31 research outputs found
PS-TRUST: Provably Secure Solution for Truthful Double Spectrum Auctions
Truthful spectrum auctions have been extensively studied in recent years.
Truthfulness makes bidders bid their true valuations, simplifying greatly the
analysis of auctions. However, revealing one's true valuation causes severe
privacy disclosure to the auctioneer and other bidders. To make things worse,
previous work on secure spectrum auctions does not provide adequate security.
In this paper, based on TRUST, we propose PS-TRUST, a provably secure solution
for truthful double spectrum auctions. Besides maintaining the properties of
truthfulness and special spectrum reuse of TRUST, PS-TRUST achieves provable
security against semi-honest adversaries in the sense of cryptography.
Specifically, PS-TRUST reveals nothing about the bids to anyone in the auction,
except the auction result. To the best of our knowledge, PS-TRUST is the first
provably secure solution for spectrum auctions. Furthermore, experimental
results show that the computation and communication overhead of PS-TRUST is
modest, and its practical applications are feasible.Comment: 9 pages, 4 figures, submitted to Infocom 201
Computer-aided proofs for multiparty computation with active security
Secure multi-party computation (MPC) is a general cryptographic technique
that allows distrusting parties to compute a function of their individual
inputs, while only revealing the output of the function. It has found
applications in areas such as auctioning, email filtering, and secure
teleconference. Given its importance, it is crucial that the protocols are
specified and implemented correctly. In the programming language community it
has become good practice to use computer proof assistants to verify correctness
proofs. In the field of cryptography, EasyCrypt is the state of the art proof
assistant. It provides an embedded language for probabilistic programming,
together with a specialized logic, embedded into an ambient general purpose
higher-order logic. It allows us to conveniently express cryptographic
properties. EasyCrypt has been used successfully on many applications,
including public-key encryption, signatures, garbled circuits and differential
privacy. Here we show for the first time that it can also be used to prove
security of MPC against a malicious adversary. We formalize additive and
replicated secret sharing schemes and apply them to Maurer's MPC protocol for
secure addition and multiplication. Our method extends to general polynomial
functions. We follow the insights from EasyCrypt that security proofs can be
often be reduced to proofs about program equivalence, a topic that is well
understood in the verification of programming languages. In particular, we show
that in the passive case the non-interference-based definition is equivalent to
a standard game-based security definition. For the active case we provide a new
NI definition, which we call input independence
Protocols for Authenticated Oblivious Transfer
Oblivious transfer (OT) is a basic building block in many cryptographic protocols. In this paper, we exploit some well-known authenticated Diffie-Hellman-based key exchange protocols to build three authenticated 1-out-of-2 oblivious transfers. We show that our proposed protocols are secure in the semi-honest model. We also compare our schemes with three similar 1-out-of-2 OT protocols and show that authentication in our schemes costs only up to either two more exponentiations or one message signing, compared to those with no authentication
Systematizing Genome Privacy Research: A Privacy-Enhancing Technologies Perspective
Rapid advances in human genomics are enabling researchers to gain a better
understanding of the role of the genome in our health and well-being,
stimulating hope for more effective and cost efficient healthcare. However,
this also prompts a number of security and privacy concerns stemming from the
distinctive characteristics of genomic data. To address them, a new research
community has emerged and produced a large number of publications and
initiatives.
In this paper, we rely on a structured methodology to contextualize and
provide a critical analysis of the current knowledge on privacy-enhancing
technologies used for testing, storing, and sharing genomic data, using a
representative sample of the work published in the past decade. We identify and
discuss limitations, technical challenges, and issues faced by the community,
focusing in particular on those that are inherently tied to the nature of the
problem and are harder for the community alone to address. Finally, we report
on the importance and difficulty of the identified challenges based on an
online survey of genome data privacy expertsComment: To appear in the Proceedings on Privacy Enhancing Technologies
(PoPETs), Vol. 2019, Issue
Privacy preserving distributed optimization using homomorphic encryption
This paper studies how a system operator and a set of agents securely execute
a distributed projected gradient-based algorithm. In particular, each
participant holds a set of problem coefficients and/or states whose values are
private to the data owner. The concerned problem raises two questions: how to
securely compute given functions; and which functions should be computed in the
first place. For the first question, by using the techniques of homomorphic
encryption, we propose novel algorithms which can achieve secure multiparty
computation with perfect correctness. For the second question, we identify a
class of functions which can be securely computed. The correctness and
computational efficiency of the proposed algorithms are verified by two case
studies of power systems, one on a demand response problem and the other on an
optimal power flow problem.Comment: 24 pages, 5 figures, journa