Confidential Boosting with Random Linear Classifiers for Outsourced User-generated Data

User-generated data is crucial to predictive modeling in many applications. With a web/mobile/wearable interface, a data owner can continuously record data generated by distributed users and build various predictive models from the data to improve their operations, services, and revenue. Due to the large size and evolving nature of users data, data owners may rely on public cloud service providers (Cloud) for storage and computation scalability. Exposing sensitive user-generated data and advanced analytic models to Cloud raises privacy concerns. We present a confidential learning framework, SecureBoost, for data owners that want to learn predictive models from aggregated user-generated data but offload the storage and computational burden to Cloud without having to worry about protecting the sensitive data. SecureBoost allows users to submit encrypted or randomly masked data to designated Cloud directly. Our framework utilizes random linear classifiers (RLCs) as the base classifiers in the boosting framework to dramatically simplify the design of the proposed confidential boosting protocols, yet still preserve the model quality. A Cryptographic Service Provider (CSP) is used to assist the Cloud's processing, reducing the complexity of the protocol constructions. We present two constructions of SecureBoost: HE+GC and SecSh+GC, using combinations of homomorphic encryption, garbled circuits, and random masking to achieve both security and efficiency. For a boosted model, Cloud learns only the RLCs and the CSP learns only the weights of the RLCs. Finally, the data owner collects the two parts to get the complete model. We conduct extensive experiments to understand the quality of the RLC-based boosting and the cost distribution of the constructions. Our results show that SecureBoost can efficiently learn high-quality boosting models from protected user-generated data

Reexamination of Quantum Bit Commitment: the Possible and the Impossible

Bit commitment protocols whose security is based on the laws of quantum mechanics alone are generally held to be impossible. In this paper we give a strengthened and explicit proof of this result. We extend its scope to a much larger variety of protocols, which may have an arbitrary number of rounds, in which both classical and quantum information is exchanged, and which may include aborts and resets. Moreover, we do not consider the receiver to be bound to a fixed "honest" strategy, so that "anonymous state protocols", which were recently suggested as a possible way to beat the known no-go results are also covered. We show that any concealing protocol allows the sender to find a cheating strategy, which is universal in the sense that it works against any strategy of the receiver. Moreover, if the concealing property holds only approximately, the cheat goes undetected with a high probability, which we explicitly estimate. The proof uses an explicit formalization of general two party protocols, which is applicable to more general situations, and a new estimate about the continuity of the Stinespring dilation of a general quantum channel. The result also provides a natural characterization of protocols that fall outside the standard setting of unlimited available technology, and thus may allow secure bit commitment. We present a new such protocol whose security, perhaps surprisingly, relies on decoherence in the receiver's lab.Comment: v1: 26 pages, 4 eps figures. v2: 31 pages, 5 eps figures; replaced with published version; title changed to comply with puzzling Phys. Rev. regulations; impossibility proof extended to protocols with infinitely many rounds or a continuous communication tree; security proof of decoherence monster protocol expanded; presentation clarifie

3-Message Zero Knowledge Against Human Ignorance

The notion of Zero Knowledge has driven the field of cryptography since its conception over thirty years ago. It is well established that two-message zero-knowledge protocols for NP do not exist, and that four-message zero-knowledge arguments exist under the minimal assumption of one-way functions. Resolving the precise round complexity of zero-knowledge has been an outstanding open problem for far too long. In this work, we present a three-message zero-knowledge argument system with soundness against uniform polynomial-time cheating provers. The main component in our construction is the recent delegation protocol for RAM computations (Kalai and Paneth, TCC 2016B and Brakerski, Holmgren and Kalai, ePrint 2016). Concretely, we rely on a three-message variant of their protocol based on a key-less collision-resistant hash functions secure against uniform adversaries as well as other standard primitives. More generally, beyond uniform provers, our protocol provides a natural and meaningful security guarantee against real-world adversaries, which we formalize following Rogaway’s “human-ignorance” approach (VIETCRYPT 2006): in a nutshell, we give an explicit uniform reduction from any adversary breaking the soundness of our protocol to finding collisions in the underlying hash function.National Science Foundation (U.S.) (Award CNS-1350619)National Science Foundation (U.S.) (Award CNS-1413964

Round Optimal Secure Multiparty Computation from Minimal Assumptions

We construct a four round secure multiparty computation (MPC) protocol in the plain model that achieves security against any dishonest majority. The security of our protocol relies only on the existence of four round oblivious transfer. This culminates the long line of research on constructing round-efficient MPC from minimal assumptions (at least w.r.t. black-box simulation)

Parametric localized modes in quadratic nonlinear photonic structures

We analyze two-color spatially localized modes formed by parametrically coupled fundamental and second-harmonic fields excited at quadratic (or chi-2) nonlinear interfaces embedded into a linear layered structure --- a quasi-one-dimensional quadratic nonlinear photonic crystal. For a periodic lattice of nonlinear interfaces, we derive an effective discrete model for the amplitudes of the fundamental and second-harmonic waves at the interfaces (the so-called discrete chi-2 equations), and find, numerically and analytically, the spatially localized solutions --- discrete gap solitons. For a single nonlinear interface in a linear superlattice, we study the properties of two-color localized modes, and describe both similarities and differences with quadratic solitons in homogeneous media.Comment: 9 pages, 8 figure

One-round strong oblivious signature-based envelope

Oblivious Signature-Based Envelope (OSBE) has been widely employed for anonymity-orient and privacy-preserving applications. The conventional OSBE execution relies on a secure communication channel to protect against eavesdroppers. In TCC 2012, Blazy, Pointcheval and Vergnaud proposed a framework of OSBE (BPV-OSBE) without requiring any secure channel by clarifying and enhancing the OSBE security notions. They showed how to generically build an OSBE scheme satisfying the new strong security in the standard model with a common-reference string. Their framework requires 2-round interactions and relies on the smooth projective hash function (SPHF) over special languages, i.e., languages from encryption of signatures. In this work, we investigate the study on the strong OSBE and make the following contributions. First, we propose a generic construction of one-round yet strong OSBE system. Compared to the 2-round BPV-OSBE, our one-round construction is more appealing, as its noninteractive setting accommodates more application scenarios in the real word. Moreover, our framework relies on the regular (identity-based) SPHF, which can be instantiated from extensive languages and hence is more general. Second, we also present an efficient instantiation, which is secure under the standard model from classical assumptions, DDH and DBDH, to illustrate the feasibility of our one-round framework. We remark that our construction is the first one-round OSBE with strong securit

The Round Complexity of Secure Computation Against Covert Adversaries

We investigate the exact round complexity of secure multiparty computation (MPC) against *covert* adversaries who may attempt to cheat, but do not wish to be caught doing so. Covert adversaries lie in between semi-honest adversaries who follow protocol specification and malicious adversaries who may deviate arbitrarily. Recently, two round protocols for semi-honest MPC and four round protocols for malicious-secure MPC were constructed, both of which are optimal. While these results can be viewed as constituting two end points of a security spectrum, we investigate the design of protocols that potentially span the spectrum. Our main result is an MPC protocol against covert adversaries with variable round complexity: when the detection probability is set to the lowest setting, our protocol requires two rounds and offers same security as semi-honest MPC. By increasing the detecting probability, we can increase the security guarantees, with round complexity five in the extreme case. The security of our protocol is based on standard cryptographic assumptions. We supplement our positive result with a negative result, ruling out *strict* three round protocols with respect to black-box simulation

Statistical Zaps and New Oblivious Transfer Protocols

We study the problem of achieving statistical privacy in interactive proof systems and oblivious transfer -- two of the most well studied two-party protocols -- when limited rounds of interaction are available. Statistical Zaps: We give the first construction of statistical Zaps, namely, two-round statistical witness-indistinguishable (WI) protocols with a public-coin verifier. Our construction achieves computational soundness based on the quasi-polynomial hardness of learning with errors. Three-Round Statistical Receiver-Private Oblivious Transfer: We give the first construction of a three-round oblivious transfer (OT) protocol -- in the plain model -- that achieves statistical privacy for receivers and computational privacy for senders against malicious adversaries, based on polynomial-time assumptions. The round-complexity of our protocol is optimal. We obtain our first result by devising a public-coin approach to compress sigma protocols, without relying on trusted setup. To obtain our second result, we devise a general framework via a new notion of statistical hash commitments that may be of independent interest

Interface Phonons and Polaron Effect in Quantum Wires

The theory of large radius polaron in the quantum wire is developed. The interaction of charge particles with interface optical phonons as well as with optical phonons localized in the quantum wire is taken into account. The interface phonon contribution is shown to be dominant for narrow quantum wires. The wave functions and polaron binding energy are found. It is determined that polaron binding energy depends on the electron mass inside the wire and on the polarization properties of the barrier material

Best Possible Information-Theoretic MPC

We reconsider the security guarantee that can be achieved by general protocols for secure multiparty computation in the most basic of settings: information-theoretic security against a semi-honest adversary. Since the 1980s, we have elegant solutions to this problem that offer full security, as long as the adversary controls a minority of the parties, but fail completely when that threshold is crossed. In this work, we revisit this problem, questioning the optimality of the standard notion of security. We put forward a new notion of information-theoretic security which is strictly stronger than the standard one, and which we argue to be ``best possible.\u27\u27 Our new notion still requires full security against dishonest minority in the usual sense, but also requires a meaningful notion of information-theoretic security against dishonest majority. We present protocols for useful classes of functions that satisfy this new notion of security. Our protocols have the unique feature of combining the efficiency benefits of protocols for an honest majority and (most of) the security benefits of protocols for dishonest majority. We further extend some of the solutions to the malicious setting