privacy preservation through secure multi party
play

Privacy Preservation through Secure Multi-party Computation: - PowerPoint PPT Presentation

Nov 23, 2022 •305 likes •660 views

Privacy Preservation through Secure Multi-party Computation: Towards Implementation Paolo Palmieri , Olivier Pereira UCL Crypto Group Universit e Catholique de Louvain (Belgium) Provable Privacy Workshop July 2012 UCL Crypto Group

  1. Privacy Preservation through Secure Multi-party Computation: Towards Implementation Paolo Palmieri , Olivier Pereira UCL Crypto Group Universit´ e Catholique de Louvain (Belgium) Provable Privacy Workshop – July 2012 UCL Crypto Group Privacy with SMC: Implementation? - July 2012 1 Microelectronics Laboratory

  2. Outline of the Talk 1. Secure Multi-party Computation 2. New channel models 3. Towards implementation UCL Crypto Group Privacy with SMC: Implementation? - July 2012 2 Microelectronics Laboratory

  3. Outline of the Talk 1. Secure Multi-party Computation 2. New channel models 3. Towards implementation UCL Crypto Group Privacy with SMC: Implementation? - July 2012 2 Microelectronics Laboratory

  4. Secure 2-party computation Problem suggested by Yao in 1982 [Yao82]. Cryptography for mutually distrusting parties. UCL Crypto Group Privacy with SMC: Implementation? - July 2012 3 Microelectronics Laboratory

  5. Secure 2-party computation Problem suggested by Yao in 1982 [Yao82]. Cryptography for mutually distrusting parties. The parties. . . ◮ . . . want to jointly compute some value based on individually held secret bits of information; ◮ . . . do not wish to reveal their secrets to one another in the process. UCL Crypto Group Privacy with SMC: Implementation? - July 2012 3 Microelectronics Laboratory

  6. Secure 2-party computation Problem suggested by Yao in 1982 [Yao82]. Cryptography for mutually distrusting parties. The parties. . . ◮ . . . want to jointly compute some value based on individually held secret bits of information; ◮ . . . do not wish to reveal their secrets to one another in the process. Our focus is on security against computationally unbounded adversaries, in the information theoretic model. UCL Crypto Group Privacy with SMC: Implementation? - July 2012 3 Microelectronics Laboratory

  7. Oblivious Transfer Oblivious Transfer [Rab81] is a fundamental primitive for multi-party computation. ◮ many fashions of OT, all proved to be equivalent [Cr´ e87]. UCL Crypto Group Privacy with SMC: Implementation? - July 2012 4 Microelectronics Laboratory

  8. Oblivious Transfer Oblivious Transfer [Rab81] is a fundamental primitive for multi-party computation. ◮ many fashions of OT, all proved to be equivalent [Cr´ e87]. 1-out-of-2 OT : the sender (Sam) has two bits b 0 , b 1 and wants to transmit only one to the receiver (Rachel), while she wants to select the desired bit s without Sam knowing her choice. s b 0 , b 1 S OT R b s UCL Crypto Group Privacy with SMC: Implementation? - July 2012 4 Microelectronics Laboratory

  9. The Importance of Noise Oblivious Transfer cannot be achieved on a clear channel in the information theoretic model. Even a quantum channel proved to be useless for the purpose [May97]. Solution: noisy channels . UCL Crypto Group Privacy with SMC: Implementation? - July 2012 5 Microelectronics Laboratory

  10. The Importance of Noise Oblivious Transfer cannot be achieved on a clear channel in the information theoretic model. Even a quantum channel proved to be useless for the purpose [May97]. Solution: noisy channels . Open questions: ◮ most efficient/realistic channel models? ◮ what properties should noise have? UCL Crypto Group Privacy with SMC: Implementation? - July 2012 5 Microelectronics Laboratory

  11. Outline of the Talk 1. Secure Multi-party Computation 2. New channel models 3. Towards implementation UCL Crypto Group Privacy with SMC: Implementation? - July 2012 6 Microelectronics Laboratory

  12. Traditional constructions OT can be built on almost any noisy channel [CMW04]. However most constructions are based on the Binary Symmetric Channel (BSC). 1 − p 0 0 p p 1 1 1 − p UCL Crypto Group Privacy with SMC: Implementation? - July 2012 7 Microelectronics Laboratory

  13. Traditional constructions OT can be built on almost any noisy channel [CMW04]. However most constructions are based on the Binary Symmetric Channel (BSC). 1 − p 0 0 p p 1 1 1 − p ◮ First protocol proposed in 1988 [CK88]. ◮ Unfair Noisy Channel (UNC) [DKS99, DFMS04]. ◮ Weak Binary Symmetric Channel (WBSC) [Wul09]. UCL Crypto Group Privacy with SMC: Implementation? - July 2012 7 Microelectronics Laboratory

  14. Delays & Packet Loss In [PP10] we proposed to build OT over channels that model real network characteristics: ◮ packet delays (wireless) and reorderings (wired); ◮ lost packets. UCL Crypto Group Privacy with SMC: Implementation? - July 2012 8 Microelectronics Laboratory

  15. Delays & Packet Loss In [PP10] we proposed to build OT over channels that model real network characteristics: ◮ packet delays (wireless) and reorderings (wired); ◮ lost packets. ◮ Binary Discrete-time t Channel u Delaying Channel t 0 (BDDC); c 1 , c 2 u 0 c 2 ◮ Delaying-Erasing Channel t 1 Pr ( p ) c 3 , c 4 (DEC). u 1 c 1 , c 3 , c 4 UCL Crypto Group Privacy with SMC: Implementation? - July 2012 8 Microelectronics Laboratory

  16. Outline of the Talk 1. Secure Multi-party Computation 2. New channel models 3. Towards implementation UCL Crypto Group Privacy with SMC: Implementation? - July 2012 9 Microelectronics Laboratory

  17. Protocol - preparation Protocol inspired by the one proposed in [CK88]. Preliminary work Sam creates two sets of bit strings C and C ′ . | C | = | C ′ | = n UCL Crypto Group Privacy with SMC: Implementation? - July 2012 10 Microelectronics Laboratory

  18. Protocol - preparation Protocol inspired by the one proposed in [CK88]. Preliminary work Sam creates two sets of bit strings C and C ′ . | C | = | C ′ | = n Each string in any of the two sets is composed of: c i ∈ C = ��� . . . ����� . . . �� UCL Crypto Group Privacy with SMC: Implementation? - July 2012 10 Microelectronics Laboratory

  19. Protocol - preparation Protocol inspired by the one proposed in [CK88]. Preliminary work Sam creates two sets of bit strings C and C ′ . | C | = | C ′ | = n Each string in any of the two sets is composed of: ◮ the string identifier e : e i in c i ∈ C is unique in { C ∪ C ′ } . e i � �� � c i ∈ C = ��� . . . �� ��� . . . �� UCL Crypto Group Privacy with SMC: Implementation? - July 2012 10 Microelectronics Laboratory

  20. Protocol - preparation Protocol inspired by the one proposed in [CK88]. Preliminary work Sam creates two sets of bit strings C and C ′ . | C | = | C ′ | = n Each string in any of the two sets is composed of: ◮ the string identifier e : e i in c i ∈ C is unique in { C ∪ C ′ } . ◮ the sequence number i : i in c i ∈ C is unique in C and shared by c ′ i ∈ C ′ ; e i i � �� � � �� � c i ∈ C = ��� . . . �� ��� . . . �� UCL Crypto Group Privacy with SMC: Implementation? - July 2012 10 Microelectronics Laboratory

  21. Protocol - communication 1 1. At time t 0 Sam sends to Rachel C over a BDDC; C S R BDDC UCL Crypto Group Privacy with SMC: Implementation? - July 2012 11 Microelectronics Laboratory

  22. Protocol - communication 1 1. At time t 0 Sam sends to Rachel C over a BDDC; 2. At t 1 Sam sends the set C ′ ; C ′ S R BDDC UCL Crypto Group Privacy with SMC: Implementation? - July 2012 11 Microelectronics Laboratory

  23. Protocol - communication 1 1. At time t 0 Sam sends to Rachel C over a BDDC; 2. At t 1 Sam sends the set C ′ ; 3. At u 0 Rachel receives the strings of C not delayed; ??? S R BDDC UCL Crypto Group Privacy with SMC: Implementation? - July 2012 11 Microelectronics Laboratory

  24. Protocol - communication 1 1. At time t 0 Sam sends to Rachel C over a BDDC; 2. At t 1 Sam sends the set C ′ ; 3. At u 0 Rachel receives the strings of C not delayed; 4. At u 1 Rachel receives the strings of C delayed once and those of C ′ not delayed. Then she keeps listening; ??? S R BDDC UCL Crypto Group Privacy with SMC: Implementation? - July 2012 11 Microelectronics Laboratory

  25. Protocol - communication 1 1. At time t 0 Sam sends to Rachel C over a BDDC; 2. At t 1 Sam sends the set C ′ ; 3. At u 0 Rachel receives the strings of C not delayed; 4. At u 1 Rachel receives the strings of C delayed once and those of C ′ not delayed. Then she keeps listening; 5. Rachel divides the sequence numbers received into two sets I s and I 1 − s . For all those in I s , the corresponding c has not been delayed; I s , I 1 − s S R clear channel UCL Crypto Group Privacy with SMC: Implementation? - July 2012 11 Microelectronics Laboratory

  26. Protocol - communication 2 6. Sam receives I s and I 1 − s and chooses a universal hash function f . For each set I j he computes g j : � � e j 1 � . . . � e j with e j 1 , . . . , e j g j = 2 ∈ E j . n n 2 where e i ∈ E j ⇔ i ∈ I j . f , ( f ( g 0 ) ⊕ b 0 ) , ( f ( g 1 ) ⊕ b 1 ) S R clear channel UCL Crypto Group Privacy with SMC: Implementation? - July 2012 12 Microelectronics Laboratory

  27. Protocol - communication 2 6. Sam receives I s and I 1 − s and chooses a universal hash function f . For each set I j he computes g j : � � e j 1 � . . . � e j with e j 1 , . . . , e j g j = 2 ∈ E j . n n 2 where e i ∈ E j ⇔ i ∈ I j . 7. Rachel computes her guess for b s : b s = f ( g s ) ⊕ ( f ( g s ) ⊕ b s ) S The End! R UCL Crypto Group Privacy with SMC: Implementation? - July 2012 12 Microelectronics Laboratory

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

DPM 2013 Privacy-Preserving Multi-Party Reconciliation Secure in the Malicious Model 8th ACM

DPM 2013 Privacy-Preserving Multi-Party Reconciliation Secure in the Malicious Model 8th ACM

DPM 2013 Privacy-Preserving Multi-Party Reconciliation Secure in the Malicious Model 8th ACM International Workshop on Data Privacy Management 2013 Georg Neugebauer 1 , Lucas Brutschy 1 , Ulrike Meyer 1 and Susanne Wetzel 2 UMIC LuFG IT-Security,

212 views • 17 slides
Communication Locality in C i i L li i Secure Multi Party Secure Multi-Party Computation

Communication Locality in C i i L li i Secure Multi Party Secure Multi-Party Computation

Communication Locality in C i i L li i Secure Multi Party Secure Multi-Party Computation Computation How to Run Sublinear Algorithms in a Distributed Algorithms in a Distributed Setting Elette Boyle Shafi Goldwasser Stefano Tessaro

1.01k views • 36 slides
Secure Multi-Party Computation Gunnar Kreitz KTH Royal Institute of Technology

Secure Multi-Party Computation Gunnar Kreitz KTH Royal Institute of Technology

Background Secure Computation Security Model Generic Protocol Applications Secure Multi-Party Computation Gunnar Kreitz KTH Royal Institute of Technology gkreitz@kth.se October 4 2012 Gunnar Kreitz Secure Multi-Party Computation

1.28k views • 59 slides
SoK: General Purpose Frameworks for Secure Multi-party Computation Marcella Brett Daniel Steve

SoK: General Purpose Frameworks for Secure Multi-party Computation Marcella Brett Daniel Steve

SoK: General Purpose Frameworks for Secure Multi-party Computation Marcella Brett Daniel Steve Hemenway Hastings Noble Zdancewic University of Pennsylvania 1 / 20 Secure Multi-party Computation (MPC) Compute an arbitrary function among

1.13k views • 36 slides
Easily programmable secure multi-party computation on integers, strings and floating point

Easily programmable secure multi-party computation on integers, strings and floating point

Easily programmable secure multi-party computation on integers, strings and floating point numbers Dan Bogdanov Sharemind project lead dan@cyber.ee https://sharemind.cyber.ee/ sharemind a machine for fast privacy-preserving computations

643 views • 42 slides
General Purpose Frameworks for Secure Multi-party Computation Marcella Brett Daniel Steve

General Purpose Frameworks for Secure Multi-party Computation Marcella Brett Daniel Steve

General Purpose Frameworks for Secure Multi-party Computation Marcella Brett Daniel Steve Hemenway Hastings Noble Zdancewic University of Pennsylvania 1 / 26 Secure multi-party computation (MPC) MPC allows a group of mutually

882 views • 51 slides
Asynchronous Multi-Party Computation Vassilis Zikas RPI MPC School IIT Mumbai Secure

Asynchronous Multi-Party Computation Vassilis Zikas RPI MPC School IIT Mumbai Secure

Asynchronous Multi-Party Computation Vassilis Zikas RPI MPC School IIT Mumbai Secure Multi-Party Computation (MPC) Security D 1 D 2 D 4 D 3 Secure Multi-Party Computation (MPC) Security D 1 D 2 1 2 4 3 D 4 D 3 Secure

1.36k views • 124 slides
Introduction to Secure Multi-Party Computation Many thanks to Vitaly Shmatikov of the

Introduction to Secure Multi-Party Computation Many thanks to Vitaly Shmatikov of the

Introduction to Secure Multi-Party Computation Many thanks to Vitaly Shmatikov of the University of Texas, Austin for providing these slides. slide 1 Motivation General framework for describing computation between parties who do not

1.03k views • 35 slides
Multi Party secure communication C D A B E F N parties want to communicate securely with

Multi Party secure communication C D A B E F N parties want to communicate securely with

1 Key Establishment Chester Rebeiro IIT Madras 2 Multi Party secure communication C D A B E F N parties want to communicate securely with each other (N=6 in this figure) If U sends a message to V (U V and U,V {a,b,c,d,e,f})

721 views • 55 slides
Secure Multi-Party Computation Lecture 17 GMW & BGW Protocols MPC Protocols MPC Protocols

Secure Multi-Party Computation Lecture 17 GMW & BGW Protocols MPC Protocols MPC Protocols

Secure Multi-Party Computation Lecture 17 GMW & BGW Protocols MPC Protocols MPC Protocols Yao s Garbled Circuit : 2-Party SFE secure against passive adversaries MPC Protocols Yao s Garbled Circuit : 2-Party SFE secure against

2.07k views • 85 slides
Adaptively Secure Multi-Party Computation with Dishonest Majority Sanjam Garg Amit

Adaptively Secure Multi-Party Computation with Dishonest Majority Sanjam Garg Amit

Adaptively Secure Multi-Party Computation with Dishonest Majority Sanjam Garg Amit Sahai UCLA Secure Multiparty Computation A set of mutually distrustful parties (n) wish to compute a joint function of their private inputs

309 views • 16 slides
Secure Multi-party Quantum Computation with a Dishonest Majority Yfke Dulek, Alex Grilo, Stacey

Secure Multi-party Quantum Computation with a Dishonest Majority Yfke Dulek, Alex Grilo, Stacey

Secure Multi-party Quantum Computation with a Dishonest Majority Yfke Dulek, Alex Grilo, Stacey Je ff ery, Christian Majenz, Christian Scha ff ner Introduction Multi-party computation (MPC) Input (player i): x i 83 false Output: f(x 1 , ,

686 views • 20 slides
Secure Multi-Party Computation Lecture 13 Must We Trust ? Can we have an auction

Secure Multi-Party Computation Lecture 13 Must We Trust ? Can we have an auction

Secure Multi-Party Computation Lecture 13 Must We Trust ? Can we have an auction without an auctioneer?! Declared winning bid should be correct Only the winner and winning bid should be revealed Using data without sharing?

446 views • 20 slides
Advanced Tools from Modern Cryptography Lecture 6 Secure Multi-Party Computation without

Advanced Tools from Modern Cryptography Lecture 6 Secure Multi-Party Computation without

Advanced Tools from Modern Cryptography Lecture 6 Secure Multi-Party Computation without Honest Majority: GMW Protocol MPC without Honest-Majority Plan (Still sticking with passive corruption): Two protocols, that are secure

465 views • 12 slides
Hiding the Input Size in Secure Two-Party Computation Yehuda Lindell , Kobbi Nissim, Claudio

Hiding the Input Size in Secure Two-Party Computation Yehuda Lindell , Kobbi Nissim, Claudio

Hiding the Input Size in Secure Two-Party Computation Yehuda Lindell , Kobbi Nissim, Claudio Orlandi (or a more privacy Privacy on sensitive social network) My friends should only see our common friends Secure Computation 8dx2rru3d0fW2TS y

520 views • 36 slides
Key Establishment Chester Rebeiro IIT Madras CR Stinson : Chapter 10 Multi Party secure

Key Establishment Chester Rebeiro IIT Madras CR Stinson : Chapter 10 Multi Party secure

Key Establishment Chester Rebeiro IIT Madras CR Stinson : Chapter 10 Multi Party secure communication C D A B E F N parties want to communicate securely with each other (N=6 in this figure) If U sends a message to V (U V

771 views • 54 slides
Bounding Techniques for the Intrinsic Uncertainty of Channels Or Ordentlich Joint work with Ofer

Bounding Techniques for the Intrinsic Uncertainty of Channels Or Ordentlich Joint work with Ofer

Bounding Techniques for the Intrinsic Uncertainty of Channels Or Ordentlich Joint work with Ofer Shayevitz July 4th, 2014 ISIT, Honolulu, HI, USA Or Ordentlich and Ofer Shayevitz Bounding Techniques for the Intrinsic Uncertainty of Channels

723 views • 49 slides
Algorithmic and Combinatorial Methods to Discover Low Weight Pseudo-Codewords Shashi Kiran

Algorithmic and Combinatorial Methods to Discover Low Weight Pseudo-Codewords Shashi Kiran

Algorithmic and Combinatorial Methods to Discover Low Weight Pseudo-Codewords Shashi Kiran Chilappagari 1 Bane Vasic 1 Mikhail Stepanov 2 Michael Chertkov 3 1 Dept. of Elec. and Comp. Eng., University of Arizona, Tucson, AZ. 2 Dept. of Mathematics,

238 views • 22 slides
From the Past to the Present Vitaly Skachek Institute of Computer Science University of Tartu

From the Past to the Present Vitaly Skachek Institute of Computer Science University of Tartu

Coding Theory: From the Past to the Present Vitaly Skachek Institute of Computer Science University of Tartu Some used images are courtesy of Wikipedia/Wikimedia Commons Communications Model k bits R = k/n n bits c x Source Encoder 0101

886 views • 64 slides
Information Theory and Security: Quantitative Information Flow Pasquale Malacaria

Information Theory and Security: Quantitative Information Flow Pasquale Malacaria

Information Theory and Security: Quantitative Information Flow Pasquale Malacaria pm@dcs.qmul.ac.uk School of Electronic Engineering and Computer Science Queen Mary University of London Information Theory and Security: Quantitative Information

835 views • 54 slides
Cyclic Polar Codes Narayanan Rengaswamy Henry D. Pfister Texas A&M University Duke

Cyclic Polar Codes Narayanan Rengaswamy Henry D. Pfister Texas A&M University Duke

Cyclic Polar Codes Narayanan Rengaswamy Henry D. Pfister Texas A&M University Duke University r narayanan 92@tamu.edu henry.pfister@duke.edu 2015 IEEE International Symposium on Information Theory June 16, 2015 Narayanan Rengaswamy

755 views • 57 slides
Information Theory Don Fallis Information in the Wild Intentional Information Transfer Data

Information Theory Don Fallis Information in the Wild Intentional Information Transfer Data

Information Theory Don Fallis Information in the Wild Intentional Information Transfer Data Storage Measuring Information Surprise! Inversely Related to Probability The lower the probability of event A, the more information you get by

608 views • 33 slides
Simplified Successive-Cancellation List Decoding of Polar Codes Seyyed Ali Hashemi , Carlo Condo,

Simplified Successive-Cancellation List Decoding of Polar Codes Seyyed Ali Hashemi , Carlo Condo,

Simplified Successive-Cancellation List Decoding of Polar Codes Seyyed Ali Hashemi , Carlo Condo, Warren J. Gross Department of Electrical and Computer Engineering McGill University Montr eal, Qu ebec, Canada July 12, 2016 Seyyed Ali

554 views • 22 slides
Finite-Length Analysis of Irregular Expurgated LDPC Codes under Finite Number of Iterations

Finite-Length Analysis of Irregular Expurgated LDPC Codes under Finite Number of Iterations

Finite-Length Analysis of Irregular Expurgated LDPC Codes under Finite Number of Iterations Ryuhei Mori Toshiyuki Tanaka Kenta Kasai Kohichi Sakaniwa ISIT2009 LDPC codes over the binary erasure channel The aim of our research To estimate

157 views • 15 slides

More recommend