AI帮你理解科学

AI 生成解读视频

AI抽取解析论文重点内容自动生成视频


pub
生成解读视频

AI 溯源

AI解析本论文相关学术脉络


Master Reading Tree
生成 溯源树

AI 精读

AI抽取本论文的概要总结


微博一下
We present unconditionally secure implementations of several cryptographic primitives based on anonymous communication over public channels

Cryptography from Anonymity

Berkeley, CA, (2006): 239-248

引用133|浏览34
EI WOS
下载 PDF 全文
引用
微博一下

摘要

There is a vast body of work on implementing anonymous communication. In this paper, we study the possibility of using anonymous communication as a building block, and show that one can leverage on anonymity in a variety of cryptographic contexts. Our results go in two directions. middot Feasibility. We show that anonymous communication o...更多

代码

数据

简介
  • There are many scenarios in which anonymous communication can be implemented at a low cost, either via physical means or by means of special-purpose protocols.
  • Private anonymous channels, allowing the adversary to learn only messages sent or received by corrupted players.
重点内容
  • There are many scenarios in which anonymous communication can be implemented at a low cost, either via physical means or by means of special-purpose protocols
  • We present unconditionally secure implementations of several cryptographic primitives based on anonymous communication over public channels
  • There is no obvious way to combine the advantages of non-private but anonymous channels and private but non-anonymous channels
  • We suggest the following direct implementation of PrivAnon based on Anon
  • (2) If the adversary corrupts only one sender, it cannot violate the privacy or the correct delivery of the message sent by the other sender, nor can it correlate its own message with the other message
  • Lemma 4.6 establishes the privacy of the protocol for an arbitrary number of clients, with the same amount of noise as that required for the privacy of a single client: Theorem 4.7 If the CR assumption (Definition 4.5) holds with parameters (F (k), c(k), t(k), n(k)), the above anonymous private information retrieval protocol remains computationally private for an arbitrary number of clients, as long as the total amount of noise contributed by uncorrupted clients is at least n(k)
结果
  • One could assume that the adversary only learns messages received by corrupted players; the authors call such a primitive private-anonymous channel and denote the corresponding functionality by PrivAnon.
  • The authors show how n ≥ 2 clients can privately compute statistics on their combined inputs by each sending few anonymous messages to a central server.
  • The authors' protocols only require one-way anonymous communication and are private with respect to an adversary corrupting the server along with an arbitrary number of clients.5 Note that it is impossible to obtain such non-interactive protocols in the standard model, even if one settles for computational privacy.
  • The authors want to design a protocol in which each client sends a small number of anonymous messages to the server, from which the server can recover the sum of all inputs without learning additional information about the inputs.
  • The authors use anonymous channels to obtain a PIR protocol which allows a server to handle queries that may originate from many different clients using a nearly optimal amount of communication and computation.
  • (The security of the protocol will be guaranteed as long as the total number of noise points sent by uncorrupted clients is at least n.) The server replies to each query with an answer sj = qx.
  • Lemma 4.6 establishes the privacy of the protocol for an arbitrary number of clients, with the same amount of noise as that required for the privacy of a single client: Theorem 4.7 If the CR assumption (Definition 4.5) holds with parameters (F (k), c(k), t(k), n(k)), the above anonymous PIR protocol remains computationally private for an arbitrary number of clients, as long as the total amount of noise contributed by uncorrupted clients is at least n(k).
结论
  • (A larger value of represents a more conservative assumption.) assuming two-way anonymous communication, there is a one-round PIR protocol involving a single server and multiple clients in which the amortized communication and computation per query are O(t) = O.
  • (Ideally, the number of users is sufficiently large so that each user receives at most a single element of F for each database in the system.) To access the ith entry in a database x, a user first computes a set of queries as in the above PIR protocol, and fetches the answers by anonymously contacting the users that hold the answers to these queries.
相关工作
  • A variant of the toy example presented above (for key agreement using anonymity) was suggested by Alpern and Schneider [2]. A similar idea was previously used by Winkler [55] for establishing secure channels in the game of Bridge. Our work, in contrast, achieves key agreement in the presence of malicious parties, a problem that was posed and left open in [2]. The related problem of obtaining key agreement from recipient anonymity, which hides the identity of the receiver rather than that of the sender, was considered in [48]. Pfitzmann and Waidner [49] use a variant of private anonymous communication as an intermediate step for obtaining highly resilient broadcast protocols. Finally, Anonymous communication has also been exploited in the context of practically oriented applications such as voting [13] and electronic cash [53].
基金
  • Supported in part by IBM Faculty Award, Intel equipment grant, NSF Cybertrust grant No 0430254, Xerox Award and grant 2002354 from the U.S.-Israel Binational Science Foundation
引用论文
  • Anonymity bibliography. http://www.freehaven.net/anonbib/
    Findings
  • B. Alpern and F. B. Schneider. Key exchange Using ‘Keyless Cryptography’. Information Processing Letters Vol. 16, pages 79-81, 1983.
    Google ScholarLocate open access versionFindings
  • A. Beimel, Y. Ishai, E. Kushilevitz, and J. F. Raymond. Breaking the O(n1/(2k−1)) Barrier for InformationTheoretic Private Information Retrieval. In Proc. 43rd FOCS, pages 261–270, 2002.
    Google ScholarLocate open access versionFindings
  • A. Beimel, Y. Ishai, and T. Malkin. Reducing the servers’ computation in private information retrieval: PIR with preprocessing. Journal of Cryptology, 17(2), pages 125–151, 200Earlier version in CRYPTO 2000.
    Google ScholarLocate open access versionFindings
  • A. Beimel and T. Malkin. A Quantitative Approach to Reductions in Secure Computation. In Proc. of 1st TCC, pages 238-257, 2004.
    Google ScholarLocate open access versionFindings
  • C. H. Bennett, G. Brassard, and J. M. Robert. Privacy Amplification by Public Discussion. SIAM J. Comput. 17(2): 210-229 (1988).
    Google ScholarLocate open access versionFindings
  • R. Berman, A. Fiat, and A. Ta-Shma. Provable Unlinkability against Traffic Analysis. In Proc. of 8th Financial Cryptography, pages 266-280, 2004.
    Google ScholarLocate open access versionFindings
  • D. Bleichenbacher, A. Kiayias, and M. Yung. Decoding of Interleaved Reed Solomon Codes over Noisy Data. In Proc. of ICALP 2003, pages 97-108.
    Google ScholarLocate open access versionFindings
  • D. Bleichenbacher and P. Q. Nguyen. Noisy Polynomial Interpolation and Noisy Chinese Remaindering. In Proc. of EUROCRYPT 2000, pages 53-69.
    Google ScholarLocate open access versionFindings
  • C. Cachin, S. Micali, and M. Stadler. Computationally private information retrieval with polylogarithmic communication. In Proc. of EUROCRYPT ’99, pages 402–414.
    Google ScholarLocate open access versionFindings
  • R. Canetti. Security and composition of multiparty cryptographic protocols. In J. of Cryptology, 13(1), 2000.
    Google ScholarLocate open access versionFindings
  • D. Chaum. Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms. Commun. ACM, Vol. 24(2), pages 84-88, 1981. Also: UC Berkeley M.Sc. Thesis, 1979.
    Google ScholarLocate open access versionFindings
  • D. Chaum. Elections with Unconditionally-Secret Ballots and Disruption Equivalent to Breaking RSA. In Proc. EUROCRYPT 1988, pages 177-182.
    Google ScholarLocate open access versionFindings
  • S. Chawla, C. Dwork, F. McSherry, A. Smith, and H. Wee. Toward Privacy in Public Databases. In Proc. of 2nd TCC, pages 363–385, 2005.
    Google ScholarLocate open access versionFindings
  • B. Chor, O. Goldreich, E. Kushilevitz, and M. Sudan. Private information retrieval. J. of the ACM, 45:965–981, 1998. Earlier version in FOCS ’95.
    Google ScholarLocate open access versionFindings
  • B. Chor and E. Kushilevitz. A Zero-One Law for Boolean Privacy. SIAM J. Discrete Math 4(1): 36-47, 1991. Earlier version in STOC ’89.
    Google ScholarLocate open access versionFindings
  • D. Coppersmith and M. Sudan. Reconstructing curves in three (and higher) dimensional space from noisy data. In Proc. of 35th STOC, pages 136-142, 2003.
    Google ScholarLocate open access versionFindings
  • R. Cramer, I. Damgard, S. Dziembowski, M. Hirt, and T. Rabin. Efficient Multiparty Computations Secure Against an Adaptive Adversary. In Proc. EUROCRYPT 1999, pages 311-326.
    Google ScholarLocate open access versionFindings
  • I. Dinur and K. Nissim. Revealing information while preserving privacy. In Proc. of 22nd PODS, pp. 202-210, 2003.
    Google ScholarLocate open access versionFindings
  • U. Feige, J. Kilian, and M. Naor. A minimal model for secure computation. In Proc. of 26th STOC, pages 554-563, 1994.
    Google ScholarLocate open access versionFindings
  • J. Feigenbaum, Y. Ishai, T. Malkin, K. Nissim, M. Strauss, and R. Wright. Secure Multiparty Computation of Approximations. In Proc. 28th ICALP, pages 927-938, 2001.
    Google ScholarLocate open access versionFindings
  • M. J. Fischer and R. N. Wright. Multiparty Secret Key Exchange Using a Random Deal of Cards. In Proc. CRYPTO 1991, pages 141-155.
    Google ScholarLocate open access versionFindings
  • M. Fitzi, J. Garay, U. Maurer, and R. Ostrovsky. Minimal Complete Primitives for Secure Multi-party Computation. In Proc. Crypto 2001, pages 80-100.
    Google ScholarLocate open access versionFindings
  • M. Fitzi and U. Maurer. From partial consistency to global broadcast. In Proc. 32nd STOC, pages 494-503, 2000.
    Google ScholarLocate open access versionFindings
  • M. Fitzi, S. Wolf, and J. Wullschleger. Pseudo-signatures, Broadcast, and Multi-party Computation from Correlated Randomness. In Proc. CRYPTO 2004, pages 562-578.
    Google ScholarLocate open access versionFindings
  • C. Gentry and Z. Ramzan. Single-Database Private Information Retrieval with Constant Communication Rate. In Proc. 32nd ICALP, pages 803-815, 2005.
    Google ScholarLocate open access versionFindings
  • O. Goldreich. Foundations of Cryptography: Basic Applications. Cambridge University Press, 2004.
    Google ScholarFindings
  • V. Guruswami and F. Parvaresh. Personal communication.
    Google ScholarFindings
  • V. Guruswami and A. Rudra. Explicit Capacity-Achieving List-Decodable Codes. In Proc. 38th STOC, pp. 1-10, 2006.
    Google ScholarLocate open access versionFindings
  • V. Guruswami, and M. Sudan. Improved decoding of Reed-Solomon and algebraic-geometry codes. IEEE Transactions on Information Theory, Vol. 45(6), pages 1757-1767, 1999. Earlier version in FOCS ’98.
    Google ScholarLocate open access versionFindings
  • D. Harnik, M. Naor, O. Reingold, and A. Rosen. Completeness in two-party secure computation: a computational view. In Proc. 36th STOC, pages 252-261, 2004.
    Google ScholarLocate open access versionFindings
  • R. Impagliazzo and M. Naor. Efficient Cryptographic Schemes Provably as Secure as Subset Sum. J. Cryptology 9(4), pages 199-216, 1996. Earlier version in FOCS ’89.
    Google ScholarLocate open access versionFindings
  • R. Impagliazzo and D. Zuckerman. How to Recycle Random Bits. In Proc. 30th FOCS, pages 248-253, 1989.
    Google ScholarLocate open access versionFindings
  • Y. Ishai and E. Kushilevitz. Perfect Constant-Round Secure Computation via Perfect Randomizing Polynomials. In Proc. 29th ICALP, pages 244-256, 2002.
    Google ScholarLocate open access versionFindings
  • Y. Ishai, E. Kushilevitz, R. Ostrovsky, and A. Sahai. Batch codes and their applications. In Proc. 36th STOC, pages 373-382, 2004.
    Google ScholarLocate open access versionFindings
  • Y. Ishai, E. Kushilevitz, R. Ostrovsky, and A. Sahai. Cryptography from Anonymity. In Proc. FOCS 2006.
    Google ScholarLocate open access versionFindings
  • A. Kiayias and M. Yung. Secure Games with Polynomial Expressions. In Proc. 28th ICALP, pages 939-950, 2001.
    Google ScholarLocate open access versionFindings
  • A. Kiayias and M. Yung. Cryptographic Hardness based on the Decoding of Reed-Solomon Codes with Applications. ECCC Technical Report #017, 2002.
    Google ScholarFindings
  • J. Kilian. Founding cryptography on oblivious transfer. In Proc. 20th STOC, pages 20–31, 1988.
    Google ScholarLocate open access versionFindings
  • J. Kilian, E. Kushilevitz, S. Micali, and R. Ostrovsky: Reducibility and Completeness in Private Computations. SIAM J. Comput. 29(4): 1189-1208 (2000).
    Google ScholarLocate open access versionFindings
  • E. Kushilevitz and R. Ostrovsky. Replication is not needed: single database, computationally-private information retrieval. In Proc. 38th FOCS, pages 364-373, 1997.
    Google ScholarLocate open access versionFindings
  • H. Lipmaa. An Oblivious Transfer Protocol with Log-Squared Communication. In Proc. ISC 2005, pages Information Theory 39(3): 733-742, 1993.
    Google ScholarLocate open access versionFindings
  • [44] T. Moran and M. Naor. Basing cryptographic protocols on tamper-evident Seals. In Proc. of 32nd ICALP, pages
    Google ScholarLocate open access versionFindings
  • [45] M. Naor and B. Pinkas. Oblivious polynomial evaluation. SIAM J. Comput. 35(5), pages 1254-1281, 2006.
    Google ScholarLocate open access versionFindings
  • [46] N. Nisan and D. Zuckerman. Randomness is Linear in Space. J. Comput. Syst. Sci., Vol. 52(1), pages 43-52, 1996. Earlier version in STOC ’93.
    Google ScholarLocate open access versionFindings
  • [47] F. Parvaresh and A. Vardy. Correcting Errors Beyond the Guruswami-Sudan Radius in Polynomial Time. In Proc. 46th FOCS, pages, 285-294, 2005.
    Google ScholarLocate open access versionFindings
  • [48] A. Pfitzmann and M. Waidner. Networks without user observability – design options. In Proc. Eurocrypt ’85, pages 245-253, 1986. Revision in: Computers and Security 6/2 (1987) 158-166.
    Google ScholarLocate open access versionFindings
  • [49] B. Pfitzmann and M. Waidner. Information-Theoretic Pseudosignatures and Byzantine Agreement for t ≥ n/3. IBM Research Report RZ 2882 (#90830), IBM Research Division, Zurich, 1996.
    Google ScholarLocate open access versionFindings
  • [50] T. Rabin and M. Ben-Or. Verifiable Secret Sharing and Multiparty Protocols with Honest Majority. In Proc. 21st STOC, pages 73–85, 1989.
    Google ScholarLocate open access versionFindings
  • Issues in Anonymity and Unobservability, LNCS 2009, pages 10-29, 2001.
    Google ScholarFindings
  • [52] M. K. Reiter and A. D. Rubin. Crowds: Anonymity for Web Transactions. ACM Trans. Inf. Syst. Secur., 1(1), pages 66-92, 1998.
    Google ScholarLocate open access versionFindings
  • [53] D. R. Simon. Anonymous Communication and Anonymous Cash. In Proc. CRYPTO 1996, pages 61-73.
    Google ScholarLocate open access versionFindings
  • [54] P. L. Vora. Information Theory and the Security of Binary Data Perturbation. In Proc. Indocrypt 2004, pages
    Google ScholarLocate open access versionFindings
  • [56] A. C. Yao. How to generate and exchange secrets. In Proc. 27th FOCS, pages 162–167, 1986. For instance, consider the following generalization of the simple key agreement protocol described in the Introduction. Instead of posting a single message on the bulletin board, each player posts m random and independent messages. (To prevent the adversary from linking different messages sent by the same player, the timing of the messages is randomly spread within some fixed time interval.) As a result, both players learn a random subset S ⊆ {1, 2,..., 2m} of size m, consisting of the positions of messages posted by A.
    Google ScholarLocate open access versionFindings
0
您的评分 :

暂无评分

标签
评论
数据免责声明
页面数据均来自互联网公开来源、合作出版商和通过AI技术自动分析结果,我们不对页面数据的有效性、准确性、正确性、可靠性、完整性和及时性做出任何承诺和保证。若有疑问,可以通过电子邮件方式联系我们:report@aminer.cn