23,479 research outputs found
Interactive Channel Capacity Revisited
We provide the first capacity approaching coding schemes that robustly
simulate any interactive protocol over an adversarial channel that corrupts any
fraction of the transmitted symbols. Our coding schemes achieve a
communication rate of over any
adversarial channel. This can be improved to for
random, oblivious, and computationally bounded channels, or if parties have
shared randomness unknown to the channel.
Surprisingly, these rates exceed the interactive channel capacity bound
which [Kol and Raz; STOC'13] recently proved for random errors. We conjecture
and to be the optimal rates for their respective settings
and therefore to capture the interactive channel capacity for random and
adversarial errors.
In addition to being very communication efficient, our randomized coding
schemes have multiple other advantages. They are computationally efficient,
extremely natural, and significantly simpler than prior (non-capacity
approaching) schemes. In particular, our protocols do not employ any coding but
allow the original protocol to be performed as-is, interspersed only by short
exchanges of hash values. When hash values do not match, the parties backtrack.
Our approach is, as we feel, by far the simplest and most natural explanation
for why and how robust interactive communication in a noisy environment is
possible
SANNS: Scaling Up Secure Approximate k-Nearest Neighbors Search
The -Nearest Neighbor Search (-NNS) is the backbone of several
cloud-based services such as recommender systems, face recognition, and
database search on text and images. In these services, the client sends the
query to the cloud server and receives the response in which case the query and
response are revealed to the service provider. Such data disclosures are
unacceptable in several scenarios due to the sensitivity of data and/or privacy
laws.
In this paper, we introduce SANNS, a system for secure -NNS that keeps
client's query and the search result confidential. SANNS comprises two
protocols: an optimized linear scan and a protocol based on a novel sublinear
time clustering-based algorithm. We prove the security of both protocols in the
standard semi-honest model. The protocols are built upon several
state-of-the-art cryptographic primitives such as lattice-based additively
homomorphic encryption, distributed oblivious RAM, and garbled circuits. We
provide several contributions to each of these primitives which are applicable
to other secure computation tasks. Both of our protocols rely on a new circuit
for the approximate top- selection from numbers that is built from comparators.
We have implemented our proposed system and performed extensive experimental
results on four datasets in two different computation environments,
demonstrating more than faster response time compared to
optimally implemented protocols from the prior work. Moreover, SANNS is the
first work that scales to the database of 10 million entries, pushing the limit
by more than two orders of magnitude.Comment: 18 pages, to appear at USENIX Security Symposium 202
When private set intersection meets big data : an efficient and scalable protocol
Large scale data processing brings new challenges to the design of privacy-preserving protocols: how to meet the increasing requirements of speed and throughput of modern applications, and how to scale up smoothly when data being protected is big. Efficiency and scalability become critical criteria for privacy preserving protocols in the age of Big Data. In this paper, we present a new Private Set Intersection (PSI) protocol that is extremely efficient and highly scalable compared with existing protocols. The protocol is based on a novel approach that we call oblivious Bloom intersection. It has linear complexity and relies mostly on efficient symmetric key operations. It has high scalability due to the fact that most operations can be parallelized easily. The protocol has two versions: a basic protocol and an enhanced protocol, the security of the two variants is analyzed and proved in the semi-honest model and the malicious model respectively. A prototype of the basic protocol has been built. We report the result of performance evaluation and compare it against the two previously fastest PSI protocols. Our protocol is orders of magnitude faster than these two protocols. To compute the intersection of two million-element sets, our protocol needs only 41 seconds (80-bit security) and 339 seconds (256-bit security) on moderate hardware in parallel mode
A Framework for Efficient Adaptively Secure Composable Oblivious Transfer in the ROM
Oblivious Transfer (OT) is a fundamental cryptographic protocol that finds a
number of applications, in particular, as an essential building block for
two-party and multi-party computation. We construct a round-optimal (2 rounds)
universally composable (UC) protocol for oblivious transfer secure against
active adaptive adversaries from any OW-CPA secure public-key encryption scheme
with certain properties in the random oracle model (ROM). In terms of
computation, our protocol only requires the generation of a public/secret-key
pair, two encryption operations and one decryption operation, apart from a few
calls to the random oracle. In~terms of communication, our protocol only
requires the transfer of one public-key, two ciphertexts, and three binary
strings of roughly the same size as the message. Next, we show how to
instantiate our construction under the low noise LPN, McEliece, QC-MDPC, LWE,
and CDH assumptions. Our instantiations based on the low noise LPN, McEliece,
and QC-MDPC assumptions are the first UC-secure OT protocols based on coding
assumptions to achieve: 1) adaptive security, 2) optimal round complexity, 3)
low communication and computational complexities. Previous results in this
setting only achieved static security and used costly cut-and-choose
techniques.Our instantiation based on CDH achieves adaptive security at the
small cost of communicating only two more group elements as compared to the
gap-DH based Simplest OT protocol of Chou and Orlandi (Latincrypt 15), which
only achieves static security in the ROM
Cloud-based Quadratic Optimization with Partially Homomorphic Encryption
The development of large-scale distributed control systems has led to the
outsourcing of costly computations to cloud-computing platforms, as well as to
concerns about privacy of the collected sensitive data. This paper develops a
cloud-based protocol for a quadratic optimization problem involving multiple
parties, each holding information it seeks to maintain private. The protocol is
based on the projected gradient ascent on the Lagrange dual problem and
exploits partially homomorphic encryption and secure multi-party computation
techniques. Using formal cryptographic definitions of indistinguishability, the
protocol is shown to achieve computational privacy, i.e., there is no
computationally efficient algorithm that any involved party can employ to
obtain private information beyond what can be inferred from the party's inputs
and outputs only. In order to reduce the communication complexity of the
proposed protocol, we introduced a variant that achieves this objective at the
expense of weaker privacy guarantees. We discuss in detail the computational
and communication complexity properties of both algorithms theoretically and
also through implementations. We conclude the paper with a discussion on
computational privacy and other notions of privacy such as the non-unique
retrieval of the private information from the protocol outputs
How to Incentivize Data-Driven Collaboration Among Competing Parties
The availability of vast amounts of data is changing how we can make medical
discoveries, predict global market trends, save energy, and develop educational
strategies. In some settings such as Genome Wide Association Studies or deep
learning, sheer size of data seems critical. When data is held distributedly by
many parties, they must share it to reap its full benefits.
One obstacle to this revolution is the lack of willingness of different
parties to share data, due to reasons such as loss of privacy or competitive
edge. Cryptographic works address privacy aspects, but shed no light on
individual parties' losses/gains when access to data carries tangible rewards.
Even if it is clear that better overall conclusions can be drawn from
collaboration, are individual collaborators better off by collaborating?
Addressing this question is the topic of this paper.
* We formalize a model of n-party collaboration for computing functions over
private inputs in which participants receive their outputs in sequence, and the
order depends on their private inputs. Each output "improves" on preceding
outputs according to a score function.
* We say a mechanism for collaboration achieves collaborative equilibrium if
it ensures higher reward for all participants when collaborating (rather than
working alone). We show that in general, computing a collaborative equilibrium
is NP-complete, yet we design efficient algorithms to compute it in a range of
natural model settings.
Our collaboration mechanisms are in the standard model, and thus require a
central trusted party; however, we show this assumption is unnecessary under
standard cryptographic assumptions. We show how to implement the mechanisms in
a decentralized way with new extensions of secure multiparty computation that
impose order/timing constraints on output delivery to different players, as
well as privacy and correctness
- …