modes of operations for computing on encrypted data
play

Modes of operations for computing on encrypted data Dragos Rotaru, - PowerPoint PPT Presentation

Jan 27, 2024 •31 likes •471 views

FSE 2018 Modes of operations for computing on encrypted data Dragos Rotaru, N.P. Smart, and Martijn Stam KU Leuven, University of Bristol 1 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering Multiparty computation

  1. FSE 2018 Modes of operations for computing on encrypted data Dragos Rotaru, N.P. Smart, and Martijn Stam KU Leuven, University of Bristol 1 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  2. Multiparty computation hijacks FSE’18 a c b Goal : Compute F(a, b, c) Dragos Rotaru 2 2 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  3. What is the problem? 3 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  4. What is the problem? 42 42 42 42 4 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  5. What is the problem? 42 42 42 42 Enc Enc Enc 5 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  6. What is the problem? 42 42 42 Enc(42) 6 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  7. What is the problem? 42 42 42 Enc(42) 7 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  8. What is the problem? 42 42 42 Tag(E(42)) Enc(42) 8 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  9. What is the problem? For free: detect malicious encryption keys. Tag(E(42)) Enc(42) 9 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  10. Prior work – PRFs in MPC (CCS’16) Tag(Enc(42)) Enc(42) - MiMC - Legendre PRF 10 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  11. Prior work – PRFs in MPC (CCS’16) Tag(Enc(42)) Enc(42) M[1] Enc 11 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  12. Prior work – PRFs in MPC (CCS’16) Tag(Enc(42)) Enc(42) M[1] M[2] + Enc Enc 12 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  13. Prior work – PRFs in MPC (CCS’16) Tag(Enc(42)) Enc(42) M[1] M[2] M[3] + + Enc Enc Enc 13 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  14. Prior work – PRFs in MPC (CCS’16) Tag(Enc(42)) Enc(42) M[1] M[2] M[3] M[4] + + + Tag Enc Enc Enc Enc 14 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  15. What we have done [42] Enc(42) Tag(42) • Analyze AE in Multiparty Computation (MPC). • Useful MPC happens in Fp => Need AE and PRFs modp. • Look for parallel AE: CTR+PMAC, OTR. 15 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  16. The story This Photo by Unknown Author is licensed under CC BY-NC-ND 16 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  17. The story ‘You take the blue pill— the story ends, you wake up in your bed and believe whatever you want to believe. You take the red pill — you stay in Wonderland, and I show you how deep the rabbit hole goes.’ 17 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  18. The story ‘You take the blue pill— the story ends, you wake up in your bed and believe whatever you want to believe. You take the red pill — you stay in Wonderland, and I show you how deep the rabbit hole goes.’ 18 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  19. Down the rabbit hole - MPC with Secret Sharing 𝑦 ← 𝑦 2 𝑦 = 𝑦 1 + ⋯ + 𝑦 𝑜 𝑦 ← 𝑦 1 Each 𝑄 𝑗 has 𝑦 ← 𝑦 𝑗 𝑦 ← 𝑦 3 19 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  20. MPC Preprocessing Phase Generate triples [c] = [a][b] 20 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  21. MPC Preprocessing Phase Generate triples [c] = [a][b] 21 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  22. MPC Preprocessing Phase 22 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  23. MPC Preprocessing Phase 23 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  24. MPC Online Phase Use Triples. 24 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  25. MPC Online Phase Use Triples. 25 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  26. MPC Circuit Evaluation X Z Y Z X Y 26 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  27. MPC Circuit Evaluation Z X Y 27 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  28. MPC Circuit Evaluation Z X Y 28 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  29. MPC Circuit Evaluation Z X Y 29 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  30. MPC Circuit Evaluation 3 triples. 2 comm. rounds Z X Y 30 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  31. Tweak your encryption to MPC Reveal 31 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  32. Tweak your encryption to MPC 32 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  33. Tweak your encryption to MPC 33 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  34. How-to compute PMAC 34 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  35. Let’s do AE with CTR+pPMAC 35 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  36. Let’s do AE with CTR+pPMAC 36 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  37. When ideal meets real 37 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  38. When ideal meets real – surprise! 38 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  39. When ideal meets real – surprise! Legendre MiMC 39 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  40. Other competitive modes 40 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  41. Other competitive modes 41 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  42. Some open problems • Preprocessing scales linearly in terms of number of message blocks - roughly n PRFs for n messages. • Number of rounds of a cipher vs. multiplicative depth in MPC. 42 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  43. Thank you! 43 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

  44. Thank you! • Questions? 44 Dragos Rotaru , N.P. Smart, M. Stam imec-Cosic, Dept. Electrical Engineering

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Secure Outsourcing Computation Li Xiong Outline Cloud computing Computing on encrypted

Secure Outsourcing Computation Li Xiong Outline Cloud computing Computing on encrypted

CS573 Data Privacy and Security Secure Outsourcing Computation Li Xiong Outline Cloud computing Computing on encrypted data Homomorphic encryption What is Cloud Computing ? Cloud computing Type of computing that relies on sharing

1.29k views • 62 slides
Nigel Paul Smart Computing on Encrypted Data How to do the impossible KU Leuven Dining Bankers

Nigel Paul Smart Computing on Encrypted Data How to do the impossible KU Leuven Dining Bankers

Nigel Paul Smart Computing on Encrypted Data How to do the impossible KU Leuven Dining Bankers (a.k.a. Millionaires Problem) A set of bankers go to lunch. They are celebrating their bonuses just being paid. Each has been given a bonus of x

876 views • 46 slides
To look but not to see In this talk I will relate recent successes in compilation for

To look but not to see In this talk I will relate recent successes in compilation for

To look but not to see In this talk I will relate recent successes in compilation for Encrypted Computing to code obfuscation Of importance in Encrypted Computing is a proof ... Adversary has no method to decipher run-time data code

319 views • 21 slides
Why Encrypt Data? We have already discussed authentication and access control as means to

Why Encrypt Data? We have already discussed authentication and access control as means to

Security in Outsourced Databases II Outsourced Databases II (Query Processing on Encrypted Data) Disks replaced Data worthless if encrypted Customer Credit for maintenance Card Number Laptops stolen Backups lost p 1 Why Encrypt Data?

759 views • 19 slides
Introduction to the R Language Data Types and Basic Operations Computing for Data Analysis 1 /

Introduction to the R Language Data Types and Basic Operations Computing for Data Analysis 1 /

Introduction to the R Language Data Types and Basic Operations Computing for Data Analysis 1 / 14 Subsetting There are a number of operators that can be used to extract subsets of R objects. [ always returns an object of the same class as the

486 views • 14 slides
Searches Through Encrypted Data presenter: Reza Curtmola Advanced Topics in Network Security

Searches Through Encrypted Data presenter: Reza Curtmola Advanced Topics in Network Security

Searches Through Encrypted Data presenter: Reza Curtmola Advanced Topics in Network Security (600/650.624) Introduction Searching usually done over plaintext But what if we could search encrypted data? Bloom Filters Efficient

459 views • 30 slides
ARM Assembler Addressing Modes Addressing Modes p. 1/14 op1 : Data Addressing Mode

ARM Assembler Addressing Modes Addressing Modes p. 1/14 op1 : Data Addressing Mode

Systems Architecture ARM Assembler Addressing Modes Addressing Modes p. 1/14 op1 : Data Addressing Mode Used when processing data Moving data from one register to another: D ESTINATION S OURCE D ESTINATION must be a

444 views • 17 slides
Supporting Less-Than Queries on Encrypted Data using Multi-Server Secret Sharing and Practical

Supporting Less-Than Queries on Encrypted Data using Multi-Server Secret Sharing and Practical

Supporting Less-Than Queries on Encrypted Data using Multi-Server Secret Sharing and Practical Order-Revealing Encryption Nate Chenette ICERM conference on Encrypted Search June 12, 2019 Project Background Baffle Inc. https://baffle.io/

407 views • 23 slides
TLS 1.3 Encrypted SNI ekr: ekr@rtfm.com dkg: dkg@aclu.org IETF 94 TLS 1.3 Encrypted SNI 1

TLS 1.3 Encrypted SNI ekr: ekr@rtfm.com dkg: dkg@aclu.org IETF 94 TLS 1.3 Encrypted SNI 1

TLS 1.3 Encrypted SNI ekr: ekr@rtfm.com dkg: dkg@aclu.org IETF 94 TLS 1.3 Encrypted SNI 1 DISCLAIMER: THIS IS NOT FULLY-BAKED We just fleshed out this idea yesterday, so its hand-wavy. Insufficient analysis has been done. IETF 94 TLS 1.3

886 views • 11 slides
Big Data Security: How to efficiently perform data analytics over encrypted data? Adrian Perrig

Big Data Security: How to efficiently perform data analytics over encrypted data? Adrian Perrig

Big Data Security: How to efficiently perform data analytics over encrypted data? Adrian Perrig Network Security Group ETH Zrich 1 Why worry about Big Data Security? Security is well understood and well handled! Really? 2 Problem

360 views • 16 slides
DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and

DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and

DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and Digital Voice Modes DMR and Digital Voice Modes Presented by N7MOT Lenny Gemar Amateur radio began with spark gap transmitters, evolving to Morse code and analog voice

442 views • 20 slides
Functional Encryption Lecture 27 Functional Encryption Plain encryption: for secure

Functional Encryption Lecture 27 Functional Encryption Plain encryption: for secure

Functional Encryption Lecture 27 Functional Encryption Plain encryption: for secure communication. Does not allow modifying encrypted data. Homomorphic Encryption: allows computation on encrypted data, but result remains encrypted Functional

987 views • 61 slides
Table of Contents Why DNA Computing? The Structure of DNA DNA Computing Operations on DNA

Table of Contents Why DNA Computing? The Structure of DNA DNA Computing Operations on DNA

Table of Contents Why DNA Computing? The Structure of DNA DNA Computing Operations on DNA Molecules Reading DNA Example of a Molecular Computer Information Processing with DNA Molecules Christian Jacob Why DNA Computing?

223 views • 9 slides
Table of Contents Why DNA Computing? The Structure of DNA DNA Computing Operations on

Table of Contents Why DNA Computing? The Structure of DNA DNA Computing Operations on

Table of Contents Why DNA Computing? The Structure of DNA DNA Computing Operations on DNA Molecules Reading DNA Example of a Molecular Computer Information Processing with DNA Molecules Christian Jacob Why DNA Computing?

400 views • 7 slides
DATA RECOVERY Reconstructed Values 400 ON ENCRYPTED DATABASES 350 WITH 300 k-NEAREST

DATA RECOVERY Reconstructed Values 400 ON ENCRYPTED DATABASES 350 WITH 300 k-NEAREST

DATA RECOVERY Reconstructed Values 400 ON ENCRYPTED DATABASES 350 WITH 300 k-NEAREST NEIGHBOR 250 QUERY LEAKAGE 200 EVGENIOS M. KORNAROPOULOS 150 CHARALAMPOS PAPAMANTHOU ROBERTO TAMASSIA 100 50 0 0 100 200 300 400 Full

777 views • 52 slides
encrypted data Raluca Ada Popa MIT Compromise of confidential data is prevalent Problem setup

encrypted data Raluca Ada Popa MIT Compromise of confidential data is prevalent Problem setup

? xd51db5 xe891a1 X9ce568 X32e1dc xab2356 xdd0135 x453a32 x63ab12 Building systems that compute on encrypted data Raluca Ada Popa MIT Compromise of confidential data is prevalent Problem setup server clients Secret Secret Secret

851 views • 53 slides
TOMER SHARON, UX RESEARCHER, GOOGLE @tsharon HIGH-QUALITY, IMPACTFUL, FAST UX RESEARCH FOR

TOMER SHARON, UX RESEARCHER, GOOGLE @tsharon HIGH-QUALITY, IMPACTFUL, FAST UX RESEARCH FOR

HIGH-QUALITY, IMPACTFUL, FAST UX RESEARCH FOR ENGINEERS TOMER SHARON, UX RESEARCHER, GOOGLE @tsharon HIGH-QUALITY, IMPACTFUL, FAST UX RESEARCH FOR ENGINEERS Psychology of attitude & behavior 1. High-quality noticeability test 2.

1.32k views • 99 slides
Potential Outcomes Brady Neal causalcourse.com What are potential outcomes? The fundamental

Potential Outcomes Brady Neal causalcourse.com What are potential outcomes? The fundamental

Potential Outcomes Brady Neal causalcourse.com What are potential outcomes? The fundamental problem of causal inference Getting around the fundamental problem of causal inference A complete example with estimation 2 / 41 Brady Neal What

2.19k views • 198 slides
1 2 3 Slide 3 DS1 David Singer, 4/29/2016 4 5 ASU offering $200/credit AFTER you pass the

1 2 3 Slide 3 DS1 David Singer, 4/29/2016 4 5 ASU offering $200/credit AFTER you pass the

1 2 3 Slide 3 DS1 David Singer, 4/29/2016 4 5 ASU offering $200/credit AFTER you pass the class More modest tuition increases Colleges giving out more scholarship dollars Net tuition revenue falling K-12 budget cuts of 2009-2010 now

730 views • 36 slides
Using T Using T e c hnology to Impr e c hnology to Impr ove ove Me dic ation Adhe r Me dic

Using T Using T e c hnology to Impr e c hnology to Impr ove ove Me dic ation Adhe r Me dic

6/10/2019 Using T Using T e c hnology to Impr e c hnology to Impr ove ove Me dic ation Adhe r Me dic ation Adhe r e nc e e nc e L L a c e y Bla nke nship, Pha rm.D., BCPS, NCPS a c e y Bla nke nship, Pha rm.D., BCPS, NCPS Chie f Pha

213 views • 10 slides
Clever Pac-man Tohru Iwatani, formato arcade da sala, 1980. N.A.Borghese, A.Rossini and C.Quadri

Clever Pac-man Tohru Iwatani, formato arcade da sala, 1980. N.A.Borghese, A.Rossini and C.Quadri

Sistemi Intelligenti Reinforcement Learning: Fuzzy Reinforcement Learning Alberto Borghese Universit degli Studi di Milano Laboratorio di Sistemi Intelligenti Applicati (AIS-Lab) Dipartimento di Informatica borghese@di.unimi.it A.A.

503 views • 10 slides
Clever Pac-man N.A.Borghese, A.Rossini and C.Quadri (2012) Clever Pac-man, Proceedings of the

Clever Pac-man N.A.Borghese, A.Rossini and C.Quadri (2012) Clever Pac-man, Proceedings of the

Sistemi Intelligenti Reinforcement Learning: Reinforcement Learning: Fuzzy Reinforcement Learning Alberto Borghese Universit degli Studi di Milano Laboratorio di Sistemi Intelligenti Applicati (AIS-Lab) Dipartimento di Scienze

226 views • 9 slides
Falsified Medicines Directive (FMD) Leyla Hannbeck MRPharmS, MBA, MSc, MA NPA Chief Pharmacist

Falsified Medicines Directive (FMD) Leyla Hannbeck MRPharmS, MBA, MSc, MA NPA Chief Pharmacist

Falsified Medicines Directive (FMD) Leyla Hannbeck MRPharmS, MBA, MSc, MA NPA Chief Pharmacist and Director of Pharmacy Falsified medicines: the facts Falsified medicines may: Be fraudulently mislabelled Contain low quality

605 views • 24 slides
Mergers and Acquisitions Merger: two (or more) corporations are combining to for one single

Mergers and Acquisitions Merger: two (or more) corporations are combining to for one single

Mergers and Acquisitions Merger: two (or more) corporations are combining to for one single surviving corporation Acquisitions: One corporation is buying out another corporation so that only the purchaser will survive This

292 views • 8 slides

More recommend