Results 1 
8 of
8
Polylogarithmic private approximations and efficient matching
, 2005
"... In [12] a private approximation of a function f is defined to be another function F that approximates f in the usual sense, but does not reveal any information about x other than what can be deduced from f(x). We give the first twoparty private approximation of the l2 distance with polylogarithmi ..."
Abstract

Cited by 35 (3 self)
 Add to MetaCart
In [12] a private approximation of a function f is defined to be another function F that approximates f in the usual sense, but does not reveal any information about x other than what can be deduced from f(x). We give the first twoparty private approximation of the l2 distance with polylogarithmic communication. This, in particular, resolves the main open question of [12]. We then look at the private near neighbor problem in which Alice has a query point in {0, 1} d and Bob a set of n points in {0, 1} d, and Alice should privately learn the point closest to her query. We improve upon existing protocols, resolving open questions of [13, 10]. Then, we relax the problem by defining the private approximate near neighbor problem, which requires introducing a notion of secure computation of approximations for functions that return sets of points rather than values. For this problem we give several protocols with sublinear communication.
Privacy Preserving Error Resilient DNA Searching through Oblivious Automata
"... Human DesoxyriboNucleic Acid (DNA) sequences offer a wealth of information that reveal, among others, predisposition to various diseases and paternity relations. The breadth and personalized nature of this information highlights the need for privacypreserving protocols. In this paper, we present a ..."
Abstract

Cited by 21 (2 self)
 Add to MetaCart
Human DesoxyriboNucleic Acid (DNA) sequences offer a wealth of information that reveal, among others, predisposition to various diseases and paternity relations. The breadth and personalized nature of this information highlights the need for privacypreserving protocols. In this paper, we present a new errorresilient privacypreserving string searching protocol that is suitable for running private DNA queries. This protocol checks if a short template (e.g., a string that describes a mutation leading to a disease), known to one party, is present inside a DNA sequence owned by another party, accounting for possible errors and without disclosing to each party the other party’s input. Each query is formulated as a regular expression over a finite alphabet and implemented as an automaton. As the main technical contribution, we provide a protocol that allows to execute any finite state machine in an oblivious manner, requiring a communication complexity which is linear both in the number of states and the length of the input string. Categories and Subject Descriptors
Secure discsp protocols  from centralized towards distributed solutions
 in DCR05 Workshop
, 2005
"... Abstract. We present new protocols for secure distributed constraint satisfaction problems (DisCSPs). The presented protocols are the first to enable an oblivious use of advanced search techniques heuristics. The first protocol is a centralized protocol, where two of the agents collect ‘encrypted’ d ..."
Abstract

Cited by 7 (0 self)
 Add to MetaCart
Abstract. We present new protocols for secure distributed constraint satisfaction problems (DisCSPs). The presented protocols are the first to enable an oblivious use of advanced search techniques heuristics. The first protocol is a centralized protocol, where two of the agents collect ‘encrypted’ data from all other parties, and obliviously perform a search algorithm. Our protocol improves on the previous solution of [YKH05] in several ways: It does not require introducing new agents into the protocol; it enables the use of nontrivial search techniques such as backjumping and ordering heuristics of variables and values; and, it completely eliminates information leakage to all agents. Our second protocol makes the first steps toward a feasible distributed secured protocol for solving DisCSPs. Our protocol enables agents to concurrently perform non sequential (asynchronous) algorithms. It forms an alternative network, whose nodes are small groups (e.g. pairs) of agents, that is generated from the original DisCSP. Each node group obliviously performs the roles of all its members in the search algorithm. We also identify the communication pattern of the protocol as a possible leakage source, and suggest how to eliminate this leakage. Finally, we discuss a hybrid solution that combines the centralized and distributed protocols and reduces the total communication cost. 1
Secure incomplete multiparty computation for distributed constraint problems
 in AAMASDCR Workshop
, 2006
"... The algorithms we propose here are simple but our contribution consists in identifying the simple guidelines required for a high level of privacy. Achieving the highest level of privacy for secrets used in a distributed computation implies that the distributed computation (steps) should be independe ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
The algorithms we propose here are simple but our contribution consists in identifying the simple guidelines required for a high level of privacy. Achieving the highest level of privacy for secrets used in a distributed computation implies that the distributed computation (steps) should be independent of the value of these secrets. When the expected answer of a constraint satisfaction solver is either a solution or no solution, then the previous assumption leads to algorithms that take always the computation time of the worst case. This is particularly disturbing for such NPhard problems. In this work we start from the observation that sometimes (specially for hard problems) users find it acceptable to receive as result not only a solution or the answer no solution but also a failure with meaning don’t know, or solutions proven optimal only within a subset of the problem space. More exactly, users accept incomplete solvers. It is argued in (Silaghi 2005b) that, for certain problems, privacy reasons lead users to prefer having an answer meaning don’t know even when the secure multiparty computation could have proven no solution (to avoid revealing that all alternatives are infeasible). While the solution proposed there is slower than complete algorithms, here we show secure incomplete solutions that are faster than complete solvers, allowing to address larger problem instances. We show that one can build timeaware instances where given a known amount of available time, we obtain an incomplete solver terminating in that time and offering a very high degree of privacy, namely nonuniform requested tprivacy.
Fuzzy Private Matching (Extended Abstract)
"... In the private matching problem, a client and a server each hold a set of n input elements. The client wants to privately compute the intersection of these two sets: he learns which elements he has in common with the server (and nothing more), while the server gains no information at all. In certain ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
In the private matching problem, a client and a server each hold a set of n input elements. The client wants to privately compute the intersection of these two sets: he learns which elements he has in common with the server (and nothing more), while the server gains no information at all. In certain applications it would be useful to have a fuzzy private matching protocol that reports a match even if two elements are only similar instead of equal. We consider this fuzzy private matching problem, in a semihonest environment. First we show that the original solution proposed by Freedman et al. [9] is incorrect. Subsequently we present two fuzzy private matching protocols. The first, simple, protocol has a large bit message complexity. The second protocol improves this, but here the client incurs a O(n) factor time complexity. 1
A Survey of SingleDatabase PIR: Techniques and Applications
"... In this paper we survey the notion of SingleDatabase Private Information Retrieval (PIR). The first SingleDatabase PIR was constructed in 1997 by Kushilevitz and Ostrovsky and since then SingleDatabase PIR has emerged as an important cryptographic primitive. For example, SingleDatabase PIR turne ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
In this paper we survey the notion of SingleDatabase Private Information Retrieval (PIR). The first SingleDatabase PIR was constructed in 1997 by Kushilevitz and Ostrovsky and since then SingleDatabase PIR has emerged as an important cryptographic primitive. For example, SingleDatabase PIR turned out to be intimately connected to collisionresistant hash functions, oblivious transfer and publickey encryptions with additional properties. In this survey, we give an overview of many of the constructions for SingleDatabase PIR (including an abstract construction based upon homomorphic encryption) and describe some of the connections of PIR to other primitives.
Private and Efficient Stable Marriages (Matching)
, 2006
"... We provide algorithms guaranteeing high levels of privacy by computing uniformly random solutions to stable marriages problems. We also provide efficient algorithms extracting a nonuniformly random solution and guaranteeing tprivacy for any threshold t. The most private solution is expensive and is ..."
Abstract
 Add to MetaCart
We provide algorithms guaranteeing high levels of privacy by computing uniformly random solutions to stable marriages problems. We also provide efficient algorithms extracting a nonuniformly random solution and guaranteeing tprivacy for any threshold t. The most private solution is expensive and is based on a distributed /shared CSP model of the problem. The most efficient version is based on running the GaleShapley algorithm after shuffling the men (or women) in the shared secret description of the problem. We introduce an efficient arithmetic circuit for the GaleShapley algorithm that can employ a cryptographic primitive we propose for vector access with an arbitrary number of participants.
An Efficient Way to Access an Array at a Secret Index
, 2006
"... We propose cryptographic primitives for reading and assigning the (shared) secret found at a secret index in a vector of secrets. The problem can also be solved in constant round with existing general techniques based on arithmetic circuits and the "equality test" in [4]. However the proposed te ..."
Abstract
 Add to MetaCart
We propose cryptographic primitives for reading and assigning the (shared) secret found at a secret index in a vector of secrets. The problem can also be solved in constant round with existing general techniques based on arithmetic circuits and the "equality test" in [4]. However the proposed technique requires to exchange less bits. The proposed primitives require a number of rounds that is independent of the size N of the vector, and only depends (linearly) on the number t of computing servers. A previously known primitive for reading a vector at a secret index works only for 2party computations. Our primitives work for any number of computing participants/servers.