Cloud-based Quadratic Optimization with Partially Homomorphic Encryption

The development of large-scale distributed control systems has led to the outsourcing of costly computations to cloud-computing platforms, as well as to concerns about privacy of the collected sensitive data. This paper develops a cloud-based protocol for a quadratic optimization problem involving multiple parties, each holding information it seeks to maintain private. The protocol is based on the projected gradient ascent on the Lagrange dual problem and exploits partially homomorphic encryption and secure multi-party computation techniques. Using formal cryptographic definitions of indistinguishability, the protocol is shown to achieve computational privacy, i.e., there is no computationally efficient algorithm that any involved party can employ to obtain private information beyond what can be inferred from the party's inputs and outputs only. In order to reduce the communication complexity of the proposed protocol, we introduced a variant that achieves this objective at the expense of weaker privacy guarantees. We discuss in detail the computational and communication complexity properties of both algorithms theoretically and also through implementations. We conclude the paper with a discussion on computational privacy and other notions of privacy such as the non-unique retrieval of the private information from the protocol outputs

Cloud-Based Quadratic Optimization with Partially Homomorphic Encryption

This article develops a cloud-based protocol for a constrained quadratic optimization problem involving multiple parties, each holding private data. The protocol is based on the projected gradient ascent on the Lagrange dual problem and exploits partially homomorphic encryption and secure communication techniques. Using formal cryptographic definitions of indistinguishability, the protocol is shown to achieve computational privacy. We show the implementation results of the protocol and discuss its computational and communication complexity. We conclude this article with a discussion on privacy notions

Secure Integer Comparisons Using the Homomorphic Properties of Prime Power Subgroups

Secure multi party computation allows two or more parties to jointly compute a function under encryption without leaking information about their private inputs. These secure computations are vital in many fields including law enforcement, secure voting and bioinformatics because the privacy of the information is of paramount importance. One common reference problem for secure multi party computation is the Millionaires\u27 problem which was first introduced by Turing Award winner Yao in his paper Protocols for secure computation . The Millionaires\u27 problem considers two millionaires who want to know who is richer without disclosing their actual worth. There are public-key cryptosystems that currently solve this problem, however they use bitwise decomposition and Boolean algebra on encrypted bits. This type of solution is costly as it requires each bit requires its own encryption and decryption. Our solution to the Millionaires\u27 problem and secure integer comparison looks at a new approach which doesn\u27t use the decomposition method and instead encrypts the full length of the message in one encryption (within scope). This method also extends in a linear fashion, so larger integers remain efficient to compare. In this thesis, we present a new cryptosystem with a novel homomorphic property used for secure integer comparison, as well as a protocol implementing the cryptosystem and a simulation security proof for the protocol. Finally, we implemented the system and compared it to systems that are being used today

cuXCMP: CUDA-Accelerated Private Comparison Based on Homomorphic Encryption

Private comparison schemes constructed on homomorphic encryption offer the noninteractive, output expressive and parallelizable features, and have advantages in communication bandwidth and performance. In this paper, we propose cuXCMP, which allows negative and float inputs, offers fully output expressive feature, and is more extensible and practical compared to XCMP (AsiaCCS 2018). Meanwhile, we introduce several memory-centric optimizations of the constant term extraction kernel tailored for CUDA-enabled GPUs. Firstly, we fully utilize the shared memory and present compact GPU implementations of NTT and INTT using a single block; Secondly, we fuse multiple kernels into one AKS kernel, which conducts the automorphism and key switching operation, and reduce the grid dimension for better resource usage, data access rate and synchronization. Thirdly, we precisely measure the IO latency and choose an appropriate number of CUDA streams to enable concurrent execution of independent operations, yielding a constant term extraction kernel with perfect latency hide, i.e., CTX. Combining these approaches, we boost the overall execution time to optimum level and the speedup ratio increases with the comparison scales. For one comparison, we speedup the AKS by 23.71×, CTX by 15.58×, and scheme by 1.83× (resp., 18.29×, 11.75×, and 1.42×) compared to C (resp., AVX512) baselines, respectively. For 32 comparisons, our CTX and scheme implementations outperform the C (resp., AVX512) baselines by 112.00× and 1.99× (resp., 81.53× and 1.51×)

Comparison-Based MPC in Star Topology (Full Version)

With the large amount of data generated nowadays, analysis of this data has become eminent. Since a vast amount of this data is private, it is also important that the analysis is done in a secure manner. Comparison-based functions are commonly used in data analysis. These functions use the comparison operation as the basis. Secure computation of such functions have been discussed for median by Aggarwal et al. (EUROCRYPT\u2704) and for convex hull by Shelat and Venkitasubramaniam (ASIACRYPT\u2715). In this paper, we present a generic protocol for the secure computation of comparison-based functions. In order to scale to a large number of participants, we propose this protocol in a star topology with an aim to reduce the communication complexity. We also present a protocol for one specific comparison-based function, the $k^{th}$ ranked element. The construction of one of our protocols leaks some intermediate values but does not reveal information about an individual party\u27s inputs. We demonstrate that our protocol offers better performance than the protocol for $k^{th}$ ranked element by Tueno et. al. (FC\u2720) by providing an implementation

동형암호를 이용한 안전한 연산

학위논문 (박사)-- 서울대학교 대학원 자연과학대학 수리과학부, 2017. 8. 천정희.(Fully) Homomorphic encryption (FHE, HE) is one of the natural and powerful tools for ensuring privacy of sensitive data since it enables to handle ciphertexts without decryption and thus allow complicated computations on the encrypted data. Due to this property, homomorphic encryption can be applied to many scenarios in the real life, especially, databases. Until now, most of homomorphic encryption schemes restrict a plaintext space as an integer and thus numeric data should be represented by integers. However, there are many applications working in the real number system that operate on very sensitive information, for example, user's location information and patient's medical information. Usually, these information can be represented by the real numbers and thus it should be encoded into the integers. The general decimal representation requires \emph{quite large} plaintext space and a polynomial representation also requires a \emph{higher degree} of polynomials, which has a bad influence to the performance of FHE scheme. In this thesis, we employ continued fraction to represent real numbers and to alleviate this inefficiency. With continued fraction, real numbers can be represented by a set of \emph{quite small} integers and it makes performance improvement than other encoding techniques. Moreover, we can develop a set of algorithms and circuits using continued fraction for the following operations: homomorphic integer division, equality circuit and comparison circuits over the real numbers. First, we suggest an algorithm for homomorphic integer division using continued fraction and restoring division algorithm. Since the integer is not closed under the division, the most of homomorphic encryption schemes cannot support the division, however, we suggest a transformation from rational numbers to continued fractions being encrypted and it allows to divide two encrypted integers. Further, we can evaluate a polynomial whose coefficients are in the rational numbers. Second, we describe comparison circuits over the encrypted real numbers including equality circuits. Since comparing two continued fraction is also easy as much as comparing two decimal numbers, we can build \emph{more efficient} comparison circuits while maintaining the small message space utilizing the homomorphic comparison circuits over the integers. With our efficient comparison circuits, we can apply to the real-type database which indicates each numeric data is represented by the real numbers and our circuits enable to sorting and private database queries such as retrieval queries and aggregate queries, which makes database useful. Finally, we present a proof of correct decryption in a single party homomorphic encryption. Although a server evaluates some polynomial being encrypted, the server cannot know any information about the result. Thus, if a server is interested in the result, a data owner returns the decryption result. The problem is that the server should believe the data owner at this time because the data owner can manipulate the decryption result and the server cannot recognize it. We prevent this situation by utilizing one-time message authentication code. Moreover, this technique can be applied to many scenarios, especially, a protocol for authentication of biometrics.1 Introduction 1 1.1 Overview and Contributions 2 1.1.1 Homomorphic Integer Division 2 1.1.2 Homomorphic Comparisons over the Real Numbers 4 1.1.3 Integrity of Homomorphic Evaluations 6 2 Preliminaries 9 2.1 Notation 9 2.2 Continued Fraction 9 2.3 Homomorphic Encryption 14 2.4 Homomorphic Comparisons over the Integers 16 2.4.1 Equality Circuit over the Integers 16 2.4.2 Greater-Than and Less-Than Circuits over the Integers 17 2.5 Fuzzy Extractor 18 2.5.1 Reusable Fuzzy Extractor 19 3 Algorithms for Homomorphic Integer Division 22 3.1 Overview and RelatedWorks 22 3.2 Restoring Division Algorithm 24 3.3 Homomorphic Integer Division 27 3.3.1 Algorithm 28 3.3.2 Efficiency 29 3.4 Homomorphic Arithmetics over the Polynomials 31 3.4.1 Description 31 4 Algorithms for Homomorphic Comparisons over the Real Numbers 33 4.1 Overview and Related Works 33 4.2 Comparing Two Continued Fractions 37 4.2.1 Our Idea: Comparing Two CFs in the Clear 37 4.3 EqualityCircuit 39 4.3.1 Construction 40 4.3.2 Complexity 40 4.4 Greater-Than and Less-Than 41 4.4.1 Construction 41 4.4.2 Complexity 42 4.5 Implementation 44 4.5.1 Environment 44 4.5.2 Scheme Parameters 45 4.5.3 Experimental Results and Comparisons 46 4.6 Applications to Database Service 48 4.6.1 Sorting 48 4.6.2 Private Database Queries 49 5 Algorithms for Integrity-based Homomorphic Evaluations 54 5.1 Overview and RelatedWorks 54 5.2 Models and Settings 57 5.2.1 System Model and Participants 57 5.2.2 Threat Model 57 5.2.3 Security Model 58 5.3 Integrity of Homomorphic Evaluations 59 5.3.1 Message Authentication Code 59 5.3.2 Protocol Constructions 60 5.3.3 Security Proof 63 5.4 Application to Biometric Authentication 72 5.4.1 How Ghostshell Works 72 5.4.2 Analysis 73 5.4.3 Optimization 74 5.5 Implementation 79 5.5.1 Micro-experiments 80 5.6 Reusable Fuzzy Extractor for the Hamming Distance 83 5.6.1 Insecurity of Previous Reusable Fuzzy Extractor 84 5.6.2 Revising Reusable Fuzzy Extractor 85 5.6.3 Revising Idea 86 5.6.4 Our Construction 87 5.6.5 Analyisis 88 6 Conclusion 90 Abstract (in Korean) 100Docto

Performance comparison of secure comparison protocols

Secure multiparty computation (SMC) has gained tremendous importance with the growth of the Internet and e-commerce, where mutually untrusted parties need to jointly compute a function of their private inputs. However, SMC protocols usually have very high computational complexities, rendering them practically unusable. In this paper, we tackle the problem of comparing two input values in a secure distributed fashion. We propose efficient secure comparison protocols for both the homomorphic encryption and secret sharing schemes. We also give experimental results to show their practical relevance

Performance comparison of secure comparison protocols

Secure multiparty computation (SMC) has gained tremendous importance with the growth of the Internet and e-commerce, where mutually untrusted parties need to jointly compute a function of their private inputs. However, SMC protocols usually have very high computational complexities, rendering them practically unusable. In this paper, we tackle the problem of comparing two input values in a secure distributed fashion. We propose efficient secure comparison protocols for both the homomorphic encryption and secret sharing schemes. We also give experimental results to show their practical relevance