1,465 research outputs found
Computer-aided proofs for multiparty computation with active security
Secure multi-party computation (MPC) is a general cryptographic technique
that allows distrusting parties to compute a function of their individual
inputs, while only revealing the output of the function. It has found
applications in areas such as auctioning, email filtering, and secure
teleconference. Given its importance, it is crucial that the protocols are
specified and implemented correctly. In the programming language community it
has become good practice to use computer proof assistants to verify correctness
proofs. In the field of cryptography, EasyCrypt is the state of the art proof
assistant. It provides an embedded language for probabilistic programming,
together with a specialized logic, embedded into an ambient general purpose
higher-order logic. It allows us to conveniently express cryptographic
properties. EasyCrypt has been used successfully on many applications,
including public-key encryption, signatures, garbled circuits and differential
privacy. Here we show for the first time that it can also be used to prove
security of MPC against a malicious adversary. We formalize additive and
replicated secret sharing schemes and apply them to Maurer's MPC protocol for
secure addition and multiplication. Our method extends to general polynomial
functions. We follow the insights from EasyCrypt that security proofs can be
often be reduced to proofs about program equivalence, a topic that is well
understood in the verification of programming languages. In particular, we show
that in the passive case the non-interference-based definition is equivalent to
a standard game-based security definition. For the active case we provide a new
NI definition, which we call input independence
Zero-knowledge Proof Meets Machine Learning in Verifiability: A Survey
With the rapid advancement of artificial intelligence technology, the usage
of machine learning models is gradually becoming part of our daily lives.
High-quality models rely not only on efficient optimization algorithms but also
on the training and learning processes built upon vast amounts of data and
computational power. However, in practice, due to various challenges such as
limited computational resources and data privacy concerns, users in need of
models often cannot train machine learning models locally. This has led them to
explore alternative approaches such as outsourced learning and federated
learning. While these methods address the feasibility of model training
effectively, they introduce concerns about the trustworthiness of the training
process since computations are not performed locally. Similarly, there are
trustworthiness issues associated with outsourced model inference. These two
problems can be summarized as the trustworthiness problem of model
computations: How can one verify that the results computed by other
participants are derived according to the specified algorithm, model, and input
data? To address this challenge, verifiable machine learning (VML) has emerged.
This paper presents a comprehensive survey of zero-knowledge proof-based
verifiable machine learning (ZKP-VML) technology. We first analyze the
potential verifiability issues that may exist in different machine learning
scenarios. Subsequently, we provide a formal definition of ZKP-VML. We then
conduct a detailed analysis and classification of existing works based on their
technical approaches. Finally, we discuss the key challenges and future
directions in the field of ZKP-based VML
Practical Privacy-Preserving Multiparty Linear Programming Based on Problem Transformation
International audienceCryptographic solutions to privacy-preserving multi-party linear programming are slow. This makes them unsuitable for many economically important applications, such as supply chain optimization, whose size exceeds their practically feasible input range. In this paper we present a privacy-preserving transformation that allows secure outsourcing of the linear program computation in an efficient manner. We evaluate security by quantifying the leakage about the input after the transformation and present implementation results. Using this transformation, we can mostly replace the costly cryptographic operations and securely solve problems several orders of magnitude larger
Multiparty computations in varying contexts
Recent developments in the automatic transformation of protocols into Secure Multiparty Computation (SMC) interactions, and the selection of appropriate schemes for their implementation have improved usabililty of SMC. Poor performance along with data leakage or errors caused by coding mistakes and complexity had hindered SMC usability. Previous practice involved integrating the SMC code into the application being designed, and this tight integration meant the code was not reusable without modification. The progress that has been made to date towards the selection of different schemes focuses solely on the two-party paradigm in a static set-up, and does not consider changing contexts. Contexts, for secure multiparty computation, include the number of participants, link latency, trust and security requirements such as broadcast, dishonest majority etc. Variable Interpretation is a concept we propose whereby specific domain constructs, such as multiparty computation descriptions, are explicitly removed from the application code and expressed in SMC domain representation. This mirrors current practice in presenting a language or API to hide SMC complexity, but extends it by allowing the interpretation of the SMC to be adapted to the context. It also decouples SMC from human co-ordination by introducing a rule-based dynamic negotiation of protocols. Experiments were carried out to validate the method, running a multiparty computation on a variable interpreter for SMC using different protocols in different contexts
- …