530 research outputs found
Reuse It Or Lose It: More Efficient Secure Computation Through Reuse of Encrypted Values
Two-party secure function evaluation (SFE) has become significantly more
feasible, even on resource-constrained devices, because of advances in
server-aided computation systems. However, there are still bottlenecks,
particularly in the input validation stage of a computation. Moreover, SFE
research has not yet devoted sufficient attention to the important problem of
retaining state after a computation has been performed so that expensive
processing does not have to be repeated if a similar computation is done again.
This paper presents PartialGC, an SFE system that allows the reuse of encrypted
values generated during a garbled-circuit computation. We show that using
PartialGC can reduce computation time by as much as 96% and bandwidth by as
much as 98% in comparison with previous outsourcing schemes for secure
computation. We demonstrate the feasibility of our approach with two sets of
experiments, one in which the garbled circuit is evaluated on a mobile device
and one in which it is evaluated on a server. We also use PartialGC to build a
privacy-preserving "friend finder" application for Android. The reuse of
previous inputs to allow stateful evaluation represents a new way of looking at
SFE and further reduces computational barriers.Comment: 20 pages, shorter conference version published in Proceedings of the
2014 ACM SIGSAC Conference on Computer and Communications Security, Pages
582-596, ACM New York, NY, US
Raziel: Private and Verifiable Smart Contracts on Blockchains
Raziel combines secure multi-party computation and proof-carrying code to
provide privacy, correctness and verifiability guarantees for smart contracts
on blockchains. Effectively solving DAO and Gyges attacks, this paper describes
an implementation and presents examples to demonstrate its practical viability
(e.g., private and verifiable crowdfundings and investment funds).
Additionally, we show how to use Zero-Knowledge Proofs of Proofs (i.e.,
Proof-Carrying Code certificates) to prove the validity of smart contracts to
third parties before their execution without revealing anything else. Finally,
we show how miners could get rewarded for generating pre-processing data for
secure multi-party computation.Comment: Support: cothority/ByzCoin/OmniLedge
EXPLORING CONFIDENTIALITY AND PRIVACY OF IMAGE IN CLOUD COMPUTING
With the increasing popularity of cloud computing, clients are storing their data in cloud servers and are using “software as a service” for computing services. However, clients’ data may be sensitive, critical, and private, and processing such data with cloud servers may result in losing data privacy or compromising data confidentiality. Some cloud servers may be dishonest, while malicious entities may compromise others. In order to protect data privacy and confidentiality, clients need to be able to hide their actual data values and send the obfuscated values to cloud servers.
This thesis deals with the outsourcing of computing to cloud servers, in which clients’ images can be computed and stored. This thesis proposes a technique that obfuscates images before sending them to servers, so these servers can perform computations on images without knowing the actual images. The proposed technique is expected to ensure data privacy and confidentiality. Servers will not be able to identify an individual whose images are stored and manipulated by the server. In addition, our approach employs an obfuscating technique to maintain the confidentiality of images, allowing cloud servers to compute obfuscated data accurately without knowing the actual data value, thus supporting privacy and confidentiality.
The proposed approach is based on the Rabin block cipher technique, which has some weaknesses, however. The main drawback is its decryption technique, which results in four values, and only one of these values represents the actual value of plain data. Another issue is that the blocking technique requires a private key for each block that requires a high-computing effort; requiring one private key for each block of data demands that a great number of keys be stored by the client. As a result, it decreases the robustness of the Rabin block cipher.
This thesis proposes additional techniques to overcome some of the weaknesses of the Rabin block cipher by introducing some new features, such as tokenization, a digit counter, and a set of blocks. The new technique increases the privacy of data and decreases the computational complexity by requiring fewer private keys. The new features have been implemented in image processing in order to demonstrate their applicability. However, in order to apply our approach to images, we must first apply some preprocessing techniques on images to make them applicable to being obfuscated by our proposed obfuscating system
Chameleon: A Hybrid Secure Computation Framework for Machine Learning Applications
We present Chameleon, a novel hybrid (mixed-protocol) framework for secure
function evaluation (SFE) which enables two parties to jointly compute a
function without disclosing their private inputs. Chameleon combines the best
aspects of generic SFE protocols with the ones that are based upon additive
secret sharing. In particular, the framework performs linear operations in the
ring using additively secret shared values and nonlinear
operations using Yao's Garbled Circuits or the Goldreich-Micali-Wigderson
protocol. Chameleon departs from the common assumption of additive or linear
secret sharing models where three or more parties need to communicate in the
online phase: the framework allows two parties with private inputs to
communicate in the online phase under the assumption of a third node generating
correlated randomness in an offline phase. Almost all of the heavy
cryptographic operations are precomputed in an offline phase which
substantially reduces the communication overhead. Chameleon is both scalable
and significantly more efficient than the ABY framework (NDSS'15) it is based
on. Our framework supports signed fixed-point numbers. In particular,
Chameleon's vector dot product of signed fixed-point numbers improves the
efficiency of mining and classification of encrypted data for algorithms based
upon heavy matrix multiplications. Our evaluation of Chameleon on a 5 layer
convolutional deep neural network shows 133x and 4.2x faster executions than
Microsoft CryptoNets (ICML'16) and MiniONN (CCS'17), respectively
Systematizing Genome Privacy Research: A Privacy-Enhancing Technologies Perspective
Rapid advances in human genomics are enabling researchers to gain a better
understanding of the role of the genome in our health and well-being,
stimulating hope for more effective and cost efficient healthcare. However,
this also prompts a number of security and privacy concerns stemming from the
distinctive characteristics of genomic data. To address them, a new research
community has emerged and produced a large number of publications and
initiatives.
In this paper, we rely on a structured methodology to contextualize and
provide a critical analysis of the current knowledge on privacy-enhancing
technologies used for testing, storing, and sharing genomic data, using a
representative sample of the work published in the past decade. We identify and
discuss limitations, technical challenges, and issues faced by the community,
focusing in particular on those that are inherently tied to the nature of the
problem and are harder for the community alone to address. Finally, we report
on the importance and difficulty of the identified challenges based on an
online survey of genome data privacy expertsComment: To appear in the Proceedings on Privacy Enhancing Technologies
(PoPETs), Vol. 2019, Issue
Server-Aided Privacy-Preserving Proximity Testing
Proximity testing is at the core of many Location-Based online Services (LBS) which we use in our daily lives to order taxis, find places of interest nearby, connect with people. Currently, most such services expect a user to submit his location to them and trust the LBS not to abuse this information, and use it only to provide the service. Existing cases of such information being misused (e.g., by the LBS employees or criminals who breached its security) motivates the search for better solutions that would ensure the privacy of user data, and give users control of how their data is being used.In this thesis, we address this problem using cryptographic techniques. We propose three cryptographic protocols that allow two users to perform proximity testing (check if they are close enough to each other) with the help of two servers.In the papers 1 and 2, the servers are introduced in order to allow users not to be online at the same time: one user may submit their location to the servers and go offline, the other user coming online later and finishing proximity testing. The drastically improves the practicality of such protocols, since the mobile devices that users usually run may not always be online. We stress that the servers in these protocols merely aid the users in performing the proximity testing, and none of the servers can independently extract the user data.In the paper 3, we use the servers to offload the users\u27 computation and communication to. The servers here pre-generate correlated random data and send it to users, who can use it to perform a secure proximity testing protocol faster. Paper 3, together with the paper 2, are highly practical: they provide strong security guarantees and are suitable to be executed on resource-constrained mobile devices. In fact, the work of clients in these protocols is close to negligible as most of the work is done by servers
- …