Showing papers on "Secure multi-party computation published in 2022"

MAS-Encryption and its Applications in Privacy-Preserving Classifiers

Abstract: Homomorphic encryption (HE) schemes, such as fully homomorphic encryption (FHE), support a number of useful computations on ciphertext in a broad range of applications, such as e-voting, private information retrieval, cloud security, and privacy protection. While FHE schemes do not require any interaction during computation, the key limitations are large ciphertext expansion and inefficiency. Thus, to overcome these limitations, we develop a novel cryptographic tool, MAS-Encryption (MASE), to support real-value input and secure computation on the multiply-add structure. The multiply-add structures exist in many important protocols, such as classifiers and outsourced protocols, and we will explain how MASE can be used to protect the privacy of these protocols, using two case study examples. Specifically, the first case study example is the privacy-preserving Naive Bayes classifier that can achieve minimal Bayes risk, and the other example is the privacy-preserving support vector machine. We prove that the constructed classifiers are secure and evaluate their performance using real-world datasets. Experiments show that our proposed MASE scheme and MASE based classifiers are efficient, in the sense that we achieve an optimal tradeoff between computation efficiency and communication interactions. Thus, we avoid the inefficiency of FHE based paradigm.

Privacy-preserving credit evaluation system based on blockchain

Abstract: In digital intelligence era, the authenticity of data and the privacy protection of data sharing and multiparty collaborative computing are key factors in building a good credit evaluation system. Although blockchain-based credit evaluation system considered this point, more studies on data privacy protection are either only the design of the framework or the proposal of the concept, which is insufficient for privacy protection. To provide a more comprehensive and reliable privacy-preserving scheme, this paper proposes a novel credit evaluation system with secure sharing and multiparty computation based on blockchain. The system consists of five modules: data, access control, data encryption, secure computation and model storage modules. The Hyperledger Fabric blockchain-based data module ensures the authenticity and traceability of the data source. The raw data are encrypted by a linear transformation algorithm in the data encryption module, which minimizes the output and utilization of data when leaving local storage and prevents potential privacy leakage in data sharing to the greatest extent. The phillie homomorphic encryption-based secure computation algorithm in the secure computation module achieves secure data sharing while applying the secure multiparty computation, which makes it possible to data sharing and privacy protection in multiparty computing. The system obtains final summary statistical results without exposing the raw data. Additionally, the final statistical results of the raw data can be inferred from the encrypted data, and their results are consistent. The correctness and accuracy of the linear conversion encryption mechanism and homomorphic encryption algorithm are proven by theoretical analysis. Security analysis and calculation case show the security of the proposed credit evaluation system and the correctness and effectiveness of the proposed encryption scheme. • A novel privacy-preserving credit evaluation system based on blockchain is proposed. • Concerns on the disclosure of commercially sensitive data are solved. • A linear transformation algorithm is used to encrypt the original data. • The data access control policy based on CP-ABE is used in access control module. • The PHE and SMPC algorithm achieve the purpose of data availability and invisibility.

Privacy-preserving credit evaluation system based on blockchain

Abstract: In digital intelligence era, the authenticity of data and the privacy protection of data sharing and multiparty collaborative computing are key factors in building a good credit evaluation system. Although blockchain-based credit evaluation system considered this point, more studies on data privacy protection are either only the design of the framework or the proposal of the concept, which is insufficient for privacy protection. To provide a more comprehensive and reliable privacy-preserving scheme, this paper proposes a novel credit evaluation system with secure sharing and multiparty computation based on blockchain. The system consists of five modules: data, access control, data encryption, secure computation and model storage modules. The Hyperledger Fabric blockchain-based data module ensures the authenticity and traceability of the data source. The raw data are encrypted by a linear transformation algorithm in the data encryption module, which minimizes the output and utilization of data when leaving local storage and prevents potential privacy leakage in data sharing to the greatest extent. The phillie homomorphic encryption-based secure computation algorithm in the secure computation module achieves secure data sharing while applying the secure multiparty computation, which makes it possible to data sharing and privacy protection in multiparty computing. The system obtains final summary statistical results without exposing the raw data. Additionally, the final statistical results of the raw data can be inferred from the encrypted data, and their results are consistent. The correctness and accuracy of the linear conversion encryption mechanism and homomorphic encryption algorithm are proven by theoretical analysis. Security analysis and calculation case show the security of the proposed credit evaluation system and the correctness and effectiveness of the proposed encryption scheme.

Bts

Abstract: In presence of permafrost, the negative heat flux coming up from the cold frozen subsurface will lead to strongly negative WEqT (typically less than -2 °C), whereas on non frozen soil, the WEqT will be close to 0 °C or moderately negative (Haeberli 1973). Thus the WEqT can be a good indicator of permafrost occurrence and can help to discriminate permafrost from non-permafrost areas, provided that the snow cover developped early in the winter and remained sufficient to isolate the soil surface from atmospheric influence.

An Algebraic Framework for Silent Preprocessing with Trustless Setup and Active Security

Abstract: AbstractRecently, number-theoretic assumptions including DDH, DCR and QR have been used to build powerful tools for secure computation, in the form of homomorphic secret-sharing (HSS), which leads to secure two-party computation protocols with succinct communication, and pseudorandom correlation functions (PCFs), which allow non-interactive generation of a large quantity of correlated randomness. In this work, we present a group-theoretic framework for these classes of constructions, which unifies their approach to computing distributed discrete logarithms in various groups. We cast existing constructions in our framework, and also present new constructions, including one based on class groups of imaginary quadratic fields. This leads to the first construction of two-party homomorphic secret sharing for branching programs from class group assumptions.Using our framework, we also obtain pseudorandom correlation functions for generating oblivious transfer and vector-OLE correlations from number-theoretic assumptions. These have a trustless, public-key setup when instantiating our framework using class groups. Previously, such constructions either needed a trusted setup in the form of an RSA modulus with unknown factorisation, or relied on multi-key fully homomorphic encryption from the learning with errors assumption.We also show how to upgrade our constructions to achieve active security using appropriate zero-knowledge proofs. In the random oracle model, this leads to a one-round, actively secure protocol for setting up the PCF, as well as a 3-round, actively secure HSS-based protocol for secure two-party computation of branching programs with succinct communication.

SecureBiNN: 3-Party Secure Computation for Binarized Neural Network Inference

Abstract: The paper proposes SecureBiNN, a novel three-party secure computation framework for evaluating privacy-preserving binarized neural network (BiNN) in semi-honest adversary setting. In SecureBiNN, three participants hold input data and model parameters in secret sharing form, and execute secure computations to obtain secret shares of prediction result without disclosing their input data, model parameters and the prediction result. SecureBiNN performs linear operations in a computation-efficient and communication-free way. For non-linear operations, we provide novel secure methods for evaluating activation function, maxpooling layers, and batch normalization layers in BiNN. Communication overhead is significantly minimized comparing to previous work like XONN and Falcon. We implement SecureBiNN with tensorflow and the experiments show that using the Fitnet structure, SecureBiNN achieves on CIFAR-10 dataset an accuracy of 81.5%, with communication cost of 16.609MB and runtime of 0.527s/3.447s in the LAN/WAN settings. More evaluations on real-world datasets are also performed and other concrete comparisons with state-of-the-art are presented as well.

LLAMA: A Low Latency Math Library for Secure Inference

Abstract: Secure machine learning (ML) inference can provide meaningful privacy guarantees to both the client (holding sensitive input) and the server (holding sensitive weights of the ML model) while realizing inferenceas-a-service. Although many specialized protocols exist for this task, including those in the preprocessing model (where a majority of the overheads are moved to an input independent offline phase), they all still suffer from large online complexity. Specifically, the protocol phase that executes once the parties know their inputs, has high communication, round complexity, and latency. Function Secret Sharing (FSS) based techniques offer an attractive solution to this in the trusted dealer model (where a dealer provides input independent correlated randomness to both parties), and 2PC protocols obtained based on these techniques have a very lightweight online phase. Unfortunately, current FSS-based 2PC works (AriaNN, PoPETS 2022; Boyle et al. Eurocrypt 2021; Boyle et al. TCC 2019) fall short of providing a complete solution to secure inference. First, they lack support for math functions (e.g., sigmoid, and reciprocal square root) and hence, are insufficient for a large class of inference algorithms (e.g. recurrent neural networks). Second, they restrict all values in the computation to be of the same bitwidth and this prevents them from benefitting from efficient float-to-fixed converters such as Tensorflow Lite that crucially use low bitwidth representations and mixed bitwidth arithmetic. In this work, we present LLAMA – an end-to-end, FSS based, secure inference library supporting precise low bitwidth computations (required by converters) as well as provably precise math functions; thus, overcoming all the drawbacks listed above. We perform an extensive evaluation of LLAMA and show that when compared with non-FSS based libraries supporting mixed bitwidth arithmetic and math functions (SIRNN, IEEE S&P 2021), it has at least an order of magnitude lower communication, rounds, and runtimes. We integrate LLAMA with the EzPC framework (IEEE EuroS&P 2019) and demonstrate its robustness by evaluating it on large benchmarks (such as ResNet-50 on the ImageNet dataset) as well as on benchmarks considered in AriaNN – here too LLAMA outperforms prior work.

Card-based Single-shuffle Protocols for Secure Multiple-input AND and XOR Computations

Abstract: In card-based cryptography, the numbers of cards and shuffles are the complexity measures of protocols for secure computations, and the smaller these values are, the better. As the state-of-the-art study to minimize the latter measure, Shinagawa and Nuida showed a surprising result that any n-input logical function can be securely computed with only one shuffle, based on the idea of Yao's garbled circuit. When executing their protocol, the number of required cards is 2n+24q, where the n-input logical function to be computed is represented by q gates. For example, when applied to the n-input AND and XOR functions, the number of gates is n-1, and hence, 26n-24 cards are required. In this paper, we show that the number of required cards can be reduced by focusing on these two specific functions. Specifically, we construct a single-shuffle protocol for the n-input AND function using 4n-2 cards, and construct a single-shuffle protocol for the n-input XOR function using 2n cards.

Sharing Transformation and Dishonest Majority MPC with Packed Secret Sharing

Abstract: In the last few years, the efficiency of secure multi-party computation (MPC) in the dishonest majority setting has increased by several orders of magnitudes starting with the SPDZ protocol family which offers a speedy information-theoretic online phase in the prepossessing model. However, state-of-the-art n-party MPC protocols in the dishonest majority setting incur online communication complexity per multiplication gate which is linear in the number of parties, i.e. O(n), per gate across all parties. In this work, we construct the first MPC protocols in the preprocessing model for dishonest majority with sub-linear communication complexity per gate in the number of parties n. To achieve our results, we extend the use of packed secret sharing to the dishonest majority setting. For a constant fraction of corrupted parties (i.e. if 99 percent of the parties are corrupt), we can achieve a communication complexity of O(1) field elements per multiplication gate across all parties. At the crux of our techniques lies a new technique called sharing transformation. The sharing transformation technique allows us to transform shares under one type of linear secret sharing scheme into another, and even perform arbitrary linear maps on the secrets of (packed) secret sharing schemes with optimal communication complexity. This technique can be of independent interest since transferring shares from one type of scheme into another (e.g., for degree reduction) is ubiquitous in MPC. Furthermore, we introduce what we call sparsely packed Shamir sharing which allows us to address the issue of network routing efficiently, and packed Beaver triples which is an extension of the widely used technique of Beaver triples for packed secret sharing (for dishonest majority).

Perfectly-Secure Synchronous MPC with Asynchronous Fallback Guarantees

Abstract: Secure multi-party computation (MPC) is a fundamental problem in secure distributed computing. An MPC protocol allows a set of $n$ mutually distrusting parties to carry out any joint computation of their private inputs, without disclosing any additional information about their inputs. MPC with information-theoretic security provides the strongest security guarantees and remains secure even against computationally unbounded adversaries. Perfectly-secure MPC protocols is a class of information-theoretically secure MPC protocols, which provides all the security guarantees in an error-free fashion. The focus of this work is perfectly-secure MPC. Known protocols are designed assuming either a synchronous or asynchronous communication network. It is well known that perfectly-secure synchronous MPC protocol is possible as long as adversary can corrupt any $t_s < n/3$ parties. On the other hand, perfectly-secure asynchronous MPC protocol can tolerate up to $t_a < n/4$ corrupt parties. A natural question is does there exist a single MPC protocol for the setting where the parties are not aware of the exact network type and which can tolerate up to $t_s < n/3$ corruptions in a synchronous network and up to $t_a < n/4$ corruptions in an asynchronous network. We design such a best-of-both-worlds perfectly-secure MPC protocol, provided $3t_s + t_a < n$ holds. For designing our protocol, we design two important building blocks, which are of independent interest. The first building block is a best-of-both-worlds Byzantine agreement (BA) protocol tolerating $t < n/3$ corruptions and which remains secure, both in a synchronous as well as asynchronous network. The second building block is a polynomial-based best-of-both-worlds verifiable secret-sharing (VSS) protocol, which can tolerate up to $t_s$ and $t_a$ corruptions in a synchronous and in an asynchronous network respectively.

Oblivious algebraic data types

Abstract: Secure computation allows multiple parties to compute joint functions over private data without leaking any sensitive data, typically using powerful cryptographic techniques. Writing secure applications using these techniques directly can be challenging, resulting in the development of several programming languages and compilers that aim to make secure computation accessible. Unfortunately, many of these languages either lack or have limited support for rich recursive data structures, like trees. In this paper, we propose a novel representation of structured data types, which we call oblivious algebraic data types, and a language for writing secure computations using them. This language combines dependent types with constructs for oblivious computation, and provides a security-type system which ensures that adversaries can learn nothing more than the result of a computation. Using this language, authors can write a single function over private data, and then easily build an equivalent secure computation according to a desired public view of their data.

Pika: Secure Computation using Function Secret Sharing over Rings

Abstract: Machine learning algorithms crucially depend on non-linear mathematical functions such as division (for normalization), exponentiation (for softmax and sigmoid), tanh (as an activation function), logarithm (for crossentropy loss), and square root (for back-propagation of normalization layers). However, when machine learning is performed over secure computation, these protocols incur a large communication overhead and high round complexity. In this work, we propose new multi-party computation (MPC) protocols for such functions. Our protocols achieve constant round complexity (3 for semi-honest, 4 for malicious), an order of magnitude lower communication (54 − 121× lower than prior art), and high concrete efficiency (2−1163× faster runtime). We rely on recent advances in function secret sharing (FSS) to construct these protocols. Our contributions can be summarized as follows: (1) A constant round protocol to securely evaluate nonlinear functions such as division, exponentiation, logarithm, and tanh (in comparison to prior art which uses round complexity proportional to the rounds of iterative methods/required precision) with high accuracy. This construction largely follows prior work in look-up style secure computation. (2) Our main contribution is the extension of the above protocol to be secure in the presence of malicious adversaries in the honest majority setting. We provide a malicious sketching protocol for FSS schemes that works over rings and in order to prove its security, we extend (and prove) a corresponding form of SchwartzZippel lemma over rings. This is the first such extension of the lemma and it can be of independent interest in other domains of secure computation. (3) We implement our protocol and showcase order of magnitude improvements in runtime and communication. Given the low round complexity and substantially lower communication, our protocols achieve even better performance over network constrained environments such as WAN. Finally, we showcase how such functions can lead to scalability in machine learning. Note that techniques presented are applicable beyond the application of machine learning as the protocols effectively present an efficient 1-out-of-N oblivious transfer or an efficient private information retrieval protocol.

Privacy-preserving logistic regression with secret sharing

Abstract: Logistic regression (LR) is a widely used classification method for modeling binary outcomes in many medical data classification tasks. Researchers that collect and combine datasets from various data custodians and jurisdictions can greatly benefit from the increased statistical power to support their analysis goals. However, combining data from different sources creates serious privacy concerns that need to be addressed.In this paper, we propose two privacy-preserving protocols for performing logistic regression with the Newton-Raphson method in the estimation of parameters. Our proposals are based on secure Multi-Party Computation (MPC) and tailored to the honest majority and dishonest majority security settings.The proposed protocols are evaluated against both synthetic and real-world datasets in terms of efficiency and accuracy, and a comparison is made with the ordinary logistic regression. The experimental results demonstrate that the proposed protocols are highly efficient and accurate.Our work introduces two iterative algorithms to enable the distributed training of a logistic regression model in a privacy-preserving manner. The implementation results show that our algorithms can handle large datasets from multiple sources.

A framework for constructing Single Secret Leader Election from MPC

Abstract: The emergence of distributed digital currencies has raised the need for a reliable consensus mechanism. In proof-of-stake cryptocurrencies, the participants periodically choose a closed set of validators, who can vote and append transactions to the blockchain. Each validator can become a leader with the probability proportional to its stake. Keeping the leader private yet unique until it publishes a new block can significantly reduce the attack vector of an adversary and improve the throughput of the network. The problem of Single Secret Leader Election (SSLE) was first formally defined by Boneh et al. in 2020. In this work, we propose a novel framework for constructing SSLE protocols, which relies on secure multi-party computation (MPC) and satisfies the desired security properties. Our framework does not use any shuffle or sort operations and has a computational cost for N parties as low as O(N) of basic MPC operations per party. We improve the state-of-the-art for SSLE protocols that do not assume a trusted setup. Moreover, our SSLE scheme efficiently handles weighted elections. That is, for a total weight S of N parties, the associated costs are only increased by a factor of $$\log {S}$$ . When the MPC layer is instantiated with techniques based on Shamir’s secret-sharing, our SSLE has a communication cost of $$O(N^2)$$ which is spread over $$O(\log {N})$$ rounds, can tolerate up to $$t

Blockchain-Enabled Multiparty Computation for Privacy Preserving and Public Audit in Industrial IoT

Abstract: With the rapid increase of the industrial data and the development of the industrial Internet of Things (IIoT) paradigm, the efficiency and the quality of service of the emerging applications have been improved. However, the contradiction between data sharing and privacy preserving is still an obstacle in the IIoT. To this end, in this article, we propose a privacy-preserving and publicly auditable multiparty computation scheme for industrial data sharing and computing, which avoids privacy leakage and computation misbehavior by separating the data ownership, data use, and data verification. Using the blockchain technology, a transparent management platform is provided to recognize and trace the illegal data and computation behavior. Moreover, we integrate the noninteractive zero-knowledge proof in the multiparty interaction mechanism, wherein the verification of data consistency and computation validity is executed publicly on the blockchain. Finally, we implement experiment to evaluate the performance of the computation latency, communication overhead and the influence of encryption parameter, and the numerical results illustrate the efficiency and feasibility of our scheme.

Adam in Private: Secure and Fast Training of Deep Neural Networks with Adaptive Moment Estimation

Abstract: Machine Learning (ML) algorithms, especially deep neural networks (DNN), have proven themselves to be extremely useful tools for data analysis, and are increasingly being deployed in systems operating on sensitive data, such as recommendation systems, banking fraud detection, and healthcare systems. This underscores the need for privacy-preserving ML (PPML) systems, and has inspired a line of research into how such systems can be constructed efficiently. However, most prior works on PPML achieve efficiency by requiring advanced ML algorithms to be simplified or substituted with approximated variants that are “MPC-friendly” before multi-party computation (MPC) techniques are applied to obtain a PPML systems. A drawback of this approach is that it requires careful fine-tuning of the combined ML and MPC algorithms, and might lead to less efficient algorithms or inferior quality ML (such as lower prediction accuracy). This is an issue for secure training of DNNs in particular, as this involves several arithmetic algorithms that are thought to be “MPCunfriendly”, namely, integer division, exponentiation, inversion, and square root extraction. In this work, we take a structurally different approach and propose a framework that allows efficient and secure evaluation of full-fledged state-of-the-art ML algorithms via secure multi-party computation. Specifically, we propose secure and efficient protocols for the above seemingly MPC-unfriendly computations (but which are essential to DNN). Our protocols are three-party protocols in the honest-majority setting, and we propose both passively secure and actively secure with abort variants. A notable feature of our protocols is that they simultaneously provide high accuracy and efficiency. This framework enables us to efficiently and securely compute modern ML algorithms such as Adam (Adaptive moment estimation) and the softmax function “as is”, without resorting to approximations. As a result, we obtain secure DNN training that outperforms state-of-the-art threeparty systems; our full training is up to 6.7 times faster than just the online phase of FALCON (Wagh et al. at PETS’21) and up to 4.2 times faster than Dalskov et al. (USENIX’21) on the standard benchmark network for secure training of DNNs. The potential advantage of our approach is even greater when considering more complex realistic networks. To demonstrate this, we perform measurements on real-world DNNs, AlexNet and VGG16, which are large networks containing millions of parameters. The performance of our framework for these networks is up to a factor of 26 ∼ 33 faster for AlexNet and 48 ∼ 51 faster for VGG16 to achieve an accuracy of 60% and 70%, respectively, when compared to FALCON. Even compared to CRYPTGPU (Tan et al. IEEE S&P’21), which is optimized for and runs on powerful GPUs, our framework achieves a factor of 2.1 and 4.1 faster performance, respectively, on these networks.

Secure Computations Through Checking Suits of Playing Cards

Abstract: Abstract Card-based cryptography started with the “five-card trick” designed by Den Boer (EUROCRYPT 1989); it enables Alice and Bob to securely evaluate the AND value of their private bits using a physical deck of five cards. It was then shown that the same task can be done with only four cards, i.e., Mizuki et al. proposed a four-card AND protocol (ASIACRYPT 2012). These two AND protocols are simple and easy even for non-experts, such as high school students, to execute. Their only common drawback is the need to prepare a customized deck consisting of red and black cards such that all cards of the same color must be identical. Fortunately, several existing protocols are based on a standard deck of playing cards (commercially available). Among them, the state-of-the-art AND protocol was constructed by Koch et al. (ASIACRYPT 2019); it uses four playing cards (such as ‘A, J, Q, K’) to securely evaluate the AND value. The protocol is elaborate, while its possible drawback is the need to repeat a shuffling operation six times (in expectation), which makes it less practical. This paper aims to provide the first practical protocol working on a standard deck of playing cards. We present an extremely simple AND protocol that terminates after only one shuffle using only four cards; our proposed protocol relies on a new operation, called the “half-open” action, whereby players can check only the suit of a face-down card without revealing the number on it. We believe that this new operation is easy-to-implement, and hence, our four-card AND protocol working on a standard deck is practical. We formalize the half-open action to present a formal description of our proposed protocol. Moreover, we discuss what is theoretically implied by introducing the half-open action and show that it can be applied to efficiently solving Yao’s Millionaires’ problem with a standard deck of cards.

A Survey on Perfectly Secure Verifiable Secret-sharing

Abstract: Verifiable Secret-Sharing (VSS) is a fundamental primitive in secure distributed computing. It is used as a building block in several distributed computing tasks, such as Byzantine agreement and secure multi-party computation. In this article, we consider VSS schemes with perfect security, tolerating computationally unbounded adversaries. We comprehensively survey the existing perfectly secure VSS schemes in three different communication settings, namely, synchronous, asynchronous, and hybrid setting and provide full details of the existing schemes in these settings. The aim of this survey is to provide a clear knowledge and foundation to researchers who are interested in knowing and extending the state-of-the-art perfectly secure VSS schemes.

Statistical Security in Two-Party Computation Revisited

Abstract: We present a new framework for building round-optimal one-sided statistically secure two party computation (2PC) protocols in the plain model. We demonstrate that a relatively weak notion of oblivious transfer (OT), namely a three round elementary oblivious transfer $$\textsf {eOT}$$ with statistical receiver privacy, along with a non-interactive commitment scheme suffices to build a one-sided statistically secure two party computation protocol with black-box simulation. Our framework enables the first instantiations of round-optimal one-sided statistically secure 2PC protocols from the CDH assumption and certain families of isogeny-based assumptions. As part of our compiler, we introduce the following new one-sided statistically secure primitives in the pre-processing model that might also be of independent interest: The above primitives are directly constructed from $$\textsf {eOT}$$ and hence we obtain their instantiations from the same set of assumptions as our 2PC.

TTP-Aided Secure Computation using Secret Sharing With Only One Computing Server

Abstract: Secure computation methods include methods that use homomorphic encryption (HE) and those that use secret sharing (SS). Secure computation based on HE can be realized using one server, and the computation process can be made public if the encryption key is kept secure. However, HE generally requires a substantial computation cost. In contrast, SS has the advantage of low computation cost, allowing for high-speed processing; however, all servers must be managed independently. And the process of k or more servers cannot be disclosed. In particular, secret input will be leaked when the same organization manages multiple servers to implement SS. Therefore, a complex model where each server is independently managed is required. Iwamura et al. proposed a secure computation that is information-theoretic secure in n≥k instead of n≥2k−1 by assuming a trusted third party (TTP). In this paper, by making more effective use of a TTP, we demonstrate that secure computation based on SS is possible with only one computing server. Moreover, we show that the entire computation process can be disclosed if the key is managed safely. We realize a method that solves the disadvantages of conventional approaches with a faster computation than those methods.

Coin-based Secure Computations

Abstract: Abstract In the history of cryptography, many cryptographic protocols have relied on random coin tosses to prove their security. Although flipping coins is indispensable in this manner, the coins themselves have never been in the spotlight. Therefore, we would like to make physical coins rise to the level of cryptography, just as a deck of physical playing cards has been used to perform a secure multi-party computation. Such a card-based protocol is known to be helpful both to perform a secure computation without any black-box computers and to understand the principles of secure protocols. In this paper, we propose a new framework of secure multi-party computation using physical coins, named a coin-based protocol . One advantage of the use of coins is that they are more ubiquitous than cards. Whereas a face-down card can conceal the information about its face side, one side of a coin reveals the information of its other side. Hence, more careful design is required for a secure coin-based protocol than for a card-based one. We formalize a computational model of the coin-based protocol and explicitly give protocols for NOT, AND, COPY, OR, and XOR computations. We also discuss the composability of the extended protocols and how to implement them in practice.

Efficient and Precise Secure Generalized Edit Distance and Beyond

Abstract: Secure string-comparison by some non-linear metrics such as edit-distance and its variations is an important building block of many applications including patient genome matching and text-based intrusion detection. Despite the significance of these string metrics, computing them in a provably secure manner is very expensive. In this paper, we improve the performance of secure computation of these string metrics without sacrificing security, generality, composability, and accuracy. We explore a new design methodology that allows us to reduce the asymptotic cost by a factor of O(log n) (where n denotes the input string length). In our experiments, we observe up to an order-of-magnitude savings in time and bandwidth compared to the best prior results. We extended our semi-honest protocols to work in the malicious model, which is by-far the most efficient actively-secure protocols for computing these string metrics.

Multi-Party Computation in IoT for Privacy-Preservation

Abstract: Preservation of privacy has been a serious concern with the increasing use of IoT-assisted smart systems and their ubiquitous smart sensors. To solve the issue, the smart systems are being trained to depend more on aggregated data instead of directly using raw data. However, most of the existing strategies for privacy-preserving data aggregation, either depend on computation-intensive Homomorphic Encryption based operations or communication-intensive collaborative mechanisms. Unfortunately, none of the approaches are directly suitable for a resource-constrained IoT system. In this work, we leverage the concurrent-transmission-based communication technology to efficiently realize a Multi-Party Computation (MPC) based strategy, the well-known Shamir’s Secret Sharing (SSS), and optimize the same to make it suitable for real-world IoT systems.

Simple Approach to Realizing Verifiable Secret Sharing for Secure Cloud System

Abstract: In $(k, n)$ threshold secret sharing, a secret is converted into $n$ shares such that any threshold $k$ or more shares allow for the reconstruction of this secret; however, the total storage cost increases. By contrast, asymmetric secret sharing reduces the total shares to be stored. When implementing secret sharing in the cloud, if malicious players submit forged shares during the reconstruction process, the reconstructed value will differ from the original secret. Therefore, a method that quickly verifies the integrity of the restored secret should be developed. Many research papers investigate cheater detection/identification for $(k, n)$ threshold secret sharing. However, most of them require additional information, such as an authenticator. Harn et al. proposed a method for cheat detection using only the shares for $(k, n)$ threshold secret sharing. In this study, we improved and extended the method proposed by Harn et al. to realize the detection and identification of shares forgery (cheating) in asymmetric secret sharing suitable for a cloud system. The proposed method uses the shares generated during asymmetric secret sharing to reconstruct and verify the secret. We also included an attack that assumes a cloud system and shows that most methods cannot work against it. Finally, we discussed the requirements for a secret sharing scheme suitable for the cloud and showed that the proposed method is ideal for use in a cloud environment.

Fast Fully Secure Multi-Party Computation over Any Ring with Two-Thirds Honest Majority

Abstract: We introduce a new MPC protocol to securely compute any functionality over an arbitrary black-box finite ring (which may not be commutative), tolerating t < n/3 active corruptions whileguaranteeing output delivery (G.O.D.). Our protocol is based on replicated secret-sharing, whose share size is known to grow exponentially with the number of parties n. However, even though the internal storage and computation in our protocol remains exponential, the communication complexity of our protocol is constant, except for a light constant-round check that is performed at the end before revealing the output. Furthermore, the amortized communication complexity of our protocol is not only constant, but very small: only 1 + t-1 over n < 1 1/3 ring elements per party, per multiplication gate over two rounds of interaction. This improves over the state-of-the art protocol in the same setting by Furukawa and Lindell (CCS 2019), which has a communication complexity of 2 2/3 field elements per party, per multiplication gate and while achieving fairness only. As an alternative, we also describe a variant of our protocol which has only one round of interaction per multiplication gate on average, and amortized communication cost of ≤ 1 1/2 ring elements per party on average for any natural circuit. Motivated by the fact that efficiency of distributed protocols are much more penalized by high communication complexity than local computation/storage, we perform a detailed analysis together with experiments in order to explore how large the number of parties can be, before the storage and computation overhead becomes prohibitive. Our results show that our techniques are viable even for a moderate number of parties (e.g., n>10).