291 research outputs found
ExTRUST: Reducing Exploit Stockpiles with a Privacy-Preserving Depletion System for Inter-State Relationships
Cyberspace is a fragile construct threatened by malicious cyber operations of
different actors, with vulnerabilities in IT hardware and software forming the
basis for such activities, thus also posing a threat to global IT security.
Advancements in the field of artificial intelligence accelerate this
development, either with artificial intelligence enabled cyber weapons,
automated cyber defense measures, or artificial intelligence-based threat and
vulnerability detection. Especially state actors, with their long-term
strategic security interests, often stockpile such knowledge of vulnerabilities
and exploits to enable their military or intelligence service cyberspace
operations. While treaties and regulations to limit these developments and to
enhance global IT security by disclosing vulnerabilities are currently being
discussed on the international level, these efforts are hindered by state
concerns about the disclosure of unique knowledge and about giving up tactical
advantages. This leads to a situation where multiple states are likely to
stockpile at least some identical exploits, with technical measures to enable a
depletion process for these stockpiles that preserve state secrecy interests
and consider the special constraints of interacting states as well as the
requirements within such environments being non-existent. This paper proposes
such a privacy-preserving approach that allows multiple state parties to
privately compare their stock of vulnerabilities and exploits to check for
items that occur in multiple stockpiles without revealing them so that their
disclosure can be considered. We call our system ExTRUST and show that it is
scalable and can withstand several attack scenarios. Beyond the
intergovernmental setting, ExTRUST can also be used for other zero-trust use
cases, such as bug-bounty programs.Comment: 16 pages, 3 figures, IEEE Transactions on Technology and Societ
Implementation of a Secure Multiparty Computation Protocol
Secure multiparty computation (SMC) allows a set of parties to jointly compute a function on private inputs such that, they learn only the output of the function, and the correctness of the output is guaranteed even when a subset of the parties is controlled by an adversary. SMC allows data to be kept in an uncompromisable form and still be useful, and it also gives new meaning to data ownership, allowing data to be shared in a useful way while retaining its privacy. Thus, applications of SMC hold promise for addressing some of the security issues information-driven societies struggle with.
In this thesis, we implement two SMC protocols. Our primary objective is to gain a solid understanding of the basic concepts related to SMC. We present a brief survey of the field, with focus on SMC based on secret sharing. In addition to the protocol im- plementations, we implement circuit randomization, a common technique for efficiency improvement. The implemented protocols are run on a simulator to securely evaluate some simple arithmetic functions, and the round complexities of the implemented protocols are compared. Finally, we attempt to extend the implementation to support more general computations
Do Distributed Differentially-Private Protocols Require Oblivious Transfer?
We study the cryptographic complexity of two-party differentially-private protocols for a large natural class of boolean functionalities. Information theoretically, McGregor et al. [FOCS 2010] and Goyal et al. [Crypto 2013] demonstrated several functionalities for which the maximal possible accuracy in the distributed setting is significantly lower than that in the client-server setting. Goyal et al. [Crypto 2013] further showed that ``highly accurate\u27\u27 protocols in the distributed setting for any non-trivial functionality in fact imply the existence of one-way functions. However, it has remained an open problem to characterize the exact cryptographic complexity of this class. In particular, we know that semi-honest oblivious transfer helps obtain optimally accurate distributed differential privacy. But we do not know whether the reverse is true.
We study the following question: Does the existence of optimally accurate distributed differentially private protocols for any class of functionalities imply the existence of oblivious transfer? We resolve this question in the affirmative for the class of boolean functionalities that contain an XOR embedded on adjacent inputs.
- We construct a protocol implementing oblivious transfer from any optimally accurate, distributed differentially private protocol for any functionality with a boolean XOR embedded on adjacent inputs.
- While the previous result holds for optimally accurate protocols for any privacy parameter \epsilon > 0, we also give a reduction from oblivious transfer to distributed differentially private protocols computing XOR, for a constant small range of non-optimal accuracies and a constant small range of values of privacy parameter \epsilon.
At the heart of our techniques is an interesting connection between optimally-accurate two-party protocols for the XOR functionality and noisy channels, which were shown by Crepeau and Kilian [FOCS 1988] to be sufficient for oblivious transfer
Practical unconditionally secure signature schemes and related protocols
The security guarantees provided by digital signatures are vital to many modern applications such as online banking, software distribution, emails and many more. Their ubiquity across digital communications arguably makes digital signatures one of the most important inventions in cryptography. Worryingly, all commonly used schemes – RSA, DSA and ECDSA – provide only computational security, and are rendered completely insecure by quantum computers. Motivated by this threat, this thesis focuses on unconditionally secure signature (USS) schemes – an information theoretically secure analogue of digital signatures. We present and analyse two new USS schemes. The first is a quantum USS scheme that is both information-theoretically secure and realisable with current technology. The scheme represents an improvement over all previous quantum USS schemes, which were always either realisable or had a full security proof, but not both. The second is an entirely classical USS scheme that uses minimal resources and is vastly more efficient than all previous schemes, to such an extent that it could potentially find real-world application. With the discovery of such an efficient classical USS scheme using only minimal resources, it is difficult to see what advantage quantum USS schemes may provide. Lastly, we remain in the information-theoretic security setting and consider two quantum protocols closely related to USS schemes – oblivious transfer and quantum money. For oblivious transfer, we prove new lower bounds on the minimum achievable cheating probabilities in any 1-out-of-2 protocol. For quantum money, we present a scheme that is more efficient and error tolerant than all previous schemes. Additionally, we show that it can be implemented using a coherent source and lossy detectors, thereby allowing for the first experimental demonstration of quantum coin creation and verification
State of the Art Report: Verified Computation
This report describes the state of the art in verifiable computation. The
problem being solved is the following:
The Verifiable Computation Problem (Verifiable Computing Problem) Suppose we
have two computing agents. The first agent is the verifier, and the second
agent is the prover. The verifier wants the prover to perform a computation.
The verifier sends a description of the computation to the prover. Once the
prover has completed the task, the prover returns the output to the verifier.
The output will contain proof. The verifier can use this proof to check if the
prover computed the output correctly. The check is not required to verify the
algorithm used in the computation. Instead, it is a check that the prover
computed the output using the computation specified by the verifier. The effort
required for the check should be much less than that required to perform the
computation.
This state-of-the-art report surveys 128 papers from the literature
comprising more than 4,000 pages. Other papers and books were surveyed but were
omitted. The papers surveyed were overwhelmingly mathematical. We have
summarised the major concepts that form the foundations for verifiable
computation. The report contains two main sections. The first, larger section
covers the theoretical foundations for probabilistically checkable and
zero-knowledge proofs. The second section contains a description of the current
practice in verifiable computation. Two further reports will cover (i) military
applications of verifiable computation and (ii) a collection of technical
demonstrators. The first of these is intended to be read by those who want to
know what applications are enabled by the current state of the art in
verifiable computation. The second is for those who want to see practical tools
and conduct experiments themselves.Comment: 54 page
Quantifying the Leakage of Quantum Protocols for Classical Two-Party Cryptography
We study quantum protocols among two distrustful parties. By adopting a
rather strict definition of correctness - guaranteeing that honest players
obtain their correct outcomes only - we can show that every strictly correct
quantum protocol implementing a non-trivial classical primitive necessarily
leaks information to a dishonest player. This extends known impossibility
results to all non-trivial primitives. We provide a framework for quantifying
this leakage and argue that leakage is a good measure for the privacy provided
to the players by a given protocol. Our framework also covers the case where
the two players are helped by a trusted third party. We show that despite the
help of a trusted third party, the players cannot amplify the cryptographic
power of any primitive. All our results hold even against quantum
honest-but-curious adversaries who honestly follow the protocol but purify
their actions and apply a different measurement at the end of the protocol. As
concrete examples, we establish lower bounds on the leakage of standard
universal two-party primitives such as oblivious transfer.Comment: 38 pages, completely supersedes arXiv:0902.403
On the power of two-party quantum cryptography
We study quantum protocols among two distrustful parties. Under the
sole assumption of correctness - guaranteeing that honest players
obtain their correct outcomes - we show that every protocol
implementing a non-trivial primitive necessarily leaks information to
a dishonest player. This extends known impossibility results to all
non-trivial primitives. We provide a framework for quantifying this
leakage and argue that leakage is a good measure for the privacy
provided to the players by a given protocol. Our framework also covers
the case where the two players are helped by a trusted third party. We
show that despite the help of a trusted third party, the players
cannot amplify the cryptographic power of any primitive. All our
results hold even against quantum honest-but-curious adversaries who
honestly follow the protocol but purify their actions and apply a
different measurement at the end of the protocol. As concrete
examples, we establish lower bounds on the leakage of standard
universal two-party primitives such as oblivious transfer
Towards Characterizing Securely Computable Two-Party Randomized Functions
A basic question of cryptographic complexity is to combinatorially
characterize all randomized functions which have information-theoretic
semi-honest secure 2-party computation protocols. The corresponding question
for deterministic functions was answered almost three decades back, by
Kushilevitz (FOCS 1989). In this work, we make progress towards
understanding securely computable `randomized\u27 functions. We bring
tools developed in the study of completeness to bear on this problem. In
particular, our characterizations are obtained by considering only symmetric
functions with a combinatorial property called `simplicity\u27
(Maji et al. Indocrypt 2012).
Our main result is a complete combinatorial characterization of
randomized functions with `ternary output\u27 kernels, that have
information-theoretic semi-honest secure 2-party computation protocols. In
particular, we show that there exist simple randomized functions with
ternary output that do not have secure computation protocols. (For
deterministic functions, the smallest output alphabet size of such a
function is 5, due to an example given by Beaver, DIMACS Workshop on Distributed Computing and Cryptography 1989.)
Also, we give a complete combinatorial characterization of randomized
functions that have `2-round\u27 information-theoretic semi-honest secure
2-party computation protocols.
We also give a counter-example to a natural conjecture for the full
characterization, namely, that all securely computable simple functions have secure
protocols with a unique transcript for each output value. This conjecture
is in fact true for deterministic functions, and -- as our results above
show -- for ternary functions and for functions with 2-round secure
protocols
Uncovering Algebraic Structures in the MPC Landscape
A fundamental problem in the theory of secure multi-party computation (MPC) is to characterize functions with more than 2 parties which admit MPC protocols with information-theoretic security against passive corruption. This question has seen little progress since the work of Chor and Ishai (1996), which demonstrated difficulties in resolving it. In this work, we make significant progress towards resolving this question in the important case of aggregating functionalities, in which m parties P1, . . . , Pm hold inputs x1, . . . , xm and an aggregating party P0 must learn f(x1,...,xm).
We uncover a rich class of algebraic structures that are closely related to secure computability, namely, “Commuting Permutations Systems” (CPS) and its variants. We present an extensive set of results relating these algebraic structures among themselves and to MPC, including new protocols, impossibility results and separations. Our results include a necessary algebraic condition and slightly stronger sufficient algebraic condition for a function to admit information-theoretically secure MPC protocols.
We also introduce and study new models of minimally interactive MPC (called UNIMPC and UNIMPC*), which not only help in understanding our positive and negative results better, but also open up new avenues for studying the cryptographic complexity landscape of multi-party functionalities. Our positive results include novel protocols in these models, which may be of independent practical interest.
Finally, we extend our results to a definition that requires UC security as well as semi-honest security (which we term strong security). In this model we are able to carry out the characterization of all computable functions, except for a gap in the case of aggregating functionalities
- …