concretely efficient la large sc scale m mpc wi with th
play

Concretely Efficient La Large-Sc Scale M MPC wi with th Acti - PowerPoint PPT Presentation

Oct 15, 2022 β€’163 likes β€’398 views

Concretely Efficient La Large-Sc Scale M MPC wi with th Acti tive Securi rity ty (or (or, Ti TinyKeys fo for Ti TinyOT) ) Carmit Hazay, Emmanuela Orsini, Peter Scholl and Eduardo Soria-Vazquez La Large-Sc Scale MP MPC Current

  1. Concretely Efficient La Large-Sc Scale M MPC wi with th Acti tive Securi rity ty (or (or, Ti TinyKeys fo for Ti TinyOT) ) Carmit Hazay, Emmanuela Orsini, Peter Scholl and Eduardo Soria-Vazquez

  2. La Large-Sc Scale MP MPC Current practical MPC doesn’t Growing number of users want to compute privately and jointly . scale well for large numbers of parties. Outsource? Fixed set Sample a of parties committee 1229 farmers +6000 relays (auction) (statistics) Eduardo Soria-Vazquez 2

  3. MP MPC C setting in this talk Main focus: β€’ Concrete efficiency for large numbers of parties Preprocessing (e.g. π‘œ in 10s, 100s). Adversary: corr. β€’ Static, active . rand. β€’ Dishonest majority , but not full threshold ! a b β€’ Assume β„Ž > 1 honest parties to increase efficiency. Online Model of Computation: c d β€’ Boolean circuits. β€’ Preprocessing phase. Eduardo Soria-Vazquez 3

  4. Ou Our resu sults New TinyOT-style protocol (actively secure, dishonest majority) exploiting more honest parties: v Up to 34x less communication compared with [WRK17]’s TinyOT with π‘œ βˆ’ 1 corruptions. v Up to 18x less communication compared with [WRK17]’s TinyOT mixed with committees ( β„Ž > 1 honest parties). v Good improvements (2-6x less comm) with just 10% honest parties . Eduardo Soria-Vazquez 4

  5. Ho How to to scale ale Tin inyOT

  6. Th The Ti TinyOT pr protocol [NNOB12] β€’ Based on additive secret sharing: 𝑦 = 𝑦 ) + 𝑦 + . β€’ Multiplications computed using Beaver’s triples: ( 𝐲 , 𝐳 , 𝐲𝐳 ) . β€’ Active security: Information-theoretic MACs (authenticated bits). Eduardo Soria-Vazquez 6

  7. Th The Ti TinyOT pr protocol [NNOB12] β€’ Based on additive secret sharing: 𝑦 = 𝑦 ) + 𝑦 + . β€’ Multiplications computed using Beaver’s triples: ( 𝐲 , 𝐳 , 𝐲𝐳 ) . β€’ Active security: Information-theoretic MACs (authenticated bits). 𝑛[𝑦 ) ] = 𝑙[𝑦 ) ] + 𝑦 ) Β· βˆ† 𝑦 ) , 𝑛 𝑦 ) 𝑦 ) ∈ {0,1} βˆ†, 𝑙 𝑦 ) ∈ 0,1 )+4 𝑛 𝑦 ) ∈ 0,1 )+4 Eduardo Soria-Vazquez 7

  8. Th The Ti TinyOT pr protocol [NNOB12] β€’ Based on additive secret sharing: 𝑦 = 𝑦 ) + 𝑦 + . β€’ Multiplications computed using Beaver’s triples: ( 𝐲 , 𝐳 , 𝐲𝐳 ) . β€’ Active security: Information-theoretic MACs (authenticated bits). 𝑛[𝑦 + ] = 𝑙[𝑦 + ] + 𝑦 + Β· βˆ† 𝑦 + , 𝑛 𝑦 + 𝑦 + ∈ {0,1} βˆ†, 𝑙 𝑦 + ∈ 0,1 )+4 𝑛 𝑦 + ∈ 0,1 )+4 Eduardo Soria-Vazquez 8

  9. Mu Multi-Pa Party Ti TinyOT Eduardo Soria-Vazquez 9

  10. Th The Ti TinyOT pr protocol [NNOB12] β€’ Based on additive secret sharing: 𝑦 = 𝑦 ) + 𝑦 + . β€’ Multiplications computed using Beaver’s triples: ( 𝐲 , 𝐳 , 𝐲𝐳 ) . β€’ Active security: Information-theoretic MACs (authenticated bits). 𝑛[𝑦 ) ] = 𝑙[𝑦 ) ] + 𝑦 ) Β· βˆ† 𝑦 ) + 1, 𝑛 𝑦 ) + βˆ† 𝑦 ) ∈ {0,1} βˆ†, 𝑙 𝑦 ) ∈ 0,1 )+4 𝑛 𝑦 ) ∈ 0,1 )+4 Eduardo Soria-Vazquez 10

  11. Th The Ti TinyOT pr protocol [NNOB12] β€’ Based on additive secret sharing: 𝑦 = 𝑦 ) + 𝑦 + . β€’ Multiplications computed using Beaver’s triples: ( 𝐲 , 𝐳 , 𝐲𝐳 ) . β€’ Active security: Information-theoretic MACs (authenticated bits). 𝑛[𝑦 ) ] = 𝑙[𝑦 ) ] + 𝑦 ) Β· βˆ† 𝑛 𝑦 ) + βˆ† 𝑦 ) + 1, 𝑦 ) ∈ {0,1} βˆ†, 𝑙 𝑦 ) ∈ 0,1 β„“ β„“ β‰ͺ 128 𝑛 𝑦 ) ∈ 0,1 β„“ Eduardo Soria-Vazquez 11

  12. Th The Ti TinyOT pr protocol [NNOB12] β€’ Based on additive secret sharing: 𝑦 = 𝑦 ) + 𝑦 + . β€’ Multiplications computed using Beaver’s triples: ( 𝐲 , 𝐳 , 𝐲𝐳 ) . β€’ Active security: Information-theoretic MACs (authenticated bits). 𝑛[𝑦 ) ] = 𝑙[𝑦 ) ] + 𝑦 ) Β· βˆ† βˆ†, 𝑙 𝑦 ) ∈ 0,1 β„“ β„“ β‰ͺ 128 𝑦 ) ∈ {0,1} βˆ†, 𝑙 𝑦 ) ∈ 0,1 β„“ β„“ Β· β„Ž β‰₯ 𝑑 𝑛 𝑦 ) ∈ 0,1 β„“ Eduardo Soria-Vazquez 12

  13. Co Commi mmittees s + + Ti TinyOT + + Short Keys Eduardo Soria-Vazquez 13

  14. Co Commi mmittees s + + Ti TinyOT + + Short Keys Short keys h honest Additive shares 1 honest Eduardo Soria-Vazquez 14

  15. The problem with short MACs Th 𝐳 ∈ 0,1 B 𝐲 ∈ 0,1 B 𝑠× Triple 𝑦 ) 𝑧 ) + 𝑑 ) , … , 𝑦 B 𝑧 B + 𝑑 B 𝑑 ) , … , 𝑑 B ( 𝐲 , 𝐳 , 𝐲𝐳 ) 𝑀 𝒛 β‰ˆ 𝐼 βˆ† + 𝒛 𝑧 ) , … , 𝑧 B ∈ {0,1} 𝑦 ) , … , 𝑦 B ∈ 0,1 βˆ† ∈ 0,1 β„“ 𝑛 𝑦 ) , … , 𝑛 𝑦 B ∈ 0,1 β„“ 𝑙 𝑦 ) , … , 𝑙 𝑦 B ∈ 0,1 β„“ 𝑑 ) , … , 𝑑 B ∈ 𝒱( 0,1 ) Only πŸ‘ β„“ possible values for 𝚬 ! β„“ as small as 1 ! Eduardo Soria-Vazquez 15

  16. οΏ½ Leakage gets worse… … 𝒛 𝟐 𝒛 π’Š π’š π’š 𝑠× Triple 𝑠× Triple , . . . , ( 𝐲 , 𝐳 , 𝐲𝐳 ) ( 𝐲 , 𝐳 , 𝐲𝐳 ) 𝑀 𝒛 𝟐 β‰ˆ 𝐼 βˆ† ) + 𝒛 𝟐 𝑀 𝒛 π’Š β‰ˆ 𝐼 βˆ† X + 𝒛 π’Š 𝑀 𝒛 𝟐 + β‹― + 𝒛 π’Š = S 𝐼 βˆ† 𝒋 + 𝒛 𝒋 β‰ˆ VW) ..X Eduardo Soria-Vazquez 16

  17. Wha What is s Ti TinyKeys? ? [HO HOSS18] 18] β€’ New tool for large-scale MPC (more honesty β‡’ s horter keys). β€’ Base security on the concatenation of honest parties’ keys. [BM17] [Kir11] [Saa07] [FS09] [BLN+09] β€’ Security reduces to Regular Syndrome Decoding : [BJMM12] [MO15] [BLP08] β€’ Not much easier than Syndrome Decoding ⇔ LPN. [MMT11] [CJ04] [NCB11] [MS09] [BLP11] β€’ Params: # products 𝑠 , key length β„“ , # honest parties β„Ž . β€’ Statistically hard for small 𝑠 /large β„Ž . Eduardo Soria-Vazquez 17

  18. Wha Pr Problems with Ti What is s Ti TinyKeys? TinyKeys [H ? [HO HOSS18] [HOSS18] 18] 18] β€’ New tool for large-scale MPC (more honesty β‡’ s horter keys). β€’ Base security on the concatenation of honest parties’ keys. β€’ Security reduces to Regular Syndrome Decoding : β€’ Not much easier than syndrome decoding ⇔ LPN. β€’ Params: # products 𝑠 , key length β„“ , # honest parties β„Ž . β€’ Params: # products 𝑠 , key length β„“ , # honest parties β„Ž . β€’ Statistically hard for small 𝑠 /large β„Ž . Eduardo Soria-Vazquez 18

  19. Problems with Ti Pr TinyKeys [H [HOSS18] 18] β€’ Params: # products 𝒔 , key length β„“ , # honest parties β„Ž . β€’ A single βˆ† can only be used to produce r triples! β€’ Solution: Use different ones for every r triples: βˆ† [^,B) , βˆ† [B,+B) , … Secure method for switching: βˆ† ^,B β†’ βˆ† , βˆ† [B,+B) β†’ βˆ† , … β€’ Best bucketing technique cannot apply (mult. overhead: 𝐢 ). β€’ Solution: Use previous bucketing techniques (mult. overhead: B + ). β€’ Still worth! 𝐢 ∈ {3,4} in practice. Eduardo Soria-Vazquez 19

  20. Commu Co mmunication comp mplexity y (400 (400 part rties) s) 350 300 250 Comm. (megabits/AND triple) Standard [WRK17] 200 [WRK17] + Committee 150 This Work 100 50 0 1 10 20 30 40 50 60 70 80 90 100 110 120 # honest parties Eduardo Soria-Vazquez 20

  21. Co Conclusi sion and fu future directions β€’ First extension of TinyKeys [HOSS18] to the active setting . β€’ Take-away: Large-scale requires different/new techniques (bucketing, MACs). β€’ Improved TinyOT with 30+ parties. β€’ Up to 18x in communication (vs multiparty [WRK17] + committees). β€’ Significant improvements ( 2-6x ) with as little as 10% honest parties. Future challenges: β€’ Optimize TinyKeys: More cryptanalysis (conservative parameters atm). β€’ Adaptive adversaries? Actively secure TinyKeys-BMR [HOSS18]? Eduardo Soria-Vazquez 21

  22. Th Thank you! Questions? Paper: https://ia.cr/2018/843 [Full version] Concretely Efficient Large-Scale MPC with Active Security (or, TinyKeys for TinyOT) Carmit Hazay, Emmanuela Orsini, Peter Scholl and Eduardo Soria-Vazquez Mail: eduardo.soria-vazquez@bristol.ac.uk Eduardo Soria-Vazquez 22

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Efficient Large-Scale Graph Processing on Hybrid CPU and GPU Systems A. Gharaibeh, E.

Efficient Large-Scale Graph Processing on Hybrid CPU and GPU Systems A. Gharaibeh, E.

Efficient Large-Scale Graph Processing on Hybrid CPU and GPU Systems A. Gharaibeh, E. Santos-Neto, L. Costa, M. Ripeanu. IEEE TPC, 2014 Sami (sa894) - R244: Large-scale data processing and optimization Efficient Large-Scale Graph Processing on

381 views β€’ 25 slides
Efficient and Accurate Clustering for Large-Scale Genetic Mapping *,++ *, * V.

Efficient and Accurate Clustering for Large-Scale Genetic Mapping *,++ *, * V.

Efficient and Accurate Clustering for Large-Scale Genetic Mapping *,++ *, * V. Strnadov (Neeley ) , Aydn Bulu , Jarrod Chapman , Joseph Gonzalez , ++ *,, * John Gilbert , Stefanie Jegelka , Daniel Rokhsar

821 views β€’ 56 slides
Efficient Large Scale 3D Reconstruction (Wenbing Tao) School of Automation, Institute

Efficient Large Scale 3D Reconstruction (Wenbing Tao) School of Automation, Institute

, Efficient Large Scale 3D Reconstruction (Wenbing Tao)

1.11k views β€’ 73 slides
Semantic URL Analytics to Support Efficient Annotation of Large Scale Web Archives Tarcsio

Semantic URL Analytics to Support Efficient Annotation of Large Scale Web Archives Tarcsio

Semantic URL Analytics to Support Efficient Annotation of Large Scale Web Archives Tarcsio Souza 1 , Elena Demidova 1 , Thomas Risse 1 , Helge Holzmann 1 , Gerhard Gossen 1 and Julian Szymanski 2 L3S Research Center, Hannover, Germany 1 Gdansk

525 views β€’ 16 slides
Context for Efficient Recognition from Large-Scale Topographic Map Series Johannes H. Uhl 1

Context for Efficient Recognition from Large-Scale Topographic Map Series Johannes H. Uhl 1

ICC 2017 Washington D.C, USA July 02-07, 2017 Implementing the Concept of Geographic Context for Efficient Recognition from Large-Scale Topographic Map Series Johannes H. Uhl 1 Research Team: Stefan Leyk 1 , Yao-Yi Chiang 2 , Weiwei Duan 3 ,

1.25k views β€’ 87 slides
Efficient Determination of the Hyperparameter via L-curve in Large Scale Least Squares and Total

Efficient Determination of the Hyperparameter via L-curve in Large Scale Least Squares and Total

Efficient Determination of the Hyperparameter via L-curve in Large Scale Least Squares and Total Least Squares Problems Jrg Lampe joerg.lampe@tuhh.de Hamburg University of Technology Institute of Numerical Simulation Joint work with

588 views β€’ 39 slides
Efficient Communication Library for Large-Scale Deep Learning Mar 26, 2018 Minsik Cho

Efficient Communication Library for Large-Scale Deep Learning Mar 26, 2018 Minsik Cho

IBM Research AI Efficient Communication Library for Large-Scale Deep Learning Mar 26, 2018 Minsik Cho (minsikcho@us.ibm.com) Deep Learning changing Our Life Automotive/transportation Medicine and Biology Security/public safety Consumer Web,

342 views β€’ 19 slides
Efficient parsing with a large-scale unification-based grammar Lessons from a multi-year,

Efficient parsing with a large-scale unification-based grammar Lessons from a multi-year,

0. Efficient parsing with a large-scale unification-based grammar Lessons from a multi-year, multi-team endeavour Liviu Ciortuz Department of Computer Science University of Iasi, Romania ALEAR Workshop, FP7 E.U. Project Humbold

947 views β€’ 76 slides
FINANCING LARGE SCALE SOLAR Large Scale Solar Conference - Sydney Gloria Chan Director, Large

FINANCING LARGE SCALE SOLAR Large Scale Solar Conference - Sydney Gloria Chan Director, Large

FINANCING LARGE SCALE SOLAR Large Scale Solar Conference - Sydney Gloria Chan Director, Large Scale Solar Lead April 2017 CONTENTS 1. Introduction to CEFC 2. Investment trends 3. The future of large scale solar 4. Pathway to sustainable

664 views β€’ 21 slides
Scalable and Memory-Efficient Clustering of Large-Scale Social Networks Joyce Jiyoung Whang, Xin

Scalable and Memory-Efficient Clustering of Large-Scale Social Networks Joyce Jiyoung Whang, Xin

Scalable and Memory-Efficient Clustering of Large-Scale Social Networks Joyce Jiyoung Whang, Xin Sui, Inderjit S. Dhillon Department of Computer Science The University of Texas at Austin IEEE International Conference on Data Mining (ICDM)

536 views β€’ 37 slides
Efficient Entity Annotation for Large Scale Web Archives Elena Demidova, Julian Szymanski, Sergej

Efficient Entity Annotation for Large Scale Web Archives Elena Demidova, Julian Szymanski, Sergej

Efficient Entity Annotation for Large Scale Web Archives Elena Demidova, Julian Szymanski, Sergej Zerr and Karol Draszawka L3S Research Center, Hannover, Germany, Gdansk University of Technology, Faculty of Electronics, Telecommunications and

309 views β€’ 10 slides
Efficient Implementation of Large Scale Lyapunov and Riccati Equation Solvers Jens Saak joint

Efficient Implementation of Large Scale Lyapunov and Riccati Equation Solvers Jens Saak joint

LRCF Newton Method for the ARE Reordering Strategies ADI Shift Parameters Column Compression for the LRCF Generalized Systems Conclusions and Outlook Efficient Implementation of Large Scale Lyapunov and Riccati Equation Solvers Jens Saak

548 views β€’ 52 slides
eCAMBer: efficient support for large-scale comparative analysis of multiple bacterial strains

eCAMBer: efficient support for large-scale comparative analysis of multiple bacterial strains

Introduction Methodology Results Summary eCAMBer: efficient support for large-scale comparative analysis of multiple bacterial strains Michal Wozniak 1 , 2 , Limsoon Wong 2 and Jerzy Tiuryn 1 1 University of Warsaw 2 National University of

517 views β€’ 26 slides
Efficient Large-Scale Graph Processing on Hybrid CPU and GPU Systems Abdullah Gharaibeh, Elizeu

Efficient Large-Scale Graph Processing on Hybrid CPU and GPU Systems Abdullah Gharaibeh, Elizeu

Efficient Large-Scale Graph Processing on Hybrid CPU and GPU Systems Abdullah Gharaibeh, Elizeu Santos-Neto, Lauro Costa and Matei Ripeanu Reviewer: Varun Gandhi (vg292) Computer Laboratory CPU-GPU Hybrid Systems One of the fastest desktop CPU

579 views β€’ 14 slides
HaLoop: Efficient Iterative Data Processing On Large Scale Clusters Yingyi Bu, UC Irvine Horizon

HaLoop: Efficient Iterative Data Processing On Large Scale Clusters Yingyi Bu, UC Irvine Horizon

HaLoop: Efficient Iterative Data Processing On Large Scale Clusters Yingyi Bu, UC Irvine Horizon http://clue.cs.washington.edu/ Bill Howe, UW Magda Balazinska, UW Michael Ernst, UW Award IIS 0844572 Cluster Exploratory (CluE) QuickTime

579 views β€’ 41 slides
ERIDIS: Energy-efficient Reservation Infrastructure for large-scale DIstributed Systems

ERIDIS: Energy-efficient Reservation Infrastructure for large-scale DIstributed Systems

ERIDIS: Energy-efficient Reservation Infrastructure for large-scale DIstributed Systems Anne-Ccile Orgerie ENS de LYON, FRANCE annececile.orgerie@ens-lyon.fr 31 st May 2011, GreenDays, Paris, France Internet + data centers global consumption

1.09k views β€’ 53 slides
Horses were used there for cultivation and transport in the Rikers ownership era & later by

Horses were used there for cultivation and transport in the Rikers ownership era & later by

Horses were used there for cultivation and transport in the Rikers ownership era & later by Correction at its inmate farm. The isle was a Civil War Union camp. Then too horses provided pull-power and transport. Above : Mounted officer at

299 views β€’ 13 slides
Towards Robust Detection of Adversarial Examples Tianyu Pang, Chao Du, Yinpeng Dong

Towards Robust Detection of Adversarial Examples Tianyu Pang, Chao Du, Yinpeng Dong

Towards Robust Detection of Adversarial Examples Tianyu Pang, Chao Du, Yinpeng Dong and Jun Zhu Department of Computer Science and Technology Tsinghua University TSAIL NeurIPS | 2018 Adversarial Examples From

590 views β€’ 10 slides
September 25 - Increasing Park Access & Amusements The Gift That Altered the Parks

September 25 - Increasing Park Access & Amusements The Gift That Altered the Parks

t o r y o f A H i s Golden Gate Park Fromm Institute - Fall 2019 - John Freeman September 25 - Increasing Park Access & Amusements The Gift That Altered the Parks Original Concept Gifted: 1877, Completed: 1878-9 James Lick

180 views β€’ 14 slides
Practical Promises As opposed to impractical promises 1 what is asynchronous code? Asynchronous

Practical Promises As opposed to impractical promises 1 what is asynchronous code? Asynchronous

Practical Promises As opposed to impractical promises 1 what is asynchronous code? Asynchronous (aka async ) just means: takes some time or happens in the future, not right now and JavaScript won't wait for it. 3 what is

277 views β€’ 27 slides
Assessment of donkey body lesions and work types using the Brookes Standardised Equine Based

Assessment of donkey body lesions and work types using the Brookes Standardised Equine Based

Assessment of donkey body lesions and work types using the Brookes Standardised Equine Based Welfare Assessment Tool (SEBWAT) in Kenya James Kithuka Brooke East Africa james.kithuka@thebrooke.org Background 2 Brooke EA is a branch of the

726 views β€’ 24 slides
Proverbs Series Lesson #006 February 3, 2013 Dean Bible Ministries www.deanbible.org Dr.

Proverbs Series Lesson #006 February 3, 2013 Dean Bible Ministries www.deanbible.org Dr.

Proverbs Series Lesson #006 February 3, 2013 Dean Bible Ministries www.deanbible.org Dr. Robert L. Dean, Jr. Since this is superbowl Sunday.... Prov. 14:12. There is a way that seems right to a man, But its end is the way of death.

608 views β€’ 33 slides
Lecturer: Mr. Michael Allotey Contact Information: mallotey@ug.edu.gh School of Information and

Lecturer: Mr. Michael Allotey Contact Information: mallotey@ug.edu.gh School of Information and

Lecturer: Mr. Michael Allotey Contact Information: mallotey@ug.edu.gh School of Information and Communication Studies Department of Information Studies Second Semester (2018-2019) Lecture Overview This lecture covers safety and security issues

680 views β€’ 34 slides
Access Control and Protection Overview Access control: What and Why Abstract Models of

Access Control and Protection Overview Access control: What and Why Abstract Models of

Access Control and Protection Overview Access control: What and Why Abstract Models of Access Control Discretionary acces control Mandatory access control Real systems: Unix Access Control Model Access control Access

817 views β€’ 47 slides

More recommend