11,137 research outputs found
Secure and Scalable Circuit-based Protocol for Multi-Party Private Set Intersection
We propose a novel protocol for computing a circuit which implements the
multi-party private set intersection functionality (PSI). Circuit-based
approach has advantages over using custom protocols to achieve this task, since
many applications of PSI do not require the computation of the intersection
itself, but rather specific functional computations over the items in the
intersection.
Our protocol represents the pioneering circuit-based multi-party PSI
protocol, which builds upon and optimizes the two-party SCS
\cite{huang2012private} protocol. By using secure computation between two
parties, our protocol sidesteps the complexities associated with multi-party
interactions and demonstrates good scalability.
In order to mitigate the high overhead associated with circuit-based
constructions, we have further enhanced our protocol by utilizing simple
hashing scheme and permutation-based hash functions. These tricks have enabled
us to minimize circuit size by employing bucketing techniques while
simultaneously attaining noteworthy reductions in both computation and
communication expenses
Secure Multi-Party Computation In Practice
Secure multi-party computation (MPC) is a cryptographic primitive for computing on private data. MPC provides strong privacy guarantees, but practical adoption requires high-quality application design, software development, and resource management. This dissertation aims to identify and reduce barriers to practical deployment of MPC applications.
First, the dissertation evaluates the design, capabilities, and usability of eleven state-of-the-art MPC software frameworks. These frameworks are essential for prototyping MPC applications, but their qualities vary widely; the survey provides insight into their current abilities and limitations. A comprehensive online repository augments the survey, including complete build environments, sample programs, and additional documentation for each framework.
Second, the dissertation applies these lessons in two practical applications of MPC. The first addresses algorithms for assessing stability in financial networks, traditionally designed in a full-information model with a central regulator or data aggregator. This case study describes principles to transform two such algorithms into data-oblivious versions and benchmark their execution under MPC using three frameworks. The second aims to enable unlinkability of payments made with blockchain-based cryptocurrencies. This study uses MPC in conjunction with other privacy techniques to achieve unlinkability in payment channels. Together, these studies illuminate the limitations of existing software, develop guidelines for transforming non-private algorithms into versions suitable for execution under MPC, and illustrate the current practical feasibility of MPC as a solution to a wide variety of applications
A Shannon Approach to Secure Multi-party Computations
In secure multi-party computations (SMC), parties wish to compute a function
on their private data without revealing more information about their data than
what the function reveals. In this paper, we investigate two Shannon-type
questions on this problem. We first consider the traditional one-shot model for
SMC which does not assume a probabilistic prior on the data. In this model,
private communication and randomness are the key enablers to secure computing,
and we investigate a notion of randomness cost and capacity. We then move to a
probabilistic model for the data, and propose a Shannon model for discrete
memoryless SMC. In this model, correlations among data are the key enablers for
secure computing, and we investigate a notion of dependency which permits the
secure computation of a function. While the models and questions are general,
this paper focuses on summation functions, and relies on polar code
constructions
An Elementary Completeness Proof for Secure Two-Party Computation Primitives
In the secure two-party computation problem, two parties wish to compute a
(possibly randomized) function of their inputs via an interactive protocol,
while ensuring that neither party learns more than what can be inferred from
only their own input and output. For semi-honest parties and
information-theoretic security guarantees, it is well-known that, if only
noiseless communication is available, only a limited set of functions can be
securely computed; however, if interaction is also allowed over general
communication primitives (multi-input/output channels), there are "complete"
primitives that enable any function to be securely computed. The general set of
complete primitives was characterized recently by Maji, Prabhakaran, and
Rosulek leveraging an earlier specialized characterization by Kilian. Our
contribution in this paper is a simple, self-contained, alternative derivation
using elementary information-theoretic tools.Comment: 6 pages, extended version of ITW 2014 pape
Verifiable private multi-party computation: Ranging and ranking
Abstract—The existing work on distributed secure multi-party computation, e.g., set operations, dot product, ranking, focus on the privacy protection aspects, while the verifiability of user inputs and outcomes are neglected. Most of the existing works assume that the involved parties will follow the protocol honestly. In practice, a malicious adversary can easily forge his/her input values to achieve incorrect outcomes or simply lie about the computation results to cheat other parities. In this work, we focus on the problem of verifiable privacy preserving multi-party computation. We thoroughly analyze the attacks on existing privacy preserving multi-party computation approaches and design a series of protocols for dot product, ranging and ranking, which are proved to be privacy preserving and verifiable. We implement our protocols on laptops and mobile phones. The results show that our verifiable private computation protocols are efficient both in computation and communication
Scalable secure multi-party network vulnerability analysis via symbolic optimization
Threat propagation analysis is a valuable tool in improving the cyber resilience of enterprise networks. As
these networks are interconnected and threats can propagate not only within but also across networks, a holistic view of the entire network can reveal threat propagation trajectories unobservable from within a single enterprise. However, companies are reluctant to share internal vulnerability measurement data as it is highly sensitive and (if leaked) possibly damaging. Secure Multi-Party Computation (MPC) addresses this concern. MPC is a cryptographic technique that allows distrusting parties to compute analytics over their joint data while protecting its confidentiality. In this work we apply MPC to threat propagation analysis on large, federated networks. To address the prohibitively high performance cost of general-purpose MPC we develop two novel applications of optimizations that can be leveraged to execute many relevant graph algorithms under MPC more efficiently: (1) dividing the computation into separate stages such that the first stage is executed privately by each party without MPC and the second stage is an MPC computation dealing with a much smaller shared network, and (2) optimizing the second stage by
treating the execution of the analysis algorithm as a symbolic expression that can be optimized to reduce the number of costly operations and subsequently executed under MPC.We evaluate the scalability of this technique by analyzing the potential for threat propagation on examples of network graphs and propose several directions along which this work can be expanded
- …