12 research outputs found
On the Composability of Statistically Secure Random Oblivious Transfer
We show that random oblivious transfer protocols that are statistically secure according to a definition based on a list of information-theoretical properties are also statistically universally composable. That is, they are simulatable secure with an unlimited adversary, an unlimited simulator, and an unlimited environment machine. Our result implies that several previous oblivious transfer protocols in the literature that were proven secure under weaker, non-composable definitions of security can actually be used in arbitrary statistically secure applications without lowering the security
Fast Privacy-Preserving Text Classification based on Secure Multiparty Computation
We propose a privacy-preserving Naive Bayes classifier and apply it to the
problem of private text classification. In this setting, a party (Alice) holds
a text message, while another party (Bob) holds a classifier. At the end of the
protocol, Alice will only learn the result of the classifier applied to her
text input and Bob learns nothing. Our solution is based on Secure Multiparty
Computation (SMC). Our Rust implementation provides a fast and secure solution
for the classification of unstructured text. Applying our solution to the case
of spam detection (the solution is generic, and can be used in any other
scenario in which the Naive Bayes classifier can be employed), we can classify
an SMS as spam or ham in less than 340ms in the case where the dictionary size
of Bob's model includes all words (n = 5200) and Alice's SMS has at most m =
160 unigrams. In the case with n = 369 and m = 8 (the average of a spam SMS in
the database), our solution takes only 21ms
Constant Query Local Decoding Against Deletions Is Impossible
Locally decodable codes (LDC's) are error-correcting codes that allow
recovery of individual message indices by accessing only a constant number of
codeword indices. For substitution errors, it is evident that LDC's exist --
Hadamard codes are examples of -query LDC's. Research on this front has
focused on finding the optimal encoding length for LDC's, for which there is a
nearly exponential gap between the best lower bounds and constructions.
Ostrovsky and Paskin-Cherniavsky (ICITS 2015) introduced the notion of local
decoding to the insertion and deletion setting. In this context, it is not
clear whether constant query LDC's exist at all. Indeed, in contrast to the
classical setting, Block et al. conjecture that they do not exist. Blocki et
al. (FOCS 2021) make progress towards this conjecture, proving that any
potential code must have at least exponential encoding length.
Our work definitively resolves the conjecture and shows that constant query
LDC's do not exist in the insertion/deletion (or even deletion-only) setting.
Using a reduction shown by Blocki et al., this also implies that constant query
locally correctable codes do not exist in this setting
Privacy-Preserving Classification of Personal Text Messages with Secure Multi-Party Computation: An Application to Hate-Speech Detection
Classification of personal text messages has many useful applications in surveillance, e-commerce, and mental health care, to name a few. Giving applications access to personal texts can easily lead to (un)intentional privacy violations. We propose the first privacy-preserving solution for text classification that is provably secure. Our method, which is based on Secure Multiparty Computation (SMC), encompasses both feature extraction from texts, and subsequent classification with logistic regression and tree ensembles. We prove that when using our secure text classification method, the application does not learn anything about the text, and the author of the text does not learn anything about the text classification model used by the application beyond what is given by the classification result itself. We perform end-to-end experiments with an application for detecting hate speech against women and immigrants, demonstrating excellent runtime results without loss of accuracy
On the Price of Proactivizing Round-Optimal Perfectly Secret Message Transmission
In a network of nodes (modelled as a digraph), the goal of a perfectly secret message transmission (PSMT) protocol is to replicate sender\u27s message at the receiver\u27s end without revealing any information about to a computationally unbounded adversary that eavesdrops on any nodes. The adversary may be mobile too -- that is, it may eavesdrop on a different set of nodes in different rounds. We prove a necessary and sufficient condition on the synchronous network for the existence of -round PSMT protocols, for any given ; further, we show that round-optimality is achieved without trading-off the communication complexity; specifically, our protocols have an overall communication complexity of elements of a finite field to perfectly transmit one field element. Apart from optimality/scalability, two interesting implications of our results are: (a) adversarial mobility does not affect its tolerability: PSMT tolerating a static -adversary is possible if and only if PSMT tolerating mobile -adversary is possible; and (b) mobility does not affect the round optimality: the fastest PSMT protocol tolerating a static -adversary is not faster than the one tolerating a mobile -adversary
Leakage-Resilient and Misuse-Resistant Authenticated Encryption
Leakage-resilience and misuse-resistance are two important properties for the deployment of authenticated encryption schemes. They aim at mitigating the impact of implementation flaws due to side-channel leakages and misused randomness. In this paper, we discuss their interactions and incompatibilities.
For this purpose, we first show a generic composition mode of a MAC with an encryption scheme that leads to a misuse-resistant authenticated encryption scheme, and also show that misuse-resistance does not hold anymore in the presence of leakages, even when relying on leakage-resilient MACs and encryption schemes.
Next, we argue that full misuse-resistance with leakage may be impossible to achieve with simple primitives such as hash functions and block ciphers. As a result, we formalize a new security notion of ciphertext integrity with misuse and leakage, which seems to be the best that can be achieved in a symmetric cryptographic setting, and describe first efficient constructions satisfying it
Cryptography Based on Correlated Data: Foundations and Practice
Correlated data can be very useful in cryptography. For instance, if a uniformly random key is available to Alice and Bob, it can be used as an one-time pad to transmit a message with perfect security. With more elaborate forms of correlated data, the parties can achieve even more complex cryptographic tasks, such as secure multiparty computation. This thesis explores (from both a theoretical and a practical point of view) the topic of cryptography based on correlated data