Results 11  20
of
23
Breaking the O(nm) Bit Barrier: Secure Multiparty Computation with a Static Adversary
"... We describe scalable algorithms for secure multiparty computation (SMPC). We assume a synchronous message passing communication model, but unlike most related work, we do not assume the existence of a broadcast channel. Our main result holds for the case where there are n players, of which a 1/3 − ɛ ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
(Show Context)
We describe scalable algorithms for secure multiparty computation (SMPC). We assume a synchronous message passing communication model, but unlike most related work, we do not assume the existence of a broadcast channel. Our main result holds for the case where there are n players, of which a 1/3 − ɛ fraction are controlled by an adversary, for ɛ any positive constant. We describe a SMPC algorithm for this model that requires each player to send Õ ( n+m n + √ n+m n) messages and perform Õ( n + √ n) computations to compute any function f, where m is the size of a circuit to compute f. We also consider a model where all players are selfish but rational. In this model, we describe a Nash equilibrium protocol that solve SMPC n+m n+m
Secure Computation of Hidden Markov Models
"... Hidden Markov Model (HMM) is a popular statistical tool with a large number of applications in pattern recognition. In some of such applications, including speaker recognition in particular, the computation involves personal data that can identify individuals and must be protected. For that reason, ..."
Abstract

Cited by 3 (2 self)
 Add to MetaCart
Hidden Markov Model (HMM) is a popular statistical tool with a large number of applications in pattern recognition. In some of such applications, including speaker recognition in particular, the computation involves personal data that can identify individuals and must be protected. For that reason, we develop privacypreserving techniques for HMM and Gaussian mixture model (GMM) computation suitable for use in speaker recognition and other applications. Unlike prior work, our solution uses floating point arithmetic, which allows us to simultaneously achieve high accuracy, provable security guarantees, and reasonable performance. We develop techniques for both twoparty HMM and GMM computation based on threshold homomorphic encryption and multiparty computation based on threshold linear secret sharing, which are suitable for secure collaborative computation as well as secure outsourcing. 1
Efficient Multiparty Protocols via LogDepth Threshold Formulae
, 2013
"... We put forward a new approach for the design of efficient multiparty protocols: 1. Design a protocol π for a small number of parties (say, 3 or 4) which achieves security against a single corrupted party. Such protocols are typically easy to construct, as they may employ techniques that do not scale ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
We put forward a new approach for the design of efficient multiparty protocols: 1. Design a protocol π for a small number of parties (say, 3 or 4) which achieves security against a single corrupted party. Such protocols are typically easy to construct, as they may employ techniques that do not scale well with the number of corrupted parties. 2. Recursively compose π with itself to obtain an efficient nparty protocol which achieves security against a constant fraction of corrupted parties. The second step of our approach combines the “player emulation ” technique of Hirt and Maurer (J. Cryptology, 2000) with constructions of logarithmicdepth formulae which compute threshold functions using only constant fanin threshold gates. Using this approach, we simplify and improve on previous results in cryptography and distributed computing. In particular: • We provide conceptually simple constructions of efficient protocols for Secure Multiparty Computation (MPC) in the presence of an honest majority, as well as broadcast protocols from pointtopoint channels and a 2cast primitive. • We obtain new results on MPC over blackbox groups and other algebraic structures. The above results rely on the following complexitytheoretic contributions, which may be of independent interest:
LargeScale Secure Computation: Multiparty Computation for (Parallel) RAM Programs
"... Abstract. We present the first efficient (i.e., polylogarithmic overhead) method for securely and privately processing large data sets over multiple parties with parallel, distributed algorithms. More specifically, we demonstrate loadbalanced, statistically secure computation protocols for computi ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
Abstract. We present the first efficient (i.e., polylogarithmic overhead) method for securely and privately processing large data sets over multiple parties with parallel, distributed algorithms. More specifically, we demonstrate loadbalanced, statistically secure computation protocols for computing Parallel RAM (PRAM) programs, handling (1/3−) fraction malicious players, while preserving up to polylogarithmic factors the computation and memory complexities of the PRAM program, aside from a onetime execution of a broadcast protocol per party. Additionally, our protocol has polylog communication locality—that is, each of the n parties speaks only with polylog(n) other parties. 1
Noname manuscript No. (will be inserted by the editor) Private and Oblivious Set and Multiset Operations
"... Abstract Privacypreserving set operations, and set intersection in particular, are a popular research topic. Despite a large body of literature, the great majority of the available solutions are twoparty protocols and are not composable. In this work we design a comprehensive suite of secure mult ..."
Abstract
 Add to MetaCart
Abstract Privacypreserving set operations, and set intersection in particular, are a popular research topic. Despite a large body of literature, the great majority of the available solutions are twoparty protocols and are not composable. In this work we design a comprehensive suite of secure multiparty protocols for set and multiset operations that are composable, do not assume any knowledge of the sets by the parties carrying out the secure computation, and can be used for secure outsourcing. All of our protocols have communication and computation complexity of O(m logm) for sets or multisets of size m, which compares favorably with prior work. Furthermore, we are not aware of any results that realize composable operations. Our protocols are secure in the information theoretic sense and are designed to minimize the round complexity. Practicality of our solutions is shown through experimental results. 1
Contents lists available at SciVerse ScienceDirect
"... journal homepage: www.elsevier.com/locate/jpdc ..."
(Show Context)
Decentralized Polling With Respectable Participants ✩,✩✩
, 2013
"... We consider the polling problem in a social network: participants express support for a given option and expect an outcome reflecting the opinion of the majority. Individuals in a social network care about their reputation: they do not want their vote to be disclosed or any potential misbehavior to ..."
Abstract
 Add to MetaCart
(Show Context)
We consider the polling problem in a social network: participants express support for a given option and expect an outcome reflecting the opinion of the majority. Individuals in a social network care about their reputation: they do not want their vote to be disclosed or any potential misbehavior to be publicly exposed. We exploit this social aspect of users to model dishonest behavior, and show that a simple secret sharing scheme, combined with lightweight verification procedures, enables private and accurate polling without requiring any central authority or cryptography. We present DPol, a simple and scalable distributed polling protocol in which misbehaving nodes are exposed with positive probability and in which the probability of honest participants having their privacy violated is traded off with the impact of dishonest participants on the accuracy of the polling result. The tradeoff is captured by a generic parameter of the protocol, an integer k called the privacy parameter. In a system of N nodes with B dishonest participants, the probability of disclosing a participant’s vote is bounded by (B/N) k+1, whereas the impact on the score of each polling option is at most (3k + 2)B with high probability when dishonest users are a minority (i.e., B < N/2), assuming nodes are uniformly spread across groups used by the system. When dishonest users are few (i.e., B < √ N), the impact bound holds deterministically and our protocol is asymptotically accurate: there is negligible difference between the true result score of the poll and the outcome of our protocol. To demonstrate the practicality of DPol, we report on its deployment on 400 PlanetLab nodes. The relative error of the polling
LargeScale Secure Computation
, 2014
"... We are interested in secure computation protocols in settings where the number of parties is huge and their data even larger. Assuming the existence of a singleuse broadcast channel (per player), we demonstrate statistically secure computation protocols for computing (multiple) arbitrary dynamic RA ..."
Abstract
 Add to MetaCart
We are interested in secure computation protocols in settings where the number of parties is huge and their data even larger. Assuming the existence of a singleuse broadcast channel (per player), we demonstrate statistically secure computation protocols for computing (multiple) arbitrary dynamic RAM programs over parties ’ inputs, handling (1/3−) fraction static corruptions, while preserving up to polylogarithmic factors the computation and memory complexities of the RAM program. Additionally, our protocol is load balanced and has polylogarithmic communication locality.
Secure Location Sharing
"... In the last decade, the number of locationaware mobile devices has mushroomed. Just as locationbased services grow fast, they lay out many questions and challenges when it comes to privacy. For example, who owns the location data and for what purpose is the data used? To answer these questions, we ..."
Abstract
 Add to MetaCart
(Show Context)
In the last decade, the number of locationaware mobile devices has mushroomed. Just as locationbased services grow fast, they lay out many questions and challenges when it comes to privacy. For example, who owns the location data and for what purpose is the data used? To answer these questions, we need new tools for location privacy. In this paper, we focus on the problem of secure location sharing, where a group of n clients want to collaborate with each other to anonymously share their location data with a location database server and execute queries based on them. To become more realistic, we assume up to a certain fraction of the clients are controlled arbitrarily by an active and computationally unbounded adversary. A relaxed version of this problem has already been studied in the literature assuming either a trusted third party or a weaker adversarial model. We alternatively propose a scalable approach for secure location sharing that tolerates up to n/6 staticallychosen malicious clients and does not require any trusted third party. We show that, unlike most other locationbased services, our protocol is secure against trafficanalysis attacks. We also show that our protocol requires each client to send a polylogarithmic number of bits and compute a polylogarithmic number of operations (with respect to n) to query a point of interest based on its location. 1
Adaptively Secure UC Constant Round MultiParty Computation
"... Abstract. We present a universally composable multiparty computation protocol that is adaptively secure against corruption of n − 1 of the n players. The protocol has a constant number of rounds and communication complexity that depends only on the number of inputs and outputs (and not on the size ..."
Abstract
 Add to MetaCart
Abstract. We present a universally composable multiparty computation protocol that is adaptively secure against corruption of n − 1 of the n players. The protocol has a constant number of rounds and communication complexity that depends only on the number of inputs and outputs (and not on the size of the circuit to be computed securely). Such protocols were already known for honest majority. However, adaptive security and constant round was known to be impossible in the standalone model and with blackbox proofs of security. Here, we solve the problem in the UC model using a setup assumption. Our protocol is secure assuming LWE is hard and achieved by building a special type of crypto system we call equivocal FHE from LWE. We also build adaptively secure and constant round UC commitment and zeroknowledge proofs (of knowledge) based on LWE. 1