two round information theoretic mpc with malicious
play

Two Round Information-Theoretic MPC with Malicious Security - PowerPoint PPT Presentation

Jan 19, 2024 •221 likes •925 views

Two Round Information-Theoretic MPC with Malicious Security Prabhanjan Ananth Arka Rai Choudhuri Aarushi Goel Abhishek Jain TPMPC 2019 Adversarial Model Adversarial Model Malicious Adversary Adversarial Model Malicious Adversary

  1. Two Round Information-Theoretic MPC with Malicious Security Prabhanjan Ananth Arka Rai Choudhuri Aarushi Goel Abhishek Jain TPMPC 2019

  2. Adversarial Model

  3. Adversarial Model Malicious Adversary

  4. Adversarial Model Malicious Adversary Corrupts < "/2 parties (Honest Majority)

  5. Honest Majority MPC

  6. Honest Majority MPC Information-Theoretic security is possible. [Ben-Or, Goldwasser, Widgerson’88] Typically UC secure Simulation proofs are typically straight-line Round complexity lower bounds for dishonest majority do not apply 4 rounds necessary for dishonest majority in the plain model [Garg- Mukherjee-Pandey-Polychroniadou16] Clean Constructions Use lightweight tools such as garbling and secret-sharing

  7. Honest Majority MPC Information-Theoretic security is possible. [Ben-Or, Goldwasser, Widgerson’88] Typically UC secure Simulation proofs are typically straight-line Round complexity lower bounds for dishonest majority do not apply 4 rounds necessary for dishonest majority in the plain model [Garg- Mukherjee-Pandey-Polychroniadou16] Clean Constructions Use lightweight tools such as garbling and secret-sharing

  8. Honest Majority MPC Information-Theoretic security is possible. [Ben-Or, Goldwasser, Widgerson’88] Typically UC secure Simulation proofs are typically straight-line Round complexity lower bounds for dishonest majority do not apply 4 rounds necessary for dishonest majority in the plain model [Garg- Mukherjee-Pandey-Polychroniadou16] Clean Constructions Use lightweight tools such as garbling and secret-sharing

  9. Honest Majority MPC Information-Theoretic security is possible. [Ben-Or, Goldwasser, Widgerson’88] Typically UC secure Simulation proofs are typically straight-line Round complexity lower bounds for dishonest majority do not apply 4 rounds necessary for dishonest majority in the plain model [Garg- Mukherjee-Pandey-Polychroniadou16] Clean Constructions Use lightweight tools such as garbling and secret-sharing

  10. Honest Majority MPC: Applications Useful for constructing efficient ZK-protocols.

  11. Honest Majority MPC: Applications (Courtesy: Sergey Gorbunov’s talk)

  12. History of IT-MPC Round Class of Corruption Adversary Complexity Functions Threshold [BGW’88] > # of P/Poly t<n/2 Malicious multiplications [BB’89, IK’00, constant NC 1 t<n/2 Malicious AIK’06] [IKP’10] 2 NC 1 t<n/3 Malicious Security with selective abort [GIS’18, ABT’18] 2 NC 1 t<n/2 Semi-honest

  13. Our Results Round Complexity Class of Functions Corruption Threshold Adversary 2 NC 1 t<n/2 Malicious Security with Abort over Broadcast + P2P Security with Selective Abort over P2P

  14. Our Results Round Complexity Class of Functions Corruption Threshold Adversary 2 NC 1 t<n/2 Malicious Security with Abort over Concurrent Work [ABT19] Broadcast + P2P Consider security with selective abort. Security with Selective Abort over P2P

  15. This Talk Round Complexity Class of Functions Corruption Threshold Adversary 2 NC 1 t<n/2 Malicious Security with Abort over Broadcast + P2P Security with Selective Abort over P2P

  16. Our Strategy Round 2 Round IT-MPC Compression Constant Round IT-MPC (Privacy with Knowledge of (Security with Abort) Outputs) Broadcast + P2P Broadcast + P2P Security Upgrade 2 Round IT-MPC (Security with Abort) Broadcast + P2P

  17. Security with Abort Party 2 ! Trusted Party Party 1 Party 3

  18. Security with Abort ! 2 ! 1 Party 2 % ! 3 Trusted Party Party 1 Party 3

  19. Security with Abort ! 2 ! 1 Party 2 % = '(! 1, ! 2, ! 3 ) ' ! 3 Trusted Party Party 1 Party 3

  20. Security with Abort ! 2 ! 1 Party 2 % = '(! 1, ! 2, ! 3 ) ' ! 3 %’ = % ,- ⊥ Trusted Party Party 1 Party 3

  21. Security with Abort ! 2 ! 1 %’ Party 2 % = '(! 1, ! 2, ! 3 ) ' ! 3 %’ = % ,- ⊥ Trusted Party Party 1 %’ Party 3

  22. Security with Abort Privacy ! 2 and ! 3 remain hidden $

  23. Security with Abort Privacy ! 2 and ! 3 remain hidden $ Output Correctness Honest Parties either output $ ! % , ! ' , ! ( or ⊥

  24. Privacy with Knowledge of Outputs Privacy ! 2 and ! 3 remain hidden $ Output Correctness Honest Parties either output $ ! % , ! ' , ! ( or ⊥

  25. First Step Round 2 Round IT-MPC Compression Constant Round IT-MPC (Privacy with Knowledge of (Security with Abort) Outputs) Broadcast + P2P Broadcast + P2P Security Upgrade 2 Round IT-MPC (Security with Abort) Broadcast + P2P

  26. Using Signed Outputs [IKP10] " 1 & = ! (" ) , " + , " , ) ! " 2 " 3

  27. Using Signed Outputs [IKP10] * = ! (# ( , # - , # . ) # 1 , &' ( , )' ( (&' (, 0 ( = 1234 (*, )' 1 )) !′ # - , &' - , )' - (&' -, 0 - = 1234 (*, )' - )) # . , &' . , )' . (&' ., 0 . = 1234 (*, )' . ))

  28. Security with abort: Using Signed Outputs ! " , $% " , &% " -./01'(', ( ) , $% ) ) ', ( ) , $% ) , ( " , $% " , (( + , $% + ) -./01'(', ( " , $% " ) 1 ’ -./01'(', ( + , $% + ) Party 2 Trusted Party

  29. Security with abort: Using Signed Outputs ! " , $% " , &% " ./01-'(', ( ) , $% ) ) ', ( ) , $% ) , ( " , $% " , (( + , $% + ) ./01-'(', ( " , $% " ) - ’ ./01-'(', ( + , $% + ) Party 2 Trusted Party Accept if all 3 verify

  30. Security with abort: Using Signed Outputs ! " , $% " , &% " ./01-'(', ( ) , $% ) ) Digital signatures require one-way functions ', ( ) , $% ) , ( " , $% " , (( + , $% + ) ./01-'(', ( " , $% " ) - ’ ./01-'(', ( + , $% + ) Party 2 Trusted Party Accept if all 3 verify

  31. Security with abort: Using Signed Outputs ! " , $% " , &% " ./01-'(', ( ) , $% ) ) Digital signatures require one-way functions ', ( ) , $% ) , ( " , $% " , (( + , $% + ) ./01-'(', ( " , $% " ) MACs are not sufficient - ’ ./01-'(', ( + , $% + ) Party 2 Trusted Party Accept if all 3 verify

  32. Security with abort: Using Signed Outputs ! " , $% " , &% " ./01-'(', ( ) , $% ) ) Digital signatures require one-way functions ', ( ) , $% ) , ( " , $% " , (( + , $% + ) ./01-'(', ( " , $% " ) MACs are not sufficient - ’ ./01-'(', ( + , $% + ) Party 2 Trusted Party How can we do it information theoretically? Accept if all 3 verify

  33. Our Tool: Multi-Key MAC ! " ! # ! $ %

  34. Our Tool: Multi-Key MAC + , + - + . ) ! = #. %&'( ), + , , + - , + .

  35. Our Tool: Multi-Key MAC ! ! ! ) ! = #. %&'( ), + , , + - , + .

  36. Our Tool: Multi-Key MAC !. #$%&'( (*, ,, - . ) , , !. #$%&'( (*, ,, - 0 ) , * !. #$%&'( (*, ,, - 1 ) , = !. 3&45 *, - . , - 0 , - 1

  37. Our Tool: Multi-Key MAC (Correctness) !. #$%&'( (*, ,, - . ) YES , , !. #$%&'( (*, ,, - 0 ) YES , * !. #$%&'( (*, ,, - 1 ) , = !. 3&45 *, - . , - 0 , - 1 YES

  38. Our Tool: Multi-Key MAC (Security) " . & ! , " # , " % & = (. *+,- !, " . , " # , " %

  39. Our Tool: Multi-Key MAC (Security) " . ! / , & ’ & " # ! , " # , " % (. 012+34 (!′, &′, " # ) & = (. *+,- !, " . , " # , " % NO

  40. Our Tool: Multi-Key MAC (Security) An adversary cannot output any valid " , message-signature pair other than the ! - , & ’ & one it received " # ! , " # , " % .. 012)34 (!′, &′, " # ) & = ()*+ !, " , , " # , " % NO

  41. Security with Abort: Using Multi-Key MAC # 1 , & ' ( = ! (# ' , # + , # , ) !′ # + , & + . = /. 1234 ((, & 1 , & 2 , & 3 ) # , , & ,

  42. Security with Abort: Using Multi-Key MAC ! " , $ " '. )*+,-%(%, &, $ " ) %, & - ’ Trusted Party Party 2

  43. Security with abort: Using Multi-Key MAC ( , , * , ( - , * - !, # !, # %′ Honest Party 3 Trusted Party Honest Party 2 IF !, # = %′((( ) * ) ), (( , , * , ), (( - , * - ))

  44. Security with abort: Using Multi-Key MAC 0 - , , - 0 / , , / (, + (, + '′ Honest Party 3 Trusted Party Honest Party 2 IF (, + = '′((0 3 , 3 ), (0 - , , - ), (0 / , , / )) !. #$%&'(((, +, , - ) !. #$%&'(((, +, , / ) YES YES

  45. Security with abort: Using Multi-Key MAC ! " , $ " ! ' , $ ' %, & %, & )′ Honest Party 3 Trusted Party Honest Party 2 IF %, & ≠ )′((! , $ , ), (! " , $ " ), (! ' , $ ' ))

  46. Security with abort: Using Multi-Key MAC ! " , $ " ! ' , $ ' %, & %, & .′ Honest Party 3 Trusted Party Honest Party 2 Honest Party 2 IF %, & ≠ .′((! 3 $ 3 ), (! " , $ " ), (! ' , $ ' )) (. *+,-.%(%, &, $ " ) (. *+,-.%(%, &, $ ' ) NO NO

  47. Recall: Our Strategy Round 2 Round IT-MPC Compression Constant Round IT-MPC (Privacy with Knowledge of (Security with Abort) Outputs) Broadcast + P2P Broadcast + P2P Security Using Multi-Key MAC Upgrade 2 Round IT-MPC (Security with Abort) Broadcast + P2P

  48. Second Step Round 2 Round IT-MPC Compression Constant Round IT-MPC (Privacy with Knowledge of (Security with Abort) Outputs) Broadcast + P2P Broadcast + P2P Security Using Multi-Key MAC Upgrade 2 Round IT-MPC (Security with Abort) Broadcast + P2P

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Two Round Information-Theoretic MPC with Malicious Security Prabhanjan Ananth Arka Rai

Two Round Information-Theoretic MPC with Malicious Security Prabhanjan Ananth Arka Rai

Two Round Information-Theoretic MPC with Malicious Security Prabhanjan Ananth Arka Rai Choudhuri Aarushi Goel Abhishek Jain EUROCRYPT 2019 Adversarial Model Adversarial Model Malicious Adversary Adversarial Model Malicious Adversary

1.11k views • 57 slides
Security in Malicious Environments: NSF Programs in Information-Theoretic Network Security Phil

Security in Malicious Environments: NSF Programs in Information-Theoretic Network Security Phil

Background Classical Tools Beyond Cryptography NSF Security in Malicious Environments: NSF Programs in Information-Theoretic Network Security Phil Regalia Program Director Directorate for Computer &amp; Information Science &amp; Engineering

552 views • 36 slides
INFORMATION-THEORETIC SECURITY INFORMATION-THEORETIC SECURITY Lecture 2 - Elements of Information

INFORMATION-THEORETIC SECURITY INFORMATION-THEORETIC SECURITY Lecture 2 - Elements of Information

INFORMATION-THEORETIC SECURITY INFORMATION-THEORETIC SECURITY Lecture 2 - Elements of Information Theory Matthieu Bloch December 3, 2019 1 TOOLS: TOOLS: CONCENTRATION INEQUALITIES CONCENTRATION INEQUALITIES Lemma (Markov's inequality) Let

340 views • 14 slides
INFORMATION-THEORETIC SECURITY INFORMATION-THEORETIC SECURITY Lecture 4 - Elements of Information

INFORMATION-THEORETIC SECURITY INFORMATION-THEORETIC SECURITY Lecture 4 - Elements of Information

INFORMATION-THEORETIC SECURITY INFORMATION-THEORETIC SECURITY Lecture 4 - Elements of Information Theory Matthieu Bloch December 5, 2019 1 SOURCE CODING SOURCE CODING One-shot source coding with side information Coding consists of encoder

237 views • 6 slides
INFORMATION-THEORETIC SECURITY INFORMATION-THEORETIC SECURITY Lecture 1 - Elements of Information

INFORMATION-THEORETIC SECURITY INFORMATION-THEORETIC SECURITY Lecture 1 - Elements of Information

INFORMATION-THEORETIC SECURITY INFORMATION-THEORETIC SECURITY Lecture 1 - Elements of Information Theory Matthieu Bloch December 2, 2019 1 CONTEXT AND OBJECTIVES CONTEXT AND OBJECTIVES Context Security is an increasingly problematic

480 views • 27 slides
XCPs Performance in the Presence of Malicious Flows Dina Katabi dk@mit.edu How does XCP

XCPs Performance in the Presence of Malicious Flows Dina Katabi dk@mit.edu How does XCP

XCPs Performance in the Presence of Malicious Flows Dina Katabi dk@mit.edu How does XCP Work? Round Trip Time Round Trip Time Throughput Throughput Feedback Feedback = Feedback + 0.5 packet/sec Congestion Header How does XCP Work?

548 views • 12 slides
Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu

Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu

Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu mihai@cs.wisc.edu 10 March 2005 What is Malicious Code? What is Malicious Code? Viruses, worms, trojans, Code that breaks your security policy.

1.16k views • 94 slides
Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu

Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu

Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu mihai@cs.wisc.edu 23 March 2006 What is Malicious Code? What is Malicious Code? Viruses, worms, trojans, Code that breaks your security policy.

707 views • 69 slides
Toy Example Toy Example Toy Example Toy Example Toy Example D 1 weak classifiers = vertical or

Toy Example Toy Example Toy Example Toy Example Toy Example D 1 weak classifiers = vertical or

Toy Example Toy Example Toy Example Toy Example Toy Example D 1 weak classifiers = vertical or horizontal half-planes Round 1 Round 1 Round 1 Round 1 Round 1 h 1 D 2 &quot; 1 =0.30 ! =0.42 1 Round 2 Round 2 Round 2 Round 2 Round

188 views • 5 slides
Information-Theoretic approaches to Information Flow Catuscia Palamidessi INRIA Saclay &amp;

Information-Theoretic approaches to Information Flow Catuscia Palamidessi INRIA Saclay &amp;

Information-Theoretic approaches to Information Flow Catuscia Palamidessi INRIA Saclay &amp; Ecole Polytechnique based on joint work with Mrio S. Alvim and Miguel E. Andrs Pnuelis memorial, 9 May 2010 1 The problem Control the

488 views • 19 slides
Loo ooking g into Ma o Malicious I Insider ers JPCERT/CC Koichiro Sparky Komiyama First

Loo ooking g into Ma o Malicious I Insider ers JPCERT/CC Koichiro Sparky Komiyama First

Loo ooking g into Ma o Malicious I Insider ers JPCERT/CC Koichiro Sparky Komiyama First Conference, Vienna Agenda Background Previous work Information leakage by malicious insider Our Research How to prevent 2 Insider

335 views • 30 slides
2015 Grant Round Information Session Agenda Introduction 2015 Grant Round Elements and

2015 Grant Round Information Session Agenda Introduction 2015 Grant Round Elements and

2015 Grant Round Information Session Agenda Introduction 2015 Grant Round Elements and Process What makes a good application/Tips for applying Questions Who We Are: Over Sixty Years of Community Philanthropy in the Geelong

614 views • 22 slides
2014 Grant Round Information Session Agenda Introduction 2014 Grant Round Changes/What

2014 Grant Round Information Session Agenda Introduction 2014 Grant Round Changes/What

2014 Grant Round Information Session Agenda Introduction 2014 Grant Round Changes/What Remains the same Tips for applying Questions Introduction: Who We Are Formed in 1954 as the Geelong and District Community Chest,

319 views • 20 slides
3. Information-Theoretic Foundations Founder: Claude Shannon, 1940s Gives bounds for:

3. Information-Theoretic Foundations Founder: Claude Shannon, 1940s Gives bounds for:

3. Information-Theoretic Foundations Founder: Claude Shannon, 1940s Gives bounds for: Ultimate data compression Ultimate transmission rate of communication Measure of symbol information: Degree of surprise / uncertainty

758 views • 13 slides
Information Theoretic Security S ennur Ulukus Department of ECE University of Maryland

Information Theoretic Security S ennur Ulukus Department of ECE University of Maryland

Information Theoretic Security S ennur Ulukus Department of ECE University of Maryland ulukus@umd.edu Joint work with Raef Bassily, Ersen Ekrem, Nan Liu, Shabnam Shafiee. 2012 European School of Information Theory April 2012

1.56k views • 129 slides
PE-Miner : Mining Structural Information to Detect Malicious Executables in Realtime M. Zubair

PE-Miner : Mining Structural Information to Detect Malicious Executables in Realtime M. Zubair

PE-Miner : Mining Structural Information to Detect Malicious Executables in Realtime M. Zubair Shafiq, S. Momina Tabish, Fauzan Mirza, Muddassar Farooq RAID,2009

881 views • 36 slides
By Tom Caulfield Our Discussion Two Questions: What do we, as a group, believe an

By Tom Caulfield Our Discussion Two Questions: What do we, as a group, believe an

Protecting Your Contracts from Procurement Fraud and Abuse with Procurement Integrity Controls By Tom Caulfield Our Discussion Two Questions: What do we, as a group, believe an organization needs (i.e. policies, procedures, and

397 views • 28 slides
3.26pt Randomized Projections for Corrupted Linear Systems Jamie Haddock 1 , Deanna Needell 2 1

3.26pt Randomized Projections for Corrupted Linear Systems Jamie Haddock 1 , Deanna Needell 2 1

3.26pt Randomized Projections for Corrupted Linear Systems Jamie Haddock 1 , Deanna Needell 2 1 Graduate Group in Applied Mathematics, University of California, Davis 2 Department of Mathematics, University of California, Los Angeles

608 views • 43 slides
Reinforcement Learning with a Corrupted Reward Channel Tom Everitt, Victoria Krakovna, Laurent

Reinforcement Learning with a Corrupted Reward Channel Tom Everitt, Victoria Krakovna, Laurent

Reinforcement Learning with a Corrupted Reward Channel Tom Everitt, Victoria Krakovna, Laurent Orseau, Marcus Hutter, Shane Legg IJCAI 2017 and arXiv (slides adapted from Tom's IJCAI talk) Motivation Want to give RL agents good incentives

390 views • 20 slides
Memory corruption public enemy number 1 Erik Poll Digital Security Radboud University Nijmegen

Memory corruption public enemy number 1 Erik Poll Digital Security Radboud University Nijmegen

Software Security Memory corruption public enemy number 1 Erik Poll Digital Security Radboud University Nijmegen 1 Security in the development lifecycle 2.1 week 3: exercise week4: group project Security in the development lifecycle

1.82k views • 146 slides
Applying ex-post harmonization of cross-national survey data in corruption research Ilona

Applying ex-post harmonization of cross-national survey data in corruption research Ilona

CSDI WORKSHOP March 16-18, 2017, Mannheim, Germany Applying ex-post harmonization of cross-national survey data in corruption research Ilona Wysmulek iwysmulek@ifispan.waw.pl Polish Academy of Sciences in Warsaw PhD candidate in Sociology

491 views • 17 slides
Perturbation attack on modern CPUs, from the fault model to the exploitation Thomas TROUCHKINE 1 ,

Perturbation attack on modern CPUs, from the fault model to the exploitation Thomas TROUCHKINE 1 ,

Perturbation attack on modern CPUs, from the fault model to the exploitation Thomas TROUCHKINE 1 , Guillaume BOUFFARD 1,2 , Jessy CLDIRE 3 1 National Cybersecurity Agency of France (ANSSI) 2 Information Security Group, cole Normale

292 views • 28 slides
Prescribed burning objectives: cost- benefit analysis PRESENTER Geoff Park, Natural Decisions

Prescribed burning objectives: cost- benefit analysis PRESENTER Geoff Park, Natural Decisions

Prescribed burning objectives: cost- benefit analysis PRESENTER Geoff Park, Natural Decisions DATE May 2018 WEBINAR National Burning Project Sub-project 2 Analysis of tools and methodologies to balance competing objectives of burning

623 views • 25 slides
CHAPTER 9 Lecture slides to accompany Engineering Economy 7th edition Leland Blank Anthony

CHAPTER 9 Lecture slides to accompany Engineering Economy 7th edition Leland Blank Anthony

CHAPTER 9 Lecture slides to accompany Engineering Economy 7th edition Leland Blank Anthony Tarquin Benefit/Cost Analysis 1 LEARNING OUTCOMES Purpose: Understand public sector projects and select the best alternative on the basis of

630 views • 23 slides

More recommend