2,498 research outputs found
Privacy Preserving Multi-Server k-means Computation over Horizontally Partitioned Data
The k-means clustering is one of the most popular clustering algorithms in
data mining. Recently a lot of research has been concentrated on the algorithm
when the dataset is divided into multiple parties or when the dataset is too
large to be handled by the data owner. In the latter case, usually some servers
are hired to perform the task of clustering. The dataset is divided by the data
owner among the servers who together perform the k-means and return the cluster
labels to the owner. The major challenge in this method is to prevent the
servers from gaining substantial information about the actual data of the
owner. Several algorithms have been designed in the past that provide
cryptographic solutions to perform privacy preserving k-means. We provide a new
method to perform k-means over a large set using multiple servers. Our
technique avoids heavy cryptographic computations and instead we use a simple
randomization technique to preserve the privacy of the data. The k-means
computed has exactly the same efficiency and accuracy as the k-means computed
over the original dataset without any randomization. We argue that our
algorithm is secure against honest but curious and passive adversary.Comment: 19 pages, 4 tables. International Conference on Information Systems
Security. Springer, Cham, 201
Chameleon: A Hybrid Secure Computation Framework for Machine Learning Applications
We present Chameleon, a novel hybrid (mixed-protocol) framework for secure
function evaluation (SFE) which enables two parties to jointly compute a
function without disclosing their private inputs. Chameleon combines the best
aspects of generic SFE protocols with the ones that are based upon additive
secret sharing. In particular, the framework performs linear operations in the
ring using additively secret shared values and nonlinear
operations using Yao's Garbled Circuits or the Goldreich-Micali-Wigderson
protocol. Chameleon departs from the common assumption of additive or linear
secret sharing models where three or more parties need to communicate in the
online phase: the framework allows two parties with private inputs to
communicate in the online phase under the assumption of a third node generating
correlated randomness in an offline phase. Almost all of the heavy
cryptographic operations are precomputed in an offline phase which
substantially reduces the communication overhead. Chameleon is both scalable
and significantly more efficient than the ABY framework (NDSS'15) it is based
on. Our framework supports signed fixed-point numbers. In particular,
Chameleon's vector dot product of signed fixed-point numbers improves the
efficiency of mining and classification of encrypted data for algorithms based
upon heavy matrix multiplications. Our evaluation of Chameleon on a 5 layer
convolutional deep neural network shows 133x and 4.2x faster executions than
Microsoft CryptoNets (ICML'16) and MiniONN (CCS'17), respectively
A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components
The semiconductor industry is fully globalized and integrated circuits (ICs)
are commonly defined, designed and fabricated in different premises across the
world. This reduces production costs, but also exposes ICs to supply chain
attacks, where insiders introduce malicious circuitry into the final products.
Additionally, despite extensive post-fabrication testing, it is not uncommon
for ICs with subtle fabrication errors to make it into production systems.
While many systems may be able to tolerate a few byzantine components, this is
not the case for cryptographic hardware, storing and computing on confidential
data. For this reason, many error and backdoor detection techniques have been
proposed over the years. So far all attempts have been either quickly
circumvented, or come with unrealistically high manufacturing costs and
complexity.
This paper proposes Myst, a practical high-assurance architecture, that uses
commercial off-the-shelf (COTS) hardware, and provides strong security
guarantees, even in the presence of multiple malicious or faulty components.
The key idea is to combine protective-redundancy with modern threshold
cryptographic techniques to build a system tolerant to hardware trojans and
errors. To evaluate our design, we build a Hardware Security Module that
provides the highest level of assurance possible with COTS components.
Specifically, we employ more than a hundred COTS secure crypto-coprocessors,
verified to FIPS140-2 Level 4 tamper-resistance standards, and use them to
realize high-confidentiality random number generation, key derivation, public
key decryption and signing. Our experiments show a reasonable computational
overhead (less than 1% for both Decryption and Signing) and an exponential
increase in backdoor-tolerance as more ICs are added
Multi OwnerSecret Key Generation for Ranked Multi-Keyword Search in Cloud
For privacy concerns, secure searches over encrypted cloud data has motivated several research works under the single owner model. However, most cloud servers in practice do not just serve one owner; instead, they support multiple owners to share the benefits brought by cloud computing. The issue of recovering the encrypted data over the cloud is mind boggling. Numerous search procedures are utilized for recovering the scrambled data from cloud. This paper axes around an arrangement of keyword Search instruments over encrypted data, which gives secured data recovery high proficiency. Search over encrypted data is a method of extraordinary enthusiasm for the cloud computing time, in light of the fact that numerous trust that delicate data must be scrambled before outsourcing to the cloud servers with a specific end goal to guarantee client data security. Concocting a productive and secure search scheme over scrambled data includes strategies from ple spaces. It presumes that, keyword search is intended to be best methodology for searching the encrypted data in the Cloud. It gives more productivity than single keyword search
Verifiable Secret Key Generation for Ranked Multi-Keyword Search in Cloud
Cloud storage is exceptionally well known in ongoing pattern as it gives more advantages over the customary storage arrangements. To guarantee security in cloud, encryption methods assume a noteworthy part when data are outsourced to the cloud. The issue of recovering the encrypted data over the cloud is mind boggling. Numerous search procedures are utilized for recovering the scrambled data from cloud. This paper axes around an arrangement of keyword Search instruments over encrypted data, which gives secured data recovery high proficiency. Search over encrypted data is a method of extraordinary enthusiasm for the cloud computing time, in light of the fact that numerous trust that delicate data must be scrambled before outsourcing to the cloud servers with a specific end goal to guarantee client data security. Concocting a productive and secure search scheme over scrambled data includes strategies from ple spaces. It presumes that, keyword search is intended to be best methodology for searching the encrypted data in the Cloud. It gives more productivity than single keyword search
Privacy-Preserving Secret Shared Computations using MapReduce
Data outsourcing allows data owners to keep their data at \emph{untrusted}
clouds that do not ensure the privacy of data and/or computations. One useful
framework for fault-tolerant data processing in a distributed fashion is
MapReduce, which was developed for \emph{trusted} private clouds. This paper
presents algorithms for data outsourcing based on Shamir's secret-sharing
scheme and for executing privacy-preserving SQL queries such as count,
selection including range selection, projection, and join while using MapReduce
as an underlying programming model. Our proposed algorithms prevent an
adversary from knowing the database or the query while also preventing
output-size and access-pattern attacks. Interestingly, our algorithms do not
involve the database owner, which only creates and distributes secret-shares
once, in answering any query, and hence, the database owner also cannot learn
the query. Logically and experimentally, we evaluate the efficiency of the
algorithms on the following parameters: (\textit{i}) the number of
communication rounds (between a user and a server), (\textit{ii}) the total
amount of bit flow (between a user and a server), and (\textit{iii}) the
computational load at the user and the server.\BComment: IEEE Transactions on Dependable and Secure Computing, Accepted 01
Aug. 201
Raziel: Private and Verifiable Smart Contracts on Blockchains
Raziel combines secure multi-party computation and proof-carrying code to
provide privacy, correctness and verifiability guarantees for smart contracts
on blockchains. Effectively solving DAO and Gyges attacks, this paper describes
an implementation and presents examples to demonstrate its practical viability
(e.g., private and verifiable crowdfundings and investment funds).
Additionally, we show how to use Zero-Knowledge Proofs of Proofs (i.e.,
Proof-Carrying Code certificates) to prove the validity of smart contracts to
third parties before their execution without revealing anything else. Finally,
we show how miners could get rewarded for generating pre-processing data for
secure multi-party computation.Comment: Support: cothority/ByzCoin/OmniLedge
- …