3 research outputs found
Information-Theoretic Secure Outsourced Computation in Distributed Systems
Secure multi-party computation (secure MPC) has been established as the de facto paradigm for protecting privacy in distributed computation. One of the earliest secure MPC primitives is the Shamir\u27s secret sharing (SSS) scheme. SSS has many advantages over other popular secure MPC primitives like garbled circuits (GC) -- it provides information-theoretic security guarantee, requires no complex long-integer operations, and often leads to more efficient protocols. Nonetheless, SSS receives less attention in the signal processing community because SSS requires a larger number of honest participants, making it prone to collusion attacks. In this dissertation, I propose an agent-based computing framework using SSS to protect privacy in distributed signal processing. There are three main contributions to this dissertation. First, the proposed computing framework is shown to be significantly more efficient than GC. Second, a novel game-theoretical framework is proposed to analyze different types of collusion attacks. Third, using the proposed game-theoretical framework, specific mechanism designs are developed to deter collusion attacks in a fully distributed manner. Specifically, for a collusion attack with known detectors, I analyze it as games between secret owners and show that the attack can be effectively deterred by an explicit retaliation mechanism. For a general attack without detectors, I expand the scope of the game to include the computing agents and provide deterrence through deceptive collusion requests. The correctness and privacy of the protocols are proved under a covert adversarial model. Our experimental results demonstrate the efficiency of SSS-based protocols and the validity of our mechanism design
Cryptographic Shuffles and Their Applications
ํ์๋
ผ๋ฌธ (๋ฐ์ฌ)-- ์์ธ๋ํ๊ต ๋ํ์ : ์๋ฆฌ๊ณผํ๋ถ, 2012. 8. ์ฒ์ ํฌ.For anonymization purposes, one can use a mix-net.
A mix-net is a multi-party protocol to
shuffle elements so that neither of the parties knows the permutation linking the
input and output.
One way to construct
a mix-net is to let a set of mixers, so called mix-servers, take turns in permuting and re-encrypting or
decrypting the inputs. If at least one of the mixers is honest, the input data and
the output data can no longer be linked.
In this role, shuffling
constitutes an important building block in anonymization protocols and voting
schemes.
The problem is that
the standard shuffle requires anyone who shuffles the input messages
to keep his random permutation and randomizers secret.
The assumption of a party keeping the secret information
may be in some ways quite strong.
Secondly, for this anonymization guarantee to
hold we do need to ensure that all mixers act according to the protocol.
In general, zero-knowledge proofs (ZKPs) are used for this purpose.
However, ZKPs requires the expensive cost in the light of
computation and communication.
In TCC 2007, Adida and Wikstr\"{o}m proposed a novel approach to
shuffle, called a public shuffle,
in which a shuffler can perform shuffle publicly without needing information kept secret.
Their scheme uses an encrypted permutation matrix to shuffle
ciphertexts publicly.
This approach significantly reduces the cost of constructing a mix-net
to verifiable joint decryption. Though their method is successful in making
shuffle to be a public operation, their scheme
still requires that some trusted parties should choose a permutation
to be encrypted and construct zero-knowledge proofs on the
well-formedness of this permutation.
In this dissertation, we study a method to construct a public shuffle
without relying on permutations generated privately: Given an
-tuple of ciphertext , our shuffle algorithm
computes for where each
is a symmetric polynomial in .
Depending on the symmetric polynomials we use, we propose two concrete constructions.
One is to use ring homomorphic encryption with a constant ciphertext
complexity and the other is to use simple ElGamal encryption with a
linear ciphertext complexity in the number of users. Both
constructions are free of zero-knowledge proofs and publicly
verifiable.Abstract i
1 Introduction 1
1.1 ABriefHistoryofShuffles .................... 1
1.2 WhyShufflinginPublicHard?.................. 2
1.3 CryptographicShuffleSchemes.................. 4
1.4 ContributionsofThisWork ................... 6
1.4.1 OurDefinitionalApproach................ 6
1.4.2 OurConstructions .................... 6
1.5 Organization ........................... 8
2 Preliminaries 9
2.1 Basics ............................... 9
2.2 PublicKeyEncryption...................... 10
2.2.1 IND-CPASecurity .................... 11
2.2.2 IND-CCASecurity .................... 14
2.3 HomomorphicPublic-keyEncryption . . . . . . . . . . . . . . 15
2.4 Zero-KnowledgeProofs...................... 18
2.4.1 Zero-KnowledgeVariants................. 19
2.4.2 ProofofKnowledge.................... 20
2.5 Public-KeyObfuscation ..................... 21
3 Verifiable Secret Shuffles: A Review 24
3.1 Introduction............................ 24
3.2 NotationandDefinitions..................... 25
3.3 Security .............................. 27
3.3.1 VerifiabilityforSecretShuffles.............. 27
3.3.2 UnlinkabilityExperiments ................ 28
3.4 SelectedPriorWork ....................... 29
3.4.1 Furukawa-SakoProtocol ................. 30
3.4.2 GrothProtocol ...................... 31
3.5 PublicShuffleswithPrivatePermutation . . . . . . . . . . . . 33
3.5.1 Introduction........................ 33
3.5.2 AdidaandWikstro ฬmProtocol.............. 33
4 Verifiable Public Shuffles 36
4.1 Introduction............................ 36
4.2 GeneralizedShuffle ........................ 38
4.2.1 SyntaxofGeneralizedShuffle .............. 38
4.2.2 SecurityModel ...................... 39
4.2.3 CryptographicAssumption................ 43
4.3 Constructions from Ring Homomorphic Encryption . . . . . . 44
4.3.1 Construction from (n,nโ1)-E . . . . . . . . . . 44
4.3.2 Construction from (1,n)-E ................ 45
4.4 Constructions from Group Homomorphic Encryption . . . . . 47 4.4.1 BuildingBlocks...................... 47
4.4.2 A Generalized Public Shuffle Scheme Based on Poly- nomialFactorization ................... 50
4.4.3 A Generalized Public Shuffle Scheme Based on Integer Factorization ....................... 58
5 Conclusion and Further Work 63
Abstract (in Korean) 72
Acknowledgement (in Korean) 74Docto
An Approach to Guide Users Towards Less Revealing Internet Browsers
When browsing the Internet, HTTP headers enable both clients and servers send extra data in their requests or responses such as the User-Agent string. This string contains information related to the senderโs device, browser, and operating system. Previous research has shown that there are numerous privacy and security risks result from exposing sensitive information in the User-Agent string. For example, it enables device and browser fingerprinting and user tracking and identification. Our large analysis of thousands of User-Agent strings shows that browsers differ tremendously in the amount of information they include in their User-Agent strings. As such, our work aims at guiding users towards using less exposing browsers. In doing so, we propose to assign an exposure score to browsers based on the information they expose and vulnerability records. Thus, our contribution in this work is as follows: first, provide a full implementation that is ready to be deployed and used by users. Second, conduct a user study to identify the effectiveness and limitations of our proposed approach. Our implementation is based on using more than 52 thousand unique browsers. Our performance and validation analysis show that our solution is accurate and efficient. The source code and data set are publicly available and the solution has been deployed