AI帮你理解科学

AI 生成解读视频

AI抽取解析论文重点内容自动生成视频

生成解读视频

AI 溯源

AI解析本论文相关学术脉络

生成溯源树

AI 精读

AI抽取本论文的概要总结

微博一下：

We consider the question of minimizing the asymptotic number of pseudorandom generator calls made by such protocols

Efficient non-interactive secure computation

EUROCRYPT, (2011): 406-425

引用：126|浏览39

下载 PDF 全文

原文链接

其它链接

dl.acm.org dblp.uni-trier.de academic.microsoft.com

引用

微博一下

关键词

efficient non-interactive secure computationcryptographic primitiveblack-box user detects cheatingstandard cryptographic primitive更多(10+)

摘要

Suppose that a receiver R wishes to publish an encryption of her secret input x so that every sender S, holding an input y, can reveal f(x, y) to R by sending her a single message. This should be done while simultaneously protecting the secrecy of y against a corrupted R and preventing a corrupted S from having an unfair influence on the ...更多

代码：

数据：

精读

下载 PDF 全文

PPT (上传PPT)

相似论文

引用论文

被引论文

简介

This work is motivated by the following variant of the problem of computing on encrypted data [42,43].
Existing constant-round black-box protocols in the OT-hybrid model require Ω(κ) calls to a PRG for each gate in the circuit, where κ is a statistical security parameter guaranteeing at most 2−κ simulation error for a malicious sender2.

重点内容

This work is motivated by the following variant of the problem of computing on encrypted data [42,43]
We consider the question of minimizing the asymptotic number of pseudorandom generator calls made by such protocols
Suppose that a receiver R wishes to publish a semantically secure encryption of her secret input x so that any sender S, holding an input y, can reveal f (x, y) to R by sending her a single message. (The message can be seen as an encryption of f (x, y) that the receiver can decrypt)
As a concrete motivating scenario for non-interactive secure computation, consider a receiver Roberta who wishes to publish an encrypted version of her personal profile x on her public web page towards finding a suitable partner for dating
We present the first general non-interactive secure computation/oblivious transfer protocols which only make a black-box use of a pseudorandom generator
We only considered non-interactive secure computation schemes which rely on an oblivious transfer oracle that gets inputs from both the sender and the receiver

结果

Start with a perfectly secure NISC/OT protocol π for g in the semi-honest model in which the receiver uses its original α input bits a as the sequence of OT choices.
O-bit long output and n + O(κ)-bit input from Receiver, such that there is an NISC/HC scheme for FC that makes a black-box use of a PRG, invoking the PRG O(κ|C|) times, and with O total communication.
For any function f : X × Y → Z that has a polynomial sized circuit C with n input wires for the first input, there exists an NC0 functionality HC with O(κ|C|)-bit long output and n + O(κ)-bit input from Receiver, such that there is an NISC/HC scheme for FC† that makes a black-box use of a PRG, invoking the PRG O(|C|) times, and with O(k|C|) total communication.
For any function f : X × Y → Z that has a polynomial sized circuit C with n input wires for the first input, there exists an NC0 functionality HC with O(k|C|)-bit long output and n + O(κ)-bit input from Receiver, such that there is an NISC/HC scheme for FC‡ that makes a black-box use of a PRG, invoking the PRG O(|C|) times, and with O(k|C|) total communication.
The authors will first formalize the encoding notion that the authors use to deal with WDT attacks, the authors present an outline of the general transformation, and show how to invoke this transformation using known semi-honest MPC protocols from the literature to obtain higher levels of efficiency.

结论

It is still possible to consider such a scheme in an H-hybrid model, if the functionality H itself allows Receiver to send an input, and subsequently have multiple rounds of independent interactions with
For any function f : X × Y → Z that has a polynomial sized circuit C with n input wires for the first input, there exists an NC0 functionality HC(T ) with O-bit long output and n + O(κ)-bit input from Receiver, supporting T computations, such that there is a NISC/HC(T ) scheme for Ff(T ) that makes a black-box use of a PRG, invoking the PRG O((κ + T )|C|) times, and with O((κ + T )k|C|) total communication.

引用论文

Applebaum, B., Ishai, Y., Kushilevitz, E.: Computationally private randomizing polynomials and their applications. In: IEEE Conference on Computational Complexity, pp. 260–274. IEEE Computer Society, Los Alamitos (2005)
Beaver, D.: Precomputing Oblivious Transfer. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 97–109. Springer, Heidelberg (1995)
Beaver, D.: Correlated pseudorandomness and the complexity of private computations. In: Proc. 28th STOC, pp. 479–488. ACM, New York (1996)
Beaver, D., Goldwasser, S.: Multiparty computation with faulty majority. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 589–590. Springer, Heidelberg (1990)
Beaver, D., Micali, S., Rogaway, P.: The round complexity of secure protocols (extended abstract). In: STOC, pp. 503–513. ACM, New York (1990)
Boneh, D., Goh, E.-J., Nissim, K.: Evaluating 2-DNF Formulas on Ciphertexts. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 325–341. Springer, Heidelberg (2005)
Cachin, C., Camenisch, J., Kilian, J., Muller, J.: One-Round Secure Computation and Secure Autonomous Mobile Agents. In: Montanari, U., Rolim, J.D.P., Welzl, E. (eds.) ICALP 2000. LNCS, vol. 1853, pp. 512–523. Springer, Heidelberg (2000)
Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. Electronic Colloquium on Computational Complexity (ECCC) TR01-016 (2001), Previous version “A unified framework for analyzing security of protocols” availabe at the ECCC archive TR01-016. Extended abstract in FOCS 2001 (2001)
Chung, K.-M., Kalai, Y., Vadhan, S.P.: Improved delegation of computation using fully homomorphic encryption. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 483–501. Springer, Heidelberg (2010)
Damgard, I., Ishai, Y., Krøigaard, M.: Perfectly Secure Multiparty Computation and the Computational Overhead of Cryptography. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 445–465. Springer, Heidelberg (2010)
Damgard, I., Nielsen, J.B., Orlandi, C.: Essentially Optimal Universally Composable Oblivious Transfer. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 318–335. Springer, Heidelberg (2009)
Gennaro, R., Gentry, C., Parno, B.: Non-interactive verifiable computing: Outsourcing computation to untrusted workers. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 465– 482.
Gentry, C.: Fully homomorphic encryption using ideal lattices. In: STOC, pp. 169–178. ACM, New York (2009)
Gentry, C., Halevi, S., Vaikuntanathan, V.: i-hop homomorphic encryption and rerandomizable yao circuits. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 155–172. Springer, Heidelberg (2010)
Goldreich, O.: Foundations of Cryptography: Basic Applications. Cambridge University Press, Cambridge (2004)
Goldreich, O., Micali, S., Wigderson, A.: How to play ANY mental game. In: ACM (ed.) Proc.19th STOC, pp. 218–229. ACM, New York (1987), See [15, ch. 7] for more details
Horvitz, O., Katz, J.: Universally-Composable Two-Party Computation in Two Rounds. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 111–129. Springer, Heidelberg (2007)
Ishai, Y., Kilian, J., Nissim, K., Petrank, E.: Extending Oblivious Transfers Efficiently. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 145–161. Springer, Heidelberg (2003)
Ishai, Y., Kushilevitz, E.: On the Hardness of Information-Theoretic Multiparty Computation. In: Cachin, C., Camenisch, J. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 439– 455. Springer, Heidelberg (2004)
Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Zero-knowledge from secure multiparty computation. In: STOC, pp. 21–30. ACM, New York (2007)
Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Cryptography with constant computational overhead. In: STOC, pp. 433–442. ACM, New York (2008)
Ishai, Y., Paskin, A.: Evaluating Branching Programs on Encrypted Data. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 575–594. Springer, Heidelberg (2007)
Ishai, Y., Prabhakaran, M., Sahai, A.: Founding cryptography on oblivious transfer - efficiently, Preliminary full version on http://www.cs.uiuc.edu/̃mmp/
Ishai, Y., Prabhakaran, M., Sahai, A.: Founding Cryptography on Oblivious Transfer – Efficiently. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 572–591. Springer, Heidelberg (2008)
Ishai, Y., Prabhakaran, M., Sahai, A., Wagner, D.: Private Circuits II: Keeping Secrets in Tamperable Circuits. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 308– 327. Springer, Heidelberg (2006)
Ishai, Y., Sahai, A., Wagner, D.: Private Circuits: Securing Hardware against Probing Attacks. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 463–481. Springer, Heidelberg (2003)
Kalai, Y.T., Raz, R.: Succinct non-interactive zero-knowledge proofs with preprocessing for logsnp. In: FOCS, pp. 355–366. IEEE, Los Alamitos (2006)
Kilian, J.: Founding cryptography on oblivious transfer. In: STOC, pp. 20–31. ACM, New York (1988)
Kilian, J., Micali, S., Ostrovsky, R.: Minimum resource zero-knowledge proofs (extended abstract). In: FOCS, pp. 474–479. IEEE, Los Alamitos (1989)
Kushilevitz, E., Ostrovsky, R.: Replication is not needed: Single database, computationallyprivate information retrieval. In: FOCS, pp. 364–373. IEEE, Los Alamitos (1997)
Lindell, Y., Pinkas, B.: A proof of yao’s protocol for secure two-party computation. Electronic Colloquium on Computational Complexity (ECCC) (063) (2004)
Lindell, Y., Pinkas, B.: An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 52–78. Springer, Heidelberg (2007)
Melchor, C.A., Gaborit, P., Herranz, J.: Additively homomorphic encryption with d-operand multiplications. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 138–154.
Mohassel, P., Franklin, M.K.: Efficiency tradeoffs for malicious two-party computation. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T.G. (eds.) PKC 2006. LNCS, vol. 3958, pp. 458– 473. Springer, Heidelberg (2006)
Mossel, E., Shpilka, A., Trevisan, L.: On epsilon-biased generators in nc0. Random Struct. Algorithms 29(1), 56–81 (2006)
Naor, M., Pinkas, B.: Efficient oblivious transfer protocols. In: SODA, pp. 448–457 (2001)
Naor, M., Pinkas, B., Sumner, R.: Privacy preserving auctions and mechanism design. In: ACM Conference on Electronic Commerce, pp. 129–139 (1999)
Nielsen, J.B., Orlandi, C.: LEGO for Two-Party Secure Computation. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 368–386.
Springer, Heidelberg (2009)
39. Peikert, C., Vaikuntanathan, V., Waters, B.: A Framework for Efficient and Composable Oblivious Transfer. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 554–571.
Springer, Heidelberg (2008)
40. Pinkas, B., Schneider, T., Smart, N.P., Williams, S.C.: Secure Two-Party Computation Is Practical. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 250–267. Springer, Heidelberg (2009)
41. Reingold, O., Trevisan, L., Vadhan, S.P.: Notions of Reducibility between Cryptographic Primitives. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 1–20. Springer, Heidelberg (2004)
42. Rivest, R.L., Adleman, L., Dertouzos, M.L.: On data banks and privacy homomorphisms. In: Foundations of Secure Computation (Workshop, Georgia Inst. Tech., Atlanta, Ga., 1977), pp. 169–179. Academic, New York (1978)
43. Sander, T., Young, A., Yung, M.: Non-interactive cryptocomputing for NC1. In: FOCS, pp. 554–567 (1999)
44. Yao, A.C.-C.: How to generate and exchange secrets. In: Proc. 27th FOCS, pp. 162–167. IEEE, Los Alamitos (1986)