1,102 research outputs found
SoK: Cryptographically Protected Database Search
Protected database search systems cryptographically isolate the roles of
reading from, writing to, and administering the database. This separation
limits unnecessary administrator access and protects data in the case of system
breaches. Since protected search was introduced in 2000, the area has grown
rapidly; systems are offered by academia, start-ups, and established companies.
However, there is no best protected search system or set of techniques.
Design of such systems is a balancing act between security, functionality,
performance, and usability. This challenge is made more difficult by ongoing
database specialization, as some users will want the functionality of SQL,
NoSQL, or NewSQL databases. This database evolution will continue, and the
protected search community should be able to quickly provide functionality
consistent with newly invented databases.
At the same time, the community must accurately and clearly characterize the
tradeoffs between different approaches. To address these challenges, we provide
the following contributions:
1) An identification of the important primitive operations across database
paradigms. We find there are a small number of base operations that can be used
and combined to support a large number of database paradigms.
2) An evaluation of the current state of protected search systems in
implementing these base operations. This evaluation describes the main
approaches and tradeoffs for each base operation. Furthermore, it puts
protected search in the context of unprotected search, identifying key gaps in
functionality.
3) An analysis of attacks against protected search for different base
queries.
4) A roadmap and tools for transforming a protected search system into a
protected database, including an open-source performance evaluation platform
and initial user opinions of protected search.Comment: 20 pages, to appear to IEEE Security and Privac
Breaking the -Bit Barrier: Byzantine Agreement with Polylog Bits Per Party
Byzantine agreement (BA), the task of parties to agree on one of their
input bits in the face of malicious agents, is a powerful primitive that lies
at the core of a vast range of distributed protocols. Interestingly, in
protocols with the best overall communication, the demands of the parties are
highly unbalanced: the amortized cost is bits per party, but some
parties must send bits. In best known balanced protocols, the
overall communication is sub-optimal, with each party communicating . In this work, we ask whether asymmetry is inherent for optimizing
total communication. Our contributions in this line are as follows:
1) We define a cryptographic primitive, succinctly reconstructed distributed
signatures (SRDS), that suffices for constructing balanced BA. We
provide two constructions of SRDS from different cryptographic and Public-Key
Infrastructure (PKI) assumptions.
2) The SRDS-based BA follows a paradigm of boosting from "almost-everywhere"
agreement to full agreement, and does so in a single round. We prove that PKI
setup and cryptographic assumptions are necessary for such protocols in which
every party sends messages.
3) We further explore connections between a natural approach toward attaining
SRDS and average-case succinct non-interactive argument systems (SNARGs) for a
particular type of NP-Complete problems (generalizing Subset-Sum and
Subset-Product).
Our results provide new approaches forward, as well as limitations and
barriers, towards minimizing per-party communication of BA. In particular, we
construct the first two BA protocols with balanced communication,
offering a tradeoff between setup and cryptographic assumptions, and answering
an open question presented by King and Saia (DISC'09)
The Round Complexity of Perfect MPC with Active Security and Optimal Resiliency
In STOC 1988, Ben-Or, Goldwasser, and Wigderson (BGW) established an important milestone in the fields of cryptography and distributed computing by showing that every functionality can be computed with perfect (information-theoretic and error-free) security at the presence of an active (aka Byzantine) rushing adversary that controls up to of the parties.
We study the round complexity of general secure multiparty computation in the BGW model. Our main result shows that every functionality can be realized in only four rounds of interaction, and that some functionalities cannot be computed in three rounds. This completely settles the round-complexity of perfect actively-secure optimally-resilient MPC, resolving a long line of research.
Our lower-bound is based on a novel round-reduction technique that allows us to lift existing three-round lower-bounds for verifiable secret sharing to four-round lower-bounds for general MPC. To prove the upper-bound, we develop new round-efficient protocols for computing degree-2 functionalities over large fields, and establish the completeness of such functionalities. The latter result extends the recent completeness theorem of Applebaum, Brakerski and Tsabary (TCC 2018, Eurocrypt 2019) that was limited to the binary field
Round-Optimal Secure Two-Party Computation from Trapdoor Permutations
In this work we continue the study on the round complexity of secure two-party computation with black-box simulation. Katz and Ostrovsky in CRYPTO 2004 showed a 5 (optimal) round construction assuming trapdoor permutations for the general case where both players receive the output. They also proved that their result is round optimal. This lower bound has been recently revisited by Garg et al. in Eurocrypt 2016 where a 4 (optimal) round protocol is showed assuming a simultaneous message exchange channel. Unfortunately there is no instantiation of the protocol of Garg et al. under standard polynomial-time hardness assumptions. In this work we close the above gap by showing a 4 (optimal) round construction for secure two-party computation in the simultaneous message channel model with black-box simulation, assuming trapdoor permutations against polynomial-time adversaries. Our construction for secure two-party computation relies on a special 4-round protocol for oblivious transfer that nicely composes with other protocols in parallel. We define and construct such special oblivious transfer protocol from trapdoor permutations. This building block is clearly interesting on its own. Our construction also makes use of a recent advance on non-malleability: a delayed-input 4-round non-malleable zero knowledge argument
Anonymous Point Collection - Improved Models and Security Definitions
This work is a comprehensive, formal treatment of anonymous point collection. The proposed definition does not only provide a strong notion of security and privacy, but also covers features which are important for practical use. An efficient realization is presented and proven to fulfill the proposed definition. The resulting building block is the first one that allows for anonymous two-way transactions, has semi-offline capabilities, yields constant storage size, and is provably secure
- …