Design of advanced primitives for secure multiparty computation : special shuffles and integer comparison

In modern cryptography, the problem of secure multiparty computation is about the cooperation between mutually distrusting parties computing a given function. Each party holds some private information that should remain secret as much as possible throughout the computation. A large body of research initiated in the early 1980's has shown that any computable function can be evaluated using secure multiparty computation. Though these feasibility results are general, their applicability in practical situations is rather unsatisfactory. This thesis concerns the study of two particular cryptographic primitives with focus on efficiency. The first primitive studied is a generalization of verifiable shuffles of homomorphic encryptions, where the shuffler is only allowed to apply a permutation from a restricted set of permutations. In this thesis, we consider shuffles using permutations from a k-fragile set, meaning that any k input-output correspondences uniquely identify a permutation within the set. We provide verifiable shuffles restricted to the set of all rotations (1-fragile), affine transformations (2-fragile), and Möbius transformations (3-fragile). Applications of these special shuffles include fragile mixing, electronic elections, secure function evaluation using scrambled circuits, and secure integer comparison. Two approaches for verifiable rotations are presented. On the one hand, we use properties of the Discrete Fourier Transform (DFT) to express in a compact way that a rotation is applied in a shuffle. The solution is efficient, but imposes some mild restrictions on the parameters to allow DFT to work. On the other hand, we present a general solution that does not impose any parameter constraint and works on any homomorphic cryptosystem. These protocols for rotations are used to build efficient shuffling protocols for affine and Möbius transformations. The second primitive is secure integer comparison. In a general scenario, parties are given homomorphic encryptions of the bits of two integers and, after running a protocol, an encryption of a bit is produced, telling the result of the greater-than comparison of the two integers. This is a useful building block for higher-level protocols such as electronic voting, biometrics authentication or electronic auctions. A study of the relationship of other problems to integer comparison is given as well. We present two types of solutions for integer comparison. Firstly, we consider an arithmetic circuit yielding secure protocols within the framework for multiparty computation based on threshold homomorphic cryptosystems. Our circuit achieves a good balance between round and computational complexities, when compared to the similar solutions in the literature. The second type of solutions uses a intricate approach where different building blocks are used. A full analysis is made for the two-party case where efficiency of the resulting protocols compares favorably to other solutions and approaches

Coherent feedback that beats all measurement-based feedback protocols

We show that when the speed of control is bounded, there is a widely applicable minimal-time control problem for which a coherent feedback protocol is optimal, and is faster than all measurement-based feedback protocols, where the latter are defined in a strict sense. The superiority of the coherent protocol is due to the fact that it can exploit a geodesic path in Hilbert space, a path that measurement-based protocols cannot follow.Comment: 4 pages, revtex4-1, 1 png figure; v2: new (now optimal) coherent protocol, new autho

Continuous variable quantum cryptography using coherent states

We propose several methods for quantum key distribution (QKD) based upon the generation and transmission of random distributions of coherent or squeezed states, and we show that they are are secure against individual eavesdropping attacks. These protocols require that the transmission of the optical line between Alice and Bob is larger than 50 %, but they do not rely on "non-classical" features such as squeezing. Their security is a direct consequence of the no-cloning theorem, that limits the signal to noise ratio of possible quantum measurements on the transmission line. Our approach can also be used for evaluating various QKD protocols using light with gaussian statistics.Comment: 5 pages, 1 figure. In v2 minor rewriting for clarity, references adde

Analysis and Modeling Experiment Performance Parameters of Routing Protocols in MANETs and VANETs

In this paper, a framework for experimental parameters in which Packet Delivery Ratio (PDR), effect of link duration over End-to-End Delay (E2ED) and Normalized Routing Overhead (NRO) in terms of control packets is analyzed and modeled for Mobile Ad-Hoc NETworks (MANETs) and Vehicular Ad-Hoc NETworks (VANETs) with the assumption that nodes (vehicles) are sparsely moving in two different road. Moreover, this paper contributes the performance comparison of one Proactive Routing Protocol; Destination Sequenced Distance vector (DSDV) and two reactive protocols; DYnamic Source Routing (DSR) and DYnamic MANET On-Demand (DYMO). A novel contribution of this work is enhancements in default versions of selected routing protocols. Three performance parameters; PDR, E2ED and NRO with varying scalabilities are measured to analyze the performance of selected routing protocols with their original and enhanced versions. From extensive simulations, it is observed that DSR outperforms among all three protocols at the cost of delay. NS-2 simulator is used for simulation with TwoRayGround propagation model to evaluate analytical results

Designing Network Protocols for Good Equilibria

Designing and deploying a network protocol determines the rules by which end users interact with each other and with the network. We consider the problem of designing a protocol to optimize the equilibrium behavior of a network with selfish users. We consider network cost-sharing games, where the set of Nash equilibria depends fundamentally on the choice of an edge cost-sharing protocol. Previous research focused on the Shapley protocol, in which the cost of each edge is shared equally among its users. We systematically study the design of optimal cost-sharing protocols for undirected and directed graphs, single-sink and multicommodity networks, and different measures of the inefficiency of equilibria. Our primary technical tool is a precise characterization of the cost-sharing protocols that induce only network games with pure-strategy Nash equilibria. We use this characterization to prove, among other results, that the Shapley protocol is optimal in directed graphs and that simple priority protocols are essentially optimal in undirected graphs

Conclave: secure multi-party computation on big data (extended TR)

Secure Multi-Party Computation (MPC) allows mutually distrusting parties to run joint computations without revealing private data. Current MPC algorithms scale poorly with data size, which makes MPC on "big data" prohibitively slow and inhibits its practical use. Many relational analytics queries can maintain MPC's end-to-end security guarantee without using cryptographic MPC techniques for all operations. Conclave is a query compiler that accelerates such queries by transforming them into a combination of data-parallel, local cleartext processing and small MPC steps. When parties trust others with specific subsets of the data, Conclave applies new hybrid MPC-cleartext protocols to run additional steps outside of MPC and improve scalability further. Our Conclave prototype generates code for cleartext processing in Python and Spark, and for secure MPC using the Sharemind and Obliv-C frameworks. Conclave scales to data sets between three and six orders of magnitude larger than state-of-the-art MPC frameworks support on their own. Thanks to its hybrid protocols, Conclave also substantially outperforms SMCQL, the most similar existing system.Comment: Extended technical report for EuroSys 2019 pape