimal-rate. The rate analysis of the new scheme is intricate: the best rate is achieved if a certain parameter is set equal to the only positive root of a degree- polynomial, where is the length of the branching program. We employ the Newton-Puiseux algorithm to find a Puiseux series for this parameter, and based on this, propose a -time algorithm to find an integer approximation to .
We also describe a rate-optimal 1-out-of- CPIR based on rate-optimal homomorphic encryption. In concrete terms, when applied to say, a movie database with elements of -bits, the client can privately download a movie with a communication rate of almost , hence sacrificing only about of bandwidth for privacy.
We also analyze the optimality of the rate efficiency of our scheme in a novel model that may be of independent interest. Our -out-of- CPIR has rate , while we show that no black-box construction surpasses in terms of rate, where is the length of the database elements and the security parameter