Arithmetic Circuit Implementations of S-boxes for SKINNY and PHOTON in MPC

Secure multi-party computation (MPC) enables multiple distrusting parties to compute a function while keeping their respective inputs private. In a threshold implementation of a symmetric primitive, e.g., of a block cipher, each party holds a share of the secret key or of the input block. The output block is computed without reconstructing the secret key. This enables the construction of distributed TPMs or transciphering for secure data transmission in/out of the MPC context. This paper investigates implementation approaches for the lightweight primitives SKINNY and PHOTON in arithmetic circuits. For these primitives, we identify arithmetic expressions for the S-box that result in smaller arithmetic circuits compared to the Boolean expressions from the literature. We validate the optimization using a generic actively secure MPC protocol and obtain 18% faster execution time with 49% less communication data for SKINNY-64-128 and 27% to 74% faster execution time with 49% to 81% less data for PHOTON $P_{100}$ and $P_{288}$. Furthermore, we find a new set of parameters for the heuristic method of polynomial decomposition, introduced by Coron, Roy and Vivek, specialized for SKINNY\u27s 8-bit S-box. We reduce the multiplicative depth from 9 to 5

Fast Evaluation of S-boxes with Garbled Circuits

Garbling schemes are vital primitives for privacy-preserving protocols and for secure two-party computation. This paper presents a projective garbling scheme that assigns $2^n$ values to wires in a circuit comprising XOR and unary projection gates. A generalization of FreeXOR allows the XOR of wires with $2^n$ values to be very efficient. We then analyze the performance of our scheme by evaluating substitution-permutation ciphers. Using our proposal, we measure high-speed evaluation of the ciphers with a moderately increased cost in garbling and bandwidth. Theoretical analysis suggests that for evaluating the nine examined ciphers, one can expect a 4- to 70-fold improvement in evaluation performance with, at most, a 4-fold increase in garbling cost and, at most, an 8-fold increase in communication cost compared to state-of-the-art garbling schemes. In an offline/online setting, such as secure function evaluation as a service, the circuit garbling and communication to the evaluator can proceed before the input phase. Thus our scheme offers a fast online phase. Furthermore, we present efficient computation formulas for the S-boxes of TWINE and Midori64 in Boolean circuits. To our knowledge, our formulas give the smallest number of AND gates for the S-boxes of these two ciphers

Secure key management for multi-party computation in MOZAIK

The immense growth of data from the proliferation of Internet of Things (IoT) devices presents opportunities and challenges for privacy engineering. On the one hand, this data can be harnessed for personalized services, cost savings, and environmental benefits. On the other hand, (new) legislation must be complied with and privacy risks arise from collecting and processing of such data. Distributed privacy-preserving analytics offers a promising solution, providing insights while also protecting privacy. However, this approach has new challenges and risks, such as key management and confidentiality. When designing a data marketplace which offers distributed privacy-preserving analytics, the key management comes with different threats, which require a solution adapted to the distributed architecture. In this context, the paper presents a comprehensive, end-to-end secure system called MOZAIK for privacy-preserving data collection, analysis, and sharing. The article focuses on the key management aspect of the secure multi-party computation (MPC) component in a distributed privacy-preserving analytics architecture and the specific challenges created by introducing MPC. The proposed solution involves temporary storage of (symmetric) key shares and public-key encryption schemes to ensure secure key management for privacy-preserving computation. Our solution has the potential to be applied in other MPC-based setups, making it a valuable addition to the field of privacy engineering. By addressing key management challenges and risks, MOZAIK enhances data protection while enabling valuable insights from IoT data