reducing communication channels in mpc
play

Reducing Communication Channels in MPC Marcel Keller 1,2 Dragos - PowerPoint PPT Presentation

Jan 01, 2024 •33 likes •753 views

Reducing Communication Channels in MPC Marcel Keller 1,2 Dragos Rotaru 1,3 Nigel Smart 1,3 T im Wood 1,3 1 University of Bristol 2 Data61 3 KU Leuven/COSIC ESAT 1/35 Outline Goal Generalising MPC Tools Performing MPC 2/35 Outline Goal

  1. Reducing Communication Channels in MPC Marcel Keller 1,2 Dragos Rotaru 1,3 Nigel Smart 1,3 T im Wood 1,3 1 University of Bristol 2 Data61 3 KU Leuven/COSIC ESAT 1/35

  2. Outline Goal Generalising MPC Tools Performing MPC 2/35

  3. Outline Goal Generalising MPC Tools Performing MPC 3/35

  4. What is MPC? 4/35

  5. What is MPC? P 7 P 6 P 1 F P 5 P 2 P 4 P 3 4/35

  6. What is MPC? P 7 P 6 P 1 F P 5 P 2 P 4 P 3 4/35

  7. What is MPC? P 7 P 7 P 6 P 1 P 6 P 1 F P 5 P 2 P 5 P 2 P 4 P 3 P 4 P 3 4/35

  8. What is MPC? P 7 P 7 P 6 P 1 P 6 P 1 F ≈ P 5 P 2 P 5 P 2 P 4 P 3 P 4 P 3 4/35

  9. What is MPC? P 7 P 7 P 6 P 1 P 6 P 1 F ≈ P 5 P 2 P 5 P 2 P 4 P 3 P 4 P 3 Various guarantees: Privacy/Secrecy Correctness Fairness etc. 4/35

  10. What is MPC? Types: Garbled circuits Secret-sharing 5/35

  11. What is MPC? Types: Garbled circuits Secret-sharing Examples: General MPC (e.g. SPDZ, MASCOT, Yao, etc.) PSI Auctions 5/35

  12. What is MPC? Types: Garbled circuits Secret-sharing Examples: General MPC (e.g. SPDZ, MASCOT, Yao, etc.) PSI Auctions Corruption Models: Active/Passive Static/Adaptive etc. 5/35

  13. Goal This work: Goal Communication-efficient actively-secure MPC arithmetic circuit evaluation for any Q 2 access structure. as part of overarching goal: Efficient 1 MPC protocols for any access structure. 1 communication/computation cost 6/35

  14. Related Work Previous best-known protocol was due to Maurer [Mau06]: passively-secure for Q 2 structures, actively-secure for Q 3 . [Mau06] Secure Multi-party Computation Made Simple, Journal of Discrete Applied Mathematics, 2006 7/35

  15. Related Work Previous best-known protocol was due to Maurer [Mau06]: passively-secure for Q 2 structures, actively-secure for Q 3 . Araki et al. [AFLNO16] give active security in the (3 , 1)-threshold case with efficient “hash-check” authentication. [Mau06] Secure Multi-party Computation Made Simple, Journal of Discrete Applied Mathematics, 2006 [AFLNO16] High-Throughput Semi-Honest Secure Three-Party Computation with an Honest Majority, CCS 2016 7/35

  16. Related Work Previous best-known protocol was due to Maurer [Mau06]: passively-secure for Q 2 structures, actively-secure for Q 3 . Araki et al. [AFLNO16] give active security in the (3 , 1)-threshold case with efficient “hash-check” authentication. Our contribution: Generalise to any Q 2 access structure for any number of parties... ...and optimise the communication 2 . [Mau06] Secure Multi-party Computation Made Simple, Journal of Discrete Applied Mathematics, 2006 [AFLNO16] High-Throughput Semi-Honest Secure Three-Party Computation with an Honest Majority, CCS 2016 2 Asymptotics are hard to give because it depends on the access structure 7/35

  17. Outline Goal Generalising MPC Tools Performing MPC 8/35

  18. Access Structures Definition by example { 1 , 2 , 3 , 4 } { 1 , 2 , 3 } { 1 , 2 , 4 } { 1 , 3 , 4 } { 2 , 3 , 4 } { 1 , 2 } { 1 , 3 } { 1 , 4 } { 2 , 3 } { 2 , 4 } { 3 , 4 } { 1 } { 2 } { 3 } { 4 } ∅ Q 2 : union of no two unqualified sets is { 1 , 2 , 3 , 4 } 9/35

  19. Access Structures Specify minimally qualified sets { 1 , 2 , 3 , 4 } { 1 , 2 , 3 } { 1 , 2 , 4 } { 1 , 3 , 4 } { 2 , 3 , 4 } { 1 , 2 } { 1 , 3 } { 1 , 4 } { 2 , 3 } { 2 , 4 } { 3 , 4 } { 1 } { 2 } { 3 } { 4 } ∅ Q 2 : union of no two unqualified sets is { 1 , 2 , 3 , 4 } 9/35

  20. Access Structures Check monotonicity { 1 , 2 , 3 , 4 } { 1 , 2 , 3 } { 1 , 2 , 4 } { 1 , 3 , 4 } { 2 , 3 , 4 } { 1 , 2 } { 1 , 3 } { 1 , 4 } { 2 , 3 } { 2 , 4 } { 3 , 4 } { 1 } { 2 } { 3 } { 4 } ∅ Q 2 : union of no two unqualified sets is { 1 , 2 , 3 , 4 } 9/35

  21. Access Structures Decide on remaining sets { 1 , 2 , 3 , 4 } { 1 , 2 , 3 } { 1 , 2 , 4 } { 1 , 3 , 4 } { 2 , 3 , 4 } { 1 , 2 } { 1 , 3 } { 1 , 4 } { 2 , 3 } { 2 , 4 } { 3 , 4 } { 1 } { 2 } { 3 } { 4 } ∅ Q 2 : union of no two unqualified sets is { 1 , 2 , 3 , 4 } 9/35

  22. Access Structures Determine maximally-unqualified sets { 1 , 2 , 3 , 4 } { 1 , 2 , 3 } { 1 , 2 , 4 } { 1 , 3 , 4 } { 2 , 3 , 4 } { 1 , 2 } { 1 , 3 } { 1 , 4 } { 2 , 3 } { 2 , 4 } { 3 , 4 } { 1 } { 2 } { 3 } { 4 } ∅ Q 2 : union of no two unqualified sets is { 1 , 2 , 3 , 4 } 9/35

  23. Replicated Secret-sharing Starting with the access structure ∆ + = {{ 1 } , { 2 , 3 } , { 2 , 4 } , { 3 , 4 }} we obtain replicated secret sharing by taking the complements B = {{ 2 , 3 , 4 } , { 1 , 4 } , { 1 , 3 } , { 1 , 2 }} and sharing a secret s by letting s = s { 2 , 3 , 4 } + s { 1 , 4 } + s { 1 , 3 } + s { 1 , 2 } $ ← F subject to s = � where { s B } B ∈B B ∈B s B . Then s B is sent to all parties whose party index is in B . Denote by [ [ s ] ] 10/35

  24. Replicated Secret-sharing s = s { 2 , 3 , 4 } + s { 1 , 4 } + s { 1 , 3 } + s { 1 , 2 } Thus the parties have shares as follows: P 1 : s { 1 , 2 } s { 1 , 3 } s { 1 , 4 } P 2 : s { 2 , 3 , 4 } s { 1 , 2 } P 3 : s { 2 , 3 , 4 } s { 1 , 3 } P 4 : s { 2 , 3 , 4 } s { 1 , 4 } 11/35

  25. Linear operations for free [ [ s ] ] + [ [ t ] ] : P 1 P 2 P 3 P 4 [ [ s ] ] s { 1 , 2 } s { 1 , 3 } s { 1 , 4 } s { 1 , 2 } s { 2 , 3 , 4 } s { 1 , 3 } s { 2 , 3 , 4 } s { 1 , 4 } s { 2 , 3 , 4 } + + + + + + + + + + [ [ t ] ] t { 1 , 2 } t { 1 , 3 } t { 1 , 4 } t { 1 , 2 } t { 2 , 3 , 4 } t { 1 , 3 } t { 2 , 3 , 4 } t { 1 , 4 } t { 2 , 3 , 4 } = = = = = = = = = = [ [ u ] ] u { 1 , 2 } u { 1 , 3 } u { 1 , 4 } u { 1 , 2 } u { 2 , 3 , 4 } u { 1 , 3 } u { 2 , 3 , 4 } u { 1 , 4 } u { 2 , 3 , 4 } 12/35

  26. Goal Goal Communication-efficient actively-secure MPC arithmetic circuit evaluation for any Q 2 access structure. Arithmetic circuits: – Additions – Multiplications 13/35

  27. Goal Goal Communication-efficient actively-secure MPC arithmetic circuit evaluation for any Q 2 access structure. Arithmetic circuits: ✓ Additions: for free – Multiplications 13/35

  28. Goal Goal Communication-efficient actively-secure MPC arithmetic circuit evaluation for any Q 2 access structure. Arithmetic circuits: ✓ Additions: for free – Multiplications: we will require Tool 1: Passive multiplication Tool 2: Efficient opening procedure 13/35

  29. Outline Goal Generalising MPC Tools Performing MPC 14/35

  30. Tool 1: Passive Multiplication Theorem [1] If Q 2 , each cross term is computable by at least one party. P 1 , P 2 , P 3 , P 4 can compute an additive sharing of the product: st = s { 2 , 3 , 4 } · t { 2 , 3 , 4 } + s { 2 , 3 , 4 } · t { 1 , 4 } + s { 2 , 3 , 4 } · t { 1 , 3 } + s { 2 , 3 , 4 } · t { 1 , 2 } s { 1 , 4 } · t { 2 , 3 , 4 } + s { 1 , 4 } · t { 1 , 4 } + s { 1 , 4 } · t { 1 , 3 } + s { 1 , 4 } · t { 1 , 2 } s { 1 , 3 } · t { 2 , 3 , 4 } + s { 1 , 3 } · t { 1 , 4 } + s { 1 , 3 } · t { 1 , 3 } + s { 1 , 3 } · t { 1 , 2 } s { 1 , 2 } · t { 2 , 3 , 4 } + s { 1 , 2 } · t { 1 , 4 } + s { 1 , 2 } · t { 1 , 3 } + s { 1 , 2 } · t { 1 , 2 } M 1 ∪ M 2 � P ∀ M 1 , M 2 ∈ ∆ + ⇐ ⇒ B 1 ∩ B 2 � = ∅ ∀ B 1 , B 2 ∈ B 15/35

  31. Tool 1: Passive Multiplication Theorem [1] If Q 2 , each cross term is computable by at least one party. P 1 , P 2 , P 3 , P 4 can compute an additive sharing of the product: st = s { 2 , 3 , 4 } · t { 2 , 3 , 4 } + s { 2 , 3 , 4 } · t { 1 , 4 } + s { 2 , 3 , 4 } · t { 1 , 3 } + s { 2 , 3 , 4 } · t { 1 , 2 } s { 1 , 4 } · t { 2 , 3 , 4 } + s { 1 , 4 } · t { 1 , 4 } + s { 1 , 4 } · t { 1 , 3 } + s { 1 , 4 } · t { 1 , 2 } s { 1 , 3 } · t { 2 , 3 , 4 } + s { 1 , 3 } · t { 1 , 4 } + s { 1 , 3 } · t { 1 , 3 } + s { 1 , 3 } · t { 1 , 2 } s { 1 , 2 } · t { 2 , 3 , 4 } + s { 1 , 2 } · t { 1 , 4 } + s { 1 , 2 } · t { 1 , 3 } + s { 1 , 2 } · t { 1 , 2 } E.g. P 2 computes u (2) := s { 2 , 3 , 4 } · t { 1 , 2 } + s { 1 , 2 } · t { 2 , 3 , 4 } + s { 1 , 2 } · t { 1 , 2 } 15/35

  32. Tool 1: Passive Multiplication – Maurer-style [ u (1) ] [ u (2) ] [ u (3) ] [ u (4) ] Reshare each summand to get [ ], [ ], [ ] and [ ]. 16/35

  33. Tool 1: Passive Multiplication – Maurer-style [ u (1) ] [ u (2) ] [ u (3) ] [ u (4) ] Reshare each summand to get [ ], [ ], [ ] and [ ]. E.g. P 1 additively splits u (1) as u (1) = u (1) { 1 , 2 } + u (1) { 1 , 3 } + u (1) { 1 , 4 } + u (1) { 2 , 3 , 4 } and sends shares P 1 P 2 P 4 P 3 16/35

  34. Tool 1: Passive Multiplication – Maurer-style [ u (1) ] [ u (2) ] [ u (3) ] [ u (4) ] Reshare each summand to get [ ], [ ], [ ] and [ ]. E.g. P 1 additively splits u (1) as u (1) = u (1) { 1 , 2 } + u (1) { 1 , 3 } + u (1) { 1 , 4 } + u (1) { 2 , 3 , 4 } and sends shares u (1) { 1 , 2 } P 1 P 2 P 4 P 3 16/35

  35. Tool 1: Passive Multiplication – Maurer-style [ u (1) ] [ u (2) ] [ u (3) ] [ u (4) ] Reshare each summand to get [ ], [ ], [ ] and [ ]. E.g. P 1 additively splits u (1) as u (1) = u (1) { 1 , 2 } + u (1) { 1 , 3 } + u (1) { 1 , 4 } + u (1) { 2 , 3 , 4 } and sends shares P 1 P 2 u (1) { 1 , 3 } P 4 P 3 16/35

  36. Tool 1: Passive Multiplication – Maurer-style [ u (1) ] [ u (2) ] [ u (3) ] [ u (4) ] Reshare each summand to get [ ], [ ], [ ] and [ ]. E.g. P 1 additively splits u (1) as u (1) = u (1) { 1 , 2 } + u (1) { 1 , 3 } + u (1) { 1 , 4 } + u (1) { 2 , 3 , 4 } and sends shares P 1 P 2 u (1) { 1 , 4 } P 4 P 3 16/35

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Other Communication Channels Select channels of communication that will reach your audiences.

Other Communication Channels Select channels of communication that will reach your audiences.

Other Communication Channels Select channels of communication that will reach your audiences. During Preplanning Ask: Which channels are available? (Consider your schedule and resources.) Which channels will target audiences find

280 views • 12 slides
Covert and Side Channels Robert Brotzman-Smith Covert Channels Any communication channel that

Covert and Side Channels Robert Brotzman-Smith Covert Channels Any communication channel that

Covert and Side Channels Robert Brotzman-Smith Covert Channels Any communication channel that can be exploited by a process to transfer information in a manner that violates the systems security policy US DoD 1985 Basically a

1.04k views • 67 slides
Side Channels and Covert Channels Daniel Bosk Department of Information and Communication Systems

Side Channels and Covert Channels Daniel Bosk Department of Information and Communication Systems

Side Channels Covert Channels References Side Channels and Covert Channels Daniel Bosk Department of Information and Communication Systems (ICS), Mid Sweden University, Sundsvall. 1st May 2017 Daniel Bosk MIUN ICS Side Channels and Covert

689 views • 32 slides
New Control Schemes for Bilateral Teleoperation under Asymmetric Communication Channels:

New Control Schemes for Bilateral Teleoperation under Asymmetric Communication Channels:

New Control Schemes for Bilateral Teleoperation under Asymmetric Communication Channels New Control Schemes for Bilateral Teleoperation under Asymmetric Communication Channels: Stabilization and Performance under Variable Time Delays Bo Zhang

1.67k views • 117 slides
Stealth Communication with Vanishing Power over Binary Symmetric Channels Diego Lentner, Gerhard

Stealth Communication with Vanishing Power over Binary Symmetric Channels Diego Lentner, Gerhard

Stealth Communication with Vanishing Power over Binary Symmetric Channels Diego Lentner, Gerhard Kramer Technical University of Munich Institute for Communications Engineering ISIT 2020 Covert Communication Covert Communication vs. Secrecy:

269 views • 16 slides
Treating Interference as Noise is Optimal for Covert Communication over Interference Channels

Treating Interference as Noise is Optimal for Covert Communication over Interference Channels

Treating Interference as Noise is Optimal for Covert Communication over Interference Channels Kang-Hee Cho and Si-Hyeon Lee School of Electrical Engineering KAIST 2020 ISIT 1 / 14 Covert Communication ^ Y n W Decoder X n W P n Encoder

386 views • 15 slides
Hiding in Plain Sight Advances in Malware Covert Communication Channels Pierre-Marc Bureau

Hiding in Plain Sight Advances in Malware Covert Communication Channels Pierre-Marc Bureau

Hiding in Plain Sight Advances in Malware Covert Communication Channels Pierre-Marc Bureau Christian Dietrich Outline 1. Covert Channels 2. Steganography a. Lurk b. Gozi c. Stegoloader 3. Inconspicuous Carrier Protocols a.

674 views • 49 slides
Health Care Professionals Preferred Communication Channels: Findings from a National Survey

Health Care Professionals Preferred Communication Channels: Findings from a National Survey

Health Care Professionals Preferred Communication Channels: Findings from a National Survey Fred Fridinger, DrPH Senior Health Communication Specialist ME/CFS Roundtable mtg. 8/30/18 Department of Health and Human Services Centers for

497 views • 13 slides
No-signalling assisted zero- error communication via quantum channels and the Lovsz number

No-signalling assisted zero- error communication via quantum channels and the Lovsz number

No-signalling assisted zero- error communication via quantum channels and the Lovsz number Andreas Winter (ICREA & UAB Barcelona) Runyao Duan (UTS Sydney)xxxxxxxxx arXiv:1409.3426 If youve been partying... Hungover Summary 1. C

1.33k views • 87 slides
Constellation Shaping for Communication Channels with Quantized Outputs Chandana Nannapaneni , Dr.

Constellation Shaping for Communication Channels with Quantized Outputs Chandana Nannapaneni , Dr.

Constellation Shaping for Communication Channels with Quantized Outputs Chandana Nannapaneni , Dr. Matthew C. Valenti and Xingyu Xiang Lane Department of Computer Science and Electrical Engineering West Virginia University CISS - March 24, 2011

429 views • 31 slides
On converse bounds for classical communication over quantum channels Xin Wang UTS: Centre for

On converse bounds for classical communication over quantum channels Xin Wang UTS: Centre for

On converse bounds for classical communication over quantum channels Xin Wang UTS: Centre for Quantum Software and Information Joint work with Kun Fang, Marco Tomamichel (arXiv:1709.05258) QIP 2018, QuTech, Delft Background Activated NS codes

505 views • 26 slides
Latency Insensitiveness in Adaptive Communication Channels: A Physical Design Perspective

Latency Insensitiveness in Adaptive Communication Channels: A Physical Design Perspective

Latency Insensitiveness in Adaptive Communication Channels: A Physical Design Perspective FMGALS07 Mario R. Casu www.vlsilab.polito.it www.polito.it Before to start Thanks to the FMGALS organizers! The research whose results are

1.31k views • 112 slides
Data Security: The art of providing secure communication over insecure channels. Not a problem

Data Security: The art of providing secure communication over insecure channels. Not a problem

Data Security: The art of providing secure communication over insecure channels. Not a problem that suddenly arose when computers were invented - its as old as mankind. Data Security falls naturally into two cathegories: * Confidentiality

542 views • 16 slides
Gap Junction Channels Gap Junction Channels Presented by: Ima Ima Student Student Presented

Gap Junction Channels Gap Junction Channels Presented by: Ima Ima Student Student Presented

Gap Junction Channels Gap Junction Channels Presented by: Ima Ima Student Student Presented by: Overview Overview Intracellular communication Intracellular communication Human touch Human touch Autosomal recessive

404 views • 38 slides
Application of Nonbinary LDPC Codes for Communication over Fading Channels Using Higher Order

Application of Nonbinary LDPC Codes for Communication over Fading Channels Using Higher Order

Application of Nonbinary LDPC Codes for Communication over Fading Channels Using Higher Order Modulations Rong-Hui Peng and Rong-Rong Chen Department of Electrical and Computer Engineering University of Utah This work is supported in part by

438 views • 25 slides
SK Telecom 1 U U U U U U U- U - - communication - - - - - communication

SK Telecom 1 U U U U U U U- U - - communication - - - - - communication

U U U U U U U- U - - communication - - - - - communication communication communication communication communication communication communication Korea Mobile Market Trend for Convergence & Ubiquitous Communication 2004.

400 views • 16 slides
Transport Refrigeration Unit Enforcement Work Group Meeting July 29, 2020 1 Updated Concept for

Transport Refrigeration Unit Enforcement Work Group Meeting July 29, 2020 1 Updated Concept for

Transport Refrigeration Unit Enforcement Work Group Meeting July 29, 2020 1 Updated Concept for TRU Regulation Facility Registration, Fees, and Compliance Plan Reporting Expanded TRU Registration Requirements TRU Emission Standards

403 views • 15 slides
Universal Multi-Party Poisoning Attacks Saeed Mahloujifar Mohammad Mahmoody Ameer Mohammed

Universal Multi-Party Poisoning Attacks Saeed Mahloujifar Mohammad Mahmoody Ameer Mohammed

Universal Multi-Party Poisoning Attacks Saeed Mahloujifar Mohammad Mahmoody Ameer Mohammed Multi-Party Learning Distributions Data Providers 1 1 Model Multi-Party Learning (Round j) Distributions

540 views • 20 slides
Brokered Agreements in Multi-Party Machine Learning 10th ACM SIGOPS Asia-Pacific Workshop on

Brokered Agreements in Multi-Party Machine Learning 10th ACM SIGOPS Asia-Pacific Workshop on

Brokered Agreements in Multi-Party Machine Learning 10th ACM SIGOPS Asia-Pacific Workshop on Systems (APSys 2019) Clement Fung, Ivan Beschastnikh University of British Columbia 1 The emerging ML economy With the explosion of machine

596 views • 42 slides
Parties to a Mortgage loan of funds Owner-Debtor Creditor-Lender Borrower (Mortgagee)

Parties to a Mortgage loan of funds Owner-Debtor Creditor-Lender Borrower (Mortgagee)

Parties to a Mortgage loan of funds Owner-Debtor Creditor-Lender Borrower (Mortgagee) (Mortgagor) Security Interest (SI) in real property Parties to Note and Deed of Trust Loan of Funds Owner-Debtor Creditor-Lender

189 views • 4 slides
Towards Measuring Adversarial Twitter Interactions against Candidates in the US Midterm Elections

Towards Measuring Adversarial Twitter Interactions against Candidates in the US Midterm Elections

Towards Measuring Adversarial Twitter Interactions against Candidates in the US Midterm Elections Yiqing Hua Thomas Ristenpart Mor Naaman Cornell Tech, Cornell University Presentation for ICWSM 2020 Find the slides and paper on

357 views • 21 slides
Armor Within: Defending against Vulnerabilities in Third-Party Libraries Sameed Ali , Prashant

Armor Within: Defending against Vulnerabilities in Third-Party Libraries Sameed Ali , Prashant

Armor Within: Defending against Vulnerabilities in Third-Party Libraries Sameed Ali , Prashant Anantharaman, Sean Smith Dartmouth College, NH, USA sameed.ali.gr@dartmouth.edu 1 Outline Motivation Our Evaluation Conclusions Approaches 2

381 views • 27 slides
Combating Election Misinformation Communicating Trusted Election Information July 30, 2020

Combating Election Misinformation Communicating Trusted Election Information July 30, 2020

Combating Election Misinformation Communicating Trusted Election Information July 30, 2020 #TrustedInfo2020 Housekeeping Be gracious about work-from-home setups Restart Zoom if needed Slides, captioned recordings, and a participant

903 views • 67 slides
Working with Third-Party Providers Transforming Professional

Working with Third-Party Providers Transforming Professional

4/21/14 Working with Third-Party Providers Transforming Professional Learning Webinar Series April 17, 2014 Call Procedures Engage fully, sharing

388 views • 6 slides

More recommend