On the Practical Feasibility of Secure Distributed Computing A Case Study Gregory Neven, Frank Piessens, Bart De Decker Dept. of Computer Science, K.U.Leuven.

Slides:



Advertisements
Similar presentations
Mix and Match: A Simple Approach to General Secure Multiparty Computation + Markus Jakobsson Bell Laboratories Ari Juels RSA Laboratories.
Advertisements

Secure Evaluation of Multivariate Polynomials
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
SECURITY AND VERIFICATION Lecture 1: Why to prove cryptography? The origins of provable cryptography Tamara Rezk INDES TEAM, INRIA January 3 rd, 2012.
Rational Oblivious Transfer KARTIK NAYAK, XIONG FAN.
CS555Topic 241 Cryptography CS 555 Topic 24: Secure Function Evaluation.
CSE331: Introduction to Networks and Security Lecture 19 Fall 2002.
Introduction to Modern Cryptography, Lecture 12 Secure Multi-Party Computation.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
7. Asymmetric encryption-
What Crypto Can Do for You: Solutions in Search of Problems Anna Lysyanskaya Brown University.
Public Key Algorithms …….. RAIT M. Chatterjee.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
UCB Security Jean Walrand EECS. UCB Outline Threats Cryptography Basic Mechanisms Secret Key Public Key Hashing Security Systems Integrity Key Management.
CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.
Oblivious Transfer based on the McEliece Assumptions
Co-operative Private Equality Test(CPET) Ronghua Li and Chuan-Kun Wu (received June 21, 2005; revised and accepted July 4, 2005) International Journal.
Establishment of Conference Keys in Heterogeneous Networks Wade Trappe, Yuke Wang, K. J. Ray Liu ICC IEEE International Conference.
1 Introduction to Secure Computation Benny Pinkas HP Labs, Princeton.
McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
1 Hidden Exponent RSA and Efficient Key Distribution author: He Ge Cryptology ePrint Archive 2005/325 PDFPDF 報告人:陳昱升.
Public Key Algorithms 4/17/2017 M. Chatterjee.
Codes, Ciphers, and Cryptography-RSA Encryption
Public Key Model 8. Cryptography part 2.
1 CIS 5371 Cryptography 8. Asymmetric encryption-.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
Cryptography Lecture 8 Stefan Dziembowski
10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.
Network Security Lecture 17 Presented by: Dr. Munam Ali Shah.
Public-Key Cryptography CS110 Fall Conventional Encryption.
How cryptography is used to secure web services Josh Benaloh Cryptographer Microsoft Research.
Slide 1 Vitaly Shmatikov CS 380S Introduction to Secure Multi-Party Computation.
Midterm Review Cryptography & Network Security
Secure two-party computation: a visual way by Paolo D’Arco and Roberto De Prisco.
Basic Cryptography 1. What is cryptography? Cryptography is a mathematical method of protecting information –Cryptography is part of, but not equal to,
Darci Miyashiro Math 480 April 29, 2013
Public Key Cryptography. symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if.
Cryptography and Network Security Chapter 9 - Public-Key Cryptography
Public Key Encryption with keyword Search Author: Dan Boneh Rafail Ostroversity Giovanni Di Crescenzo Giuseppe Persiano Presenter: 陳昱圻.
PUBLIC-KEY CRYPTOGRAPH IT 352 : Lecture 2- part3 Najwa AlGhamdi, MSc – 2012 /1433.
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
24-Nov-15Security Cryptography Cryptography is the science and art of transforming messages to make them secure and immune to attacks. It involves plaintext,
15-499Page :Algorithms and Applications Cryptography I – Introduction – Terminology – Some primitives – Some protocols.
A A E E D D C C B B # Symmetric Keys = n*(n-1)/2 F F
A Hybrid Technique for Private Location-Based Queries with Database Protection Gabriel Ghinita 1 Panos Kalnis 2 Murat Kantarcioglu 3 Elisa Bertino 1 1.
CS 4803 Fall 04 Public Key Algorithms. Modular Arithmetic n Public key algorithms are based on modular arithmetic. n Modular addition. n Modular multiplication.
Private Information Retrieval Based on the talk by Yuval Ishai, Eyal Kushilevitz, Tal Malkin.
EE 122: Lecture 24 (Security) Ion Stoica December 4, 2001.
Diffie-Hellman Key Exchange first public-key type scheme proposed by Diffie & Hellman in 1976 along with the exposition of public key concepts – note:
Introduction to Elliptic Curve Cryptography CSCI 5857: Encoding and Encryption.
Second Price Auctions A Case Study of Secure Distributed Computing Bart De Decker Gregory Neven Frank Piessens Erik Van Hoeymissen.
 5.1 Zero-Knowledge Proofs  5.2 Zero-Knowledge Proofs of Identity  5.3 Identity-Based Public-Key Cryptography  5.4 Oblivious Transfer  5.5 Oblivious.
Intro to Cryptography ICS 6D Sandy Irani. Cryptography Intro Alice wants to send a message to Bob so that even if Eve can see the transmitted information,
Cryptographic methods. Outline  Preliminary Assumptions Public-key encryption  Oblivious Transfer (OT)  Random share based methods  Homomorphic Encryption.
Linear, Nonlinear, and Weakly-Private Secret Sharing Schemes
Key Exchange in Systems VPN usually has two phases –Handshake protocol: key exchange between parties sets symmetric keys –Traffic protocol: communication.
Multi-Party Computation r n parties: P 1,…,P n  P i has input s i  Parties want to compute f(s 1,…,s n ) together  P i doesn’t want any information.
Public Key Cryptography
Security Outline Encryption Algorithms Authentication Protocols
Advanced Computer Networks
Coin Flipping Protocol
Course Business I am traveling April 25-May 3rd
Cryptography CS 555 Lecture 22
Cryptography and Security Fall 2009 Steve Lai
PART VII Security.
Oblivious Transfer.
Secure Diffie-Hellman Algorithm
Presentation transcript:

On the Practical Feasibility of Secure Distributed Computing A Case Study Gregory Neven, Frank Piessens, Bart De Decker Dept. of Computer Science, K.U.Leuven Celestijnenlaan 200A, B-3001 Heverlee, Belgium

2 Secure Distributed Computing Given –n different participants P 1 …P n –each participant P i has a secret input x i –some function f How to –compute y = f(x 1,…, x n ) –without P i being able to learn anything more about x j (i  j) than what is implied by the function result itself Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

3 Secure Distributed Computing (cont) Practical applications –Second price auctions –Voting –Privacy for mobile code –Secret Query Database Query a database while preserving privacy of query Example Alice sells records from database of CV’s Bob doesn’t want just any CV doesn’t want to reveal his selection criteria Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

4 Overview Secure Distributed Computing –Trivial solution –Protocol (by Abadi & Feigenbaum) –Other protocols Case study: Secret Query Database –Implementation –Assessment Conclusion

5 Trivial Solution Using a Trusted Third Party (TTP) x1x1 x2x2 xnxn y y y y = f(x 1,…,x n ) Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

6 Outline of the Protocol Two participants –Alice knows secret data x = x 1 x 2 … –Bob knows secret function f (as a boolean circuit) –Compute y = f(x) without compromising their secrets Outline Alice Bob x = x 1 x 2 … E n (y 1 ), E n (y 2 ), … f y y Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

7 Encryption Scheme Probabilistic encryption –one plaintext  many possible ciphertexts –secure for small message spaces –disadvantage: huge data blowup – Homomorphic encryption scheme –E(x) op E(y) = E(x op’ y) –Properties: Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

8 Evaluation of the Circuit NOT-gate XOR-gate AND-gate ? No interaction with Alice! Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

9 Evaluation of the Circuit (cont) AliceBob ? Choose random c 1, c 2 Decryption  d 1, d 2 !  communication overhead  Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

10 Other SDC Protocols Goldreich, Micali and Wigderson (1987) –Two-party –Based on symmetric encryption and oblivious transfer Sander and Tschudin (1998) –Two-party –Autonomous protocol –Based on dual-homomorphic encryption schemes –Polynomial evaluation only Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

11 Chaum, Damgard and van de Graaf (1988) –Multi-party –Based on blindable bit commitments Franklin and Haber (1996) –Multi-party –Based on group-oriented cryptography Other SDC Protocols (cont) Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

12 Secret Query Database Problem statement –Query DB while preserving privacy of query Example –Alice sells records from database of CV’s = secret data x –Bob doesn’t want just any CV doesn’t want to reveal his selection criteria = secret function Q( ) Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

13 Implementation AliceBob n = pq record x n, E n (x 1 ), E n (x 2 ),… query Q evaluation E n (Q(x)) Decrypt  Q(x) Q(x) = 1 ? x Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

14 Security Trade-Off Security parameter: |n| –Each record different n  512 bits Huge data blowup! –1 plaintext bit  512 encrypted bits Encrypted records reusable –p and q are never revealed –Same encryption used for multiple session  Edited on CD-ROM Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

15 Assessment Typical values –|record x| = 500 bytes –|database| = 1000 records –|query Q| = 1000 gates –|n| = 512 bits (security parameter) Communication complexity Per recordTotal On CD-ROM250 KB244 MB Over network94 KB92 MB Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

16 Conclusion High overhead, but –increasing bandwidth of the Internet –trade-off communication  security –trade-off communication  query complexity –mobile agent technology SDC is ready for practical applications Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

17 Quadratic Residuosity Suppose –p and q primes congruent to 3 mod 4 –n = pq – a is a quadratic residue (QR) mod n iff Quadratic Residuosity Assumption (QRA): Is a a QR mod n or not? –easy if p and q are known –hard if p and q are unknown

18 Some Properties Inversion If a is a QR mod n, then is a QNR mod n (and vice versa) Multiplication mod n ab a  b mod n QR QNR QRQNR QR ab a  b

19 Efficiency Improvement AliceBob ? Choose random c 1, c 2 Decryption  d 1, d 2 !  If c 2 = 0  b 1  c 2 = 0  E n (b 1  c 2 ) = E n (0) If c 2 = 1  b 1  c 2 = b 1  E n (b 1  c 2 ) = E n (b 1 )

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.