7,285 research outputs found
MPC for MPC: Secure Computation on a Massively Parallel Computing Architecture
Massively Parallel Computation (MPC) is a model of computation widely believed to best capture realistic parallel computing architectures such as large-scale MapReduce and Hadoop clusters. Motivated by the fact that many data analytics tasks performed on these platforms involve sensitive user data, we initiate the theoretical exploration of how to leverage MPC architectures to enable efficient, privacy-preserving computation over massive data. Clearly if a computation task does not lend itself to an efficient implementation on MPC even without security, then we cannot hope to compute it efficiently on MPC with security. We show, on the other hand, that any task that can be efficiently computed on MPC can also be securely computed with comparable efficiency. Specifically, we show the following results:
- any MPC algorithm can be compiled to a communication-oblivious counterpart while asymptotically preserving its round and space complexity, where communication-obliviousness ensures that any network intermediary observing the communication patterns learn no information about the secret inputs;
- assuming the existence of Fully Homomorphic Encryption with a suitable notion of compactness and other standard cryptographic assumptions, any MPC algorithm can be compiled to a secure counterpart that defends against an adversary who controls not only intermediate network routers but additionally up to 1/3 - ? fraction of machines (for an arbitrarily small constant ?) - moreover, this compilation preserves the round complexity tightly, and preserves the space complexity upto a multiplicative security parameter related blowup.
As an initial exploration of this important direction, our work suggests new definitions and proposes novel protocols that blend algorithmic and cryptographic techniques
Capacities of Quantum Amplifier Channels
Quantum amplifier channels are at the core of several physical processes. Not
only do they model the optical process of spontaneous parametric
down-conversion, but the transformation corresponding to an amplifier channel
also describes the physics of the dynamical Casimir effect in superconducting
circuits, the Unruh effect, and Hawking radiation. Here we study the
communication capabilities of quantum amplifier channels. Invoking a recently
established minimum output-entropy theorem for single-mode phase-insensitive
Gaussian channels, we determine capacities of quantum-limited amplifier
channels in three different scenarios. First, we establish the capacities of
quantum-limited amplifier channels for one of the most general communication
tasks, characterized by the trade-off between classical communication, quantum
communication, and entanglement generation or consumption. Second, we establish
capacities of quantum-limited amplifier channels for the trade-off between
public classical communication, private classical communication, and secret key
generation. Third, we determine the capacity region for a broadcast channel
induced by the quantum-limited amplifier channel, and we also show that a fully
quantum strategy outperforms those achieved by classical coherent detection
strategies. In all three scenarios, we find that the capacities significantly
outperform communication rates achieved with a naive time-sharing strategy.Comment: 16 pages, 2 figures, accepted for publication in Physical Review
Secure bit commitment from relativistic constraints
We investigate two-party cryptographic protocols that are secure under
assumptions motivated by physics, namely relativistic assumptions
(no-signalling) and quantum mechanics. In particular, we discuss the security
of bit commitment in so-called split models, i.e. models in which at least some
of the parties are not allowed to communicate during certain phases of the
protocol. We find the minimal splits that are necessary to evade the
Mayers-Lo-Chau no-go argument and present protocols that achieve security in
these split models. Furthermore, we introduce the notion of local versus global
command, a subtle issue that arises when the split committer is required to
delegate non-communicating agents to open the commitment. We argue that
classical protocols are insecure under global command in the split model we
consider. On the other hand, we provide a rigorous security proof in the global
command model for Kent's quantum protocol [Kent 2011, Unconditionally Secure
Bit Commitment by Transmitting Measurement Outcomes]. The proof employs two
fundamental principles of modern physics, the no-signalling property of
relativity and the uncertainty principle of quantum mechanics.Comment: published version, IEEE format, 18 pages, 8 figure
Almost-perfect secret sharing
Splitting a secret s between several participants, we generate (for each
value of s) shares for all participants. The goal: authorized groups of
participants should be able to reconstruct the secret but forbidden ones get no
information about it. In this paper we introduce several notions of non-
perfect secret sharing, where some small information leak is permitted. We
study its relation to the Kolmogorov complexity version of secret sharing
(establishing some connection in both directions) and the effects of changing
the secret size (showing that we can decrease the size of the secret and the
information leak at the same time).Comment: Acknowledgments adde
Message Randomization and Strong Security in Quantum Stabilizer-Based Secret Sharing for Classical Secrets
We improve the flexibility in designing access structures of quantum
stabilizer-based secret sharing schemes for classical secrets, by introducing
message randomization in their encoding procedures. We generalize the
Gilbert-Varshamov bound for deterministic encoding to randomized encoding of
classical secrets. We also provide an explicit example of a ramp secret sharing
scheme with which multiple symbols in its classical secret are revealed to an
intermediate set, and justify the necessity of incorporating strong security
criterion of conventional secret sharing. Finally, we propose an explicit
construction of strongly secure ramp secret sharing scheme by quantum
stabilizers, which can support twice as large classical secrets as the
McEliece-Sarwate strongly secure ramp secret sharing scheme of the same share
size and the access structure.Comment: Publisher's Open Access PDF. arXiv admin note: text overlap with
arXiv:1811.0521
Practical LDPC coded modulation schemes for the fading broadcast channel with confidential messages
The broadcast channel with confidential messages is a well studied scenario
from the theoretical standpoint, but there is still lack of practical schemes
able to achieve some fixed level of reliability and security over such a
channel. In this paper, we consider a quasi-static fading channel in which both
public and private messages must be sent from the transmitter to the receivers,
and we aim at designing suitable coding and modulation schemes to achieve such
a target. For this purpose, we adopt the error rate as a metric, by considering
that reliability (security) is achieved when a sufficiently low (high) error
rate is experienced at the receiving side. We show that some conditions exist
on the system feasibility, and that some outage probability must be tolerated
to cope with the fading nature of the channel. The proposed solution exploits
low-density parity-check codes with unequal error protection, which are able to
guarantee two different levels of protection against noise for the public and
the private information, in conjunction with different modulation schemes for
the public and the private message bits.Comment: 6 pages, 4 figures, to be presented at IEEE ICC'14 - Workshop on
Wireless Physical Layer Securit
The Sender-Excited Secret Key Agreement Model: Capacity, Reliability and Secrecy Exponents
We consider the secret key generation problem when sources are randomly
excited by the sender and there is a noiseless public discussion channel. Our
setting is thus similar to recent works on channels with action-dependent
states where the channel state may be influenced by some of the parties
involved. We derive single-letter expressions for the secret key capacity
through a type of source emulation analysis. We also derive lower bounds on the
achievable reliability and secrecy exponents, i.e., the exponential rates of
decay of the probability of decoding error and of the information leakage.
These exponents allow us to determine a set of strongly-achievable secret key
rates. For degraded eavesdroppers the maximum strongly-achievable rate equals
the secret key capacity; our exponents can also be specialized to previously
known results.
In deriving our strong achievability results we introduce a coding scheme
that combines wiretap coding (to excite the channel) and key extraction (to
distill keys from residual randomness). The secret key capacity is naturally
seen to be a combination of both source- and channel-type randomness. Through
examples we illustrate a fundamental interplay between the portion of the
secret key rate due to each type of randomness. We also illustrate inherent
tradeoffs between the achievable reliability and secrecy exponents. Our new
scheme also naturally accommodates rate limits on the public discussion. We
show that under rate constraints we are able to achieve larger rates than those
that can be attained through a pure source emulation strategy.Comment: 18 pages, 8 figures; Submitted to the IEEE Transactions on
Information Theory; Revised in Oct 201
Leakage-resilient coin tossing
Proceedings 25th International Symposium, DISC 2011, Rome, Italy, September 20-22, 2011.The ability to collectively toss a common coin among n parties
in the presence of faults is an important primitive in the arsenal of
randomized distributed protocols. In the case of dishonest majority, it
was shown to be impossible to achieve less than 1
r bias in O(r) rounds
(Cleve STOC ’86). In the case of honest majority, in contrast, unconditionally
secure O(1)-round protocols for generating common unbiased
coins follow from general completeness theorems on multi-party secure
protocols in the secure channels model (e.g., BGW, CCD STOC ’88).
However, in the O(1)-round protocols with honest majority, parties
generate and hold secret values which are assumed to be perfectly hidden
from malicious parties: an assumption which is crucial to proving the
resulting common coin is unbiased. This assumption unfortunately does
not seem to hold in practice, as attackers can launch side-channel attacks
on the local state of honest parties and leak information on their secrets.
In this work, we present an O(1)-round protocol for collectively generating
an unbiased common coin, in the presence of leakage on the local
state of the honest parties. We tolerate t ≤ ( 1
3
− )n computationallyunbounded
Byzantine faults and in addition a Ω(1)-fraction leakage on
each (honest) party’s secret state. Our results hold in the memory leakage
model (of Akavia, Goldwasser, Vaikuntanathan ’08) adapted to the
distributed setting.
Additional contributions of our work are the tools we introduce to
achieve the collective coin toss: a procedure for disjoint committee election,
and leakage-resilient verifiable secret sharing.National Defense Science and Engineering Graduate FellowshipNational Science Foundation (U.S.) (CCF-1018064
Applications of quantum message sealing
In 2003, Bechmann-Pasquinucci introduced the concept of quantum seals, a
quantum analogue to wax seals used to close letters and envelopes. Since then,
some improvements on the method have been found. We first review the current
quantum sealing techniques, then introduce and discuss potential applications
of quantum message sealing, and conclude with some discussion of the
limitations of quantum seals.Comment: Presented as SPIE paper 5815-25 at Quantum Information and
Computation III, part of the SPIE Defense & Security Symposium 200
- …