adaptive garbled ram from adaptive garbled ram from
play

Adaptive Garbled RAM from Adaptive Garbled RAM from Laconic - PowerPoint PPT Presentation

Nov 03, 2022 •118 likes •323 views

Adaptive Garbled RAM from Adaptive Garbled RAM from Laconic Oblivious Transfer Sanjam Garg Sanjam Garg Rafail Ostrovsky Rafail Ostrovsky Akshayaram Srinivasan Akshayaram Srinivasan UC Berkeley UCLA UC Berkeley Crypto 2018 Garbled RAM

  1. Adaptive Garbled RAM from Adaptive Garbled RAM from Laconic Oblivious Transfer Sanjam Garg Sanjam Garg Rafail Ostrovsky Rafail Ostrovsky Akshayaram Srinivasan Akshayaram Srinivasan UC Berkeley UCLA UC Berkeley Crypto 2018

  2. Garbled RAM Lu-Ostrovsky 13 Selective Security Long line of work [LO13, GHLOW14, GLOS15, GLO15, LO17]

  3. Adaptive Garbled RAM [Canetti-Chen-Holmgren-Raykova16, Ananth-Chen-Chung-Lin-Lin16] Can we construct Adaptive Garbled RAM from standard Can we construct Adaptive Garbled RAM from standard assumptions? Prior constructions were either in the random oracle model [BHR12] or based on indistinguishability obfuscation [CCHR16, ACCLL16]

  4. Why is Adaptive GRAM important? Motivated by the study of Adaptive Garbled Circuits [BHR12,BGG+14,HJO+16,JW16,JKK+17,JSW17,G S 18] Applications: One-time programs[GKR08], Online-offline 2PC[LR14], Verifiable Computation[GGP10], Adaptive Compact FE[AS16]

  5. Our Results

  6. Adaptive GRAM from Laconic OT Theorem: There exists a construction of Adaptive GRAM from Laconic Oblivious Transfer. Corollary [CDG+16,DG17,BLSV18,DGHM18]: There exists a construction of Adaptive GRAM based on CDH/Factoring/LWE. construction of Adaptive GRAM based on CDH/Factoring/LWE.

  7. Rest of the talk • Starting Point: Adaptive Garbled Circuits [Garg- S 18] • Challenges in Extending to the RAM setting • How to overcome the challenges?

  8. Adaptive Garbled Circuits [Garg-S 18]

  9. Alternate View of a Boolean Circuit

  10. Garbling Step Circuits Access the database via Laconic OT

  11. Updatable Laconic Oblivious Transfer [Cho-Dottling-Garg-Gupta-Miao-Polychroniadou 17] Database D Theorem[CDG+16,DG17,BLSV18,DGHM18]: Assuming CDH/Factoring/LWE, there exists a construction of updatable laconic OT.

  12. Using Laconic OT to access the database

  13. Challenges in the RAM setting Challenge-1: How to Challenge-1: How to protect the database? Access the database via Laconic OT Challenge-2: How to protect the access pattern? In the adaptive setting, more sophisticated tools are In the adaptive setting, more sophisticated tools are needed. In the selective setting [GHLOW14], transforming from unprotected memory access to full security is done via a ORAM scheme and symmetric encryption.

  14. Protecting the Database

  15. Prior Approaches: Location based Encryption Access the database via Laconic OT

  16. [GS18]- Hybrid Argument Real World: Hyb 1: K K K K K K K K Circularity assumptions. Hyb 2: Puncturing affects efficiency. Puncturing affects efficiency. Hyb 3: Hyb 3: . . . Ideal World:

  17. Our Approach: Timed Encryption Theorem: There is a construction of timed Encryption from one-way functions.

  18. Using Timed Encryption Access the database via Laconic OT

  19. Revisiting the Hybrid Argument Real World: Hyb 1: k[2] k[4] k[5] k[6] k[7] k[8] k[1] k[3] Ideal World:

  20. Conclusion • We give a construction of Adaptive Garbled RAM from CDH/Factoring/LWE. CDH/Factoring/LWE. • We obtain the first O(1) round malicious MPC for RAM programs in the persistent setting from standard assumptions. • Open question: Can we remove public-key assumptions? Thank you! https://eprint.iacr.org/2018/549

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Practical Garbled Circuit Optimizations Mike Rosulek Collaborators: David Evans / Vlad Kolesnikov

Practical Garbled Circuit Optimizations Mike Rosulek Collaborators: David Evans / Vlad Kolesnikov

Practical Garbled Circuit Optimizations Mike Rosulek Collaborators: David Evans / Vlad Kolesnikov / Payman Mohassel / Samee Zahur Garbled circuit framework [Yao86] Garbled circuit framework [Yao86] 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 1 1

2.19k views • 160 slides
Hashing Garbled Circuits for Free Xiong Fan, Chaya Ganesh and Vladimir Kolesnikov Motivation

Hashing Garbled Circuits for Free Xiong Fan, Chaya Ganesh and Vladimir Kolesnikov Motivation

Hashing Garbled Circuits for Free Xiong Fan, Chaya Ganesh and Vladimir Kolesnikov Motivation Garbled circuits (GC) main technique for secure computation Motivation Garbled circuits (GC) main technique for secure computation Primitive in

2k views • 188 slides
Stronger Security for Reusable Garbled Circuits, General Definitions and Attacks Shweta Agrawal

Stronger Security for Reusable Garbled Circuits, General Definitions and Attacks Shweta Agrawal

Stronger Security for Reusable Garbled Circuits, General Definitions and Attacks Shweta Agrawal IIT Madras Garbled Circuits (Yao 86) Garble Circuit C: Garble(C; R) Encode Input x: Encode(x; R) Decode: ( ) = ( ) C x C x

884 views • 23 slides
Multiple Access garbled garbled what if the moderator what if the moderator s connection

Multiple Access garbled garbled what if the moderator what if the moderator s connection

What is it all about? Some simple solutions Consider an audioconference where Consider an audioconference where Use a moderator Use a moderator if one person speaks, all can hear if one person speaks, all can hear a speaker must

451 views • 10 slides
On Garbled Circuits Ignacio Navarro Imperial College London Department of Computing Supervisor:

On Garbled Circuits Ignacio Navarro Imperial College London Department of Computing Supervisor:

On Garbled Circuits Ignacio Navarro Imperial College London Department of Computing Supervisor: Mahdi Cheraghchi June 2018 Abstract A very useful cryptographic tool is to allow distrusting parties to jointly compute a function revealing the

1.03k views • 84 slides
k -Round Multiparty Computation from k -Round Oblivious Transfer via Garbled Interactive Circuits

k -Round Multiparty Computation from k -Round Oblivious Transfer via Garbled Interactive Circuits

k -Round Multiparty Computation from k -Round Oblivious Transfer via Garbled Interactive Circuits Fabrice Benhamouda Huijia (Rachel) Lin IBM Research / Columbia University, US University of California, Santa Barbara, US Eurocrypt 2018, May 1,

1.03k views • 85 slides
SFE: Yaos Garbled Circuit Oblivious Transfer IDEAL World Pick one out of two, without

SFE: Yaos Garbled Circuit Oblivious Transfer IDEAL World Pick one out of two, without

SFE: Yaos Garbled Circuit Oblivious Transfer IDEAL World Pick one out of two, without revealing which Intuitive property: OT transfer partial A:up, B:down A up I need just information All 2 of one them! But cant

432 views • 20 slides
Structured Encryption Seny Kamara Microsoft Research Lei Wei University of North Carolina

Structured Encryption Seny Kamara Microsoft Research Lei Wei University of North Carolina

Garbled Circuits via Structured Encryption Seny Kamara Microsoft Research Lei Wei University of North Carolina Garbled Circuits Fundamental cryptographic primitive Possess many useful properties Homomorphic Functional General-purpose

918 views • 23 slides
From passivity-based adaptive control to LMI tuned adaptive control or how Alexander Fradkov

From passivity-based adaptive control to LMI tuned adaptive control or how Alexander Fradkov

From passivity-based adaptive control to LMI tuned adaptive control or how Alexander Fradkov convinced me that direct adaptive control can be robust Dimitri Peaucelle FRontiers of ADaptive and nonlinear CONtrol (FRADCON 2018) ECC Workshop,

628 views • 19 slides
FREE IF : HOW TO OMIT INACTIVE BRANCHES AND IMPLEMENT S-UNIVERSAL GARBLED CIRCUIT ALMOST FOR

FREE IF : HOW TO OMIT INACTIVE BRANCHES AND IMPLEMENT S-UNIVERSAL GARBLED CIRCUIT ALMOST FOR

FREE IF : HOW TO OMIT INACTIVE BRANCHES AND IMPLEMENT S-UNIVERSAL GARBLED CIRCUIT ALMOST FOR FREE V L A D KO L E S N I KO V G E O R G I A T E C H HIGH-LEVEL OVERVIEW OF THE RESULT f 1 (x,y) f 2 (x,y) f 3 (x,y) f 30 (x,y) c Sel In GC,

559 views • 18 slides
Parents interpretations of report cards: Garbled in transmission? Dr. Darryl Hunter Faculty of

Parents interpretations of report cards: Garbled in transmission? Dr. Darryl Hunter Faculty of

Parents interpretations of report cards: Garbled in transmission? Dr. Darryl Hunter Faculty of Education Department of Policy Studies University of Alberta Report card marks: Why important? Report card notations are important representations

557 views • 26 slides
Secure 2-Party Computation Lecture 14 Yao s Garbled Circuit RECALL SIM-Secure MPC F F

Secure 2-Party Computation Lecture 14 Yao s Garbled Circuit RECALL SIM-Secure MPC F F

Secure 2-Party Computation Lecture 14 Yao s Garbled Circuit RECALL SIM-Secure MPC F F proto proto iface iface Secure (and correct) if: s.t. output of is distributed Env Env identically in REAL IDEAL REAL and

1.28k views • 126 slides
Secure 2-Party Computation Lecture 14 Yao s Garbled Circuit RECALL SIM-Secure MPC F F

Secure 2-Party Computation Lecture 14 Yao s Garbled Circuit RECALL SIM-Secure MPC F F

Secure 2-Party Computation Lecture 14 Yao s Garbled Circuit RECALL SIM-Secure MPC F F proto proto iface iface Secure (and correct) if: s.t. output of is distributed Env Env identically in REAL IDEAL REAL and

1.33k views • 102 slides
Group Sequential and Adaptive Designs Part II: Adaptive Designs May 2, 2015 Cyrus Mehta, Ph.D.

Group Sequential and Adaptive Designs Part II: Adaptive Designs May 2, 2015 Cyrus Mehta, Ph.D.

Group Sequential and Adaptive Designs Part II: Adaptive Designs May 2, 2015 Cyrus Mehta, Ph.D. Cytel Inc. Adaptive Designs Adaptive designs are defined as: changes in design or analyses guided by examination of the accumulated

1.11k views • 64 slides
Yaos Garbled Circuits Recent Directions and Implementations Pete Snyder Outline 1. Context

Yaos Garbled Circuits Recent Directions and Implementations Pete Snyder Outline 1. Context

Yaos Garbled Circuits Recent Directions and Implementations Pete Snyder Outline 1. Context 2. Security definitions 3. Oblivious transfer 4. Yaos original protocol 5. Security improvements 6. Performance improvements 7.

1.05k views • 73 slides
Neural Nets for Adaptive Filter and Adaptive Neural Nets as Adaptive Filters Pattern Recognition

Neural Nets for Adaptive Filter and Adaptive Neural Nets as Adaptive Filters Pattern Recognition

Neural Nets for Adaptive Filter and Adaptive Pattern Recognition Brian Young Article Context Neural Nets for Adaptive Filter and Adaptive Neural Nets as Adaptive Filters Pattern Recognition Adaptive Filters Min. Disturb. and LMS

976 views • 23 slides
Lecture 7 Introduction to Neural Networks Julia Hockenmaier juliahmr@illinois.edu 3324

Lecture 7 Introduction to Neural Networks Julia Hockenmaier juliahmr@illinois.edu 3324

CS447: Natural Language Processing http://courses.engr.illinois.edu/cs447 Lecture 7 Introduction to Neural Networks Julia Hockenmaier juliahmr@illinois.edu 3324 Siebel Center Lecture 7: Introduction to Neural Networks : 1 t r a

669 views • 28 slides
Retrospective review of a blood culture identification panel implementation and its impact on

Retrospective review of a blood culture identification panel implementation and its impact on

Retrospective review of a blood culture identification panel implementation and its impact on antimicrobial therapy by organism morphology Colton Michael Taylor PGY1 Pharmacy Resident Providence Alaska Medical Center IRB Approval Received

565 views • 19 slides
Lecture 2: N-gram Kai-Wei Chang CS @ University of Virginia kw@kwchang.net Couse webpage:

Lecture 2: N-gram Kai-Wei Chang CS @ University of Virginia kw@kwchang.net Couse webpage:

Lecture 2: N-gram Kai-Wei Chang CS @ University of Virginia kw@kwchang.net Couse webpage: http://kwchang.net/teaching/NLP16 CS 6501: Natural Language Processing 1 This lecture Language Models What are N-gram models? How to use

842 views • 45 slides
N-gram Language Models CMSC 470 Marine Carpuat Slides credit: Jurasky & Martin Roadmap

N-gram Language Models CMSC 470 Marine Carpuat Slides credit: Jurasky & Martin Roadmap

N-gram Language Models CMSC 470 Marine Carpuat Slides credit: Jurasky & Martin Roadmap Language Models Our first example of modeling sequences n-gram language models How to estimate them? How to evaluate them? Neural

673 views • 38 slides
NLP Programming Tutorial 2 - Bigram Language Models Graham Neubig Nara Institute of Science and

NLP Programming Tutorial 2 - Bigram Language Models Graham Neubig Nara Institute of Science and

NLP Programming Tutorial 2 Bigram Language Model NLP Programming Tutorial 2 - Bigram Language Models Graham Neubig Nara Institute of Science and Technology (NAIST) 1 NLP Programming Tutorial 2 Bigram Language Model Review:

427 views • 19 slides
Energy and Climate Brian Chase - Fermilab Saturday Morning Physics ENERGY BASICS What is

Energy and Climate Brian Chase - Fermilab Saturday Morning Physics ENERGY BASICS What is

Energy and Climate Brian Chase - Fermilab Saturday Morning Physics ENERGY BASICS What is energy? mass and energy can convert back and forth the ability to do work SI unit is the Joule ENERGY BASICS What is energy? Ways to

713 views • 40 slides
ANLP Lecture 6 N-gram models and smoothing Sharon Goldwater (some slides from Philipp Koehn) 26

ANLP Lecture 6 N-gram models and smoothing Sharon Goldwater (some slides from Philipp Koehn) 26

ANLP Lecture 6 N-gram models and smoothing Sharon Goldwater (some slides from Philipp Koehn) 26 September 2019 Sharon Goldwater ANLP Lecture 6 26 September 2019 Recap: N -gram models We can model sentence probs by conditioning each word

556 views • 42 slides
Ego State Model Transactional Analysis Ego States P A C VISIONS Inc. Transactional Analysis

Ego State Model Transactional Analysis Ego States P A C VISIONS Inc. Transactional Analysis

Ego State Model Transactional Analysis Ego States P A C VISIONS Inc. Transactional Analysis Ego States Critic ical Parent Nurturin ring Parent Adult Adap apted d Chil ild Compliant Free Chil ild Rebellious VISIONS Inc.

409 views • 6 slides

More recommend