Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ioannis Ioannidis, Ananth Grama and Ioannis Ioannidis

Published byPierre-Louis Pothier Modified over 6 years ago

Similar presentations

Presentation on theme: "Ioannis Ioannidis, Ananth Grama and Ioannis Ioannidis"— Presentation transcript:

1 Ioannis Ioannidis, Ananth Grama and Ioannis Ioannidis
A Secure Protocol for Computing Dot-products in Clustered and Distributed Environments Ioannis Ioannidis, Ananth Grama and Ioannis Ioannidis

2 The Problem Dot-products are the basis of many important applications
Scientific computations Data mining Transaction processing Biometrics Use of distributed environments creates security issues Data too valuable to expose Untrusted links or hosts Spoofing is very easy

3 A Solution Use conventional cryptography
Secure tunneling can protect the links More complex protocols offer protection against untrusted hosts Unfortunately, public-key crypto has a high complexity Modular exponentiation computations can have a crippling effect on the overall performance

4 Security Vs. Efficiency
Ideally, no information should leak about the participating vectors during a secure dot-product protocol However, in a clustered environment, security need not be so tight Rarely an attack will be powerful enough to demand the highest level of protection Some leakage may be acceptable, since the same dot-product will not be computed multiple times Small compromises in security can lead to large gains in efficiency

5 An Efficient Alternative
Use linear algebra properties to achieve a sufficient level of security Hide a vector inside a matrix Scramble the matrix Multiply the matrix by the other vector Retrieve the dot-product A large part of the computations can be reused Both parties must share a secret – a number – before the protocol

6 An Efficient Alternative
Security is not perfect A small number of equations will leak Statistics can give something away But is sufficient for a real-world setting If you don’t need to execute the same instance many times, leaking a few equations is not such big problem Statistical attacks demand larges amounts of information Not so easy to gather them in clustered environments

7 Overhead Considerations
Two types of overhead Time overhead How much more computation needs to be performed Public-key cryptography adds an unacceptable amount of overhead But it is the only solution if perfect secrecy is the goal Communication overhead Network latency prevails in larger networks Bit count is the decisive factor in tight networks

8 Stability Considerations
Algebraic manipulations of the data can introduce numerical errors in scientific computation data Any protocol applied to real-valued vectors must be numerically stable to be of practical importance

9 Experimental Results The protocol was executed on two PIII/450Mhz machines coupled with a Gigabit Ethernet network Data were randomly generated vectors of length 10⁶ We measured the total overhead (computation and communication) Communication overhead was expected to be a factor of 4

10 Experimental Results Measured overhead showed a factor of 4.69 overhead Communication overhead is the dominating factor, even on a fast network Average numerical error was measured to 4.5•10ˉ⁹

11 Conclusions and Ongoing Research
It is possible to execute multiparty, real-valued dot-product computations efficiently and with satisfactory security Binary dot-products pose a different problem due to the sparsity of the vectors Number theoretic techniques introduce large time and communication overheads

Download ppt "Ioannis Ioannidis, Ananth Grama and Ioannis Ioannidis"

Similar presentations

Side-Channel Attacks on RSA with CRT Weakness of RSA Alexander Kozak Jared Vanderbeck.

Side-Channel Attacks on RSA with CRT Weakness of RSA Alexander Kozak Jared Vanderbeck.
Computational Privacy. Overview Goal: Allow n-private computation of arbitrary funcs. –Impossible in information-theoretic setting Computational setting:

Computational Privacy. Overview Goal: Allow n-private computation of arbitrary funcs. –Impossible in information-theoretic setting Computational setting:
Larger Site Networks Part 1. 2 Small Site –Single-hub or Single- Switch Ethernet LANs Large Site –Multi-hub Ethernet LANs –Ethernet Switched Site Networks.

Larger Site Networks Part 1. 2 Small Site –Single-hub or Single- Switch Ethernet LANs Large Site –Multi-hub Ethernet LANs –Ethernet Switched Site Networks.
Cryptography and Data Security: Long-Term Challenges Burt Kaliski, RSA Security Northeastern University CCIS Mini Symposium on Information Security November.

Cryptography and Data Security: Long-Term Challenges Burt Kaliski, RSA Security Northeastern University CCIS Mini Symposium on Information Security November.
Support Vector Machines and Kernel Methods

Support Vector Machines and Kernel Methods
Oblivious Transfer based on the McEliece Assumptions

Oblivious Transfer based on the McEliece Assumptions
1 Extracting Discriminative Binary Template for Face Template Protection Feng Yicheng Supervisor: Prof. Yuen August 31 st, 2009.

1 Extracting Discriminative Binary Template for Face Template Protection Feng Yicheng Supervisor: Prof. Yuen August 31 st, 2009.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
Valid Statistical Analysis for Logistic Regression with Multiple Sources Rob Hall (Dept of Machine Learning, CMU) Joint work with Yuval Nardi and Steve.

Valid Statistical Analysis for Logistic Regression with Multiple Sources Rob Hall (Dept of Machine Learning, CMU) Joint work with Yuval Nardi and Steve.
HumanAUT Secure Human Identification Protocols Adam Bender Avrim Blum Manuel Blum Nick Hopper The ALADDIN Center Carnegie Mellon University.

HumanAUT Secure Human Identification Protocols Adam Bender Avrim Blum Manuel Blum Nick Hopper The ALADDIN Center Carnegie Mellon University.
Parallel Performance of Hierarchical Multipole Algorithms for Inductance Extraction Ananth Grama, Purdue University Vivek Sarin, Texas A&M University Hemant.

Parallel Performance of Hierarchical Multipole Algorithms for Inductance Extraction Ananth Grama, Purdue University Vivek Sarin, Texas A&M University Hemant.
Calculating Discrete Logarithms John Hawley Nicolette Nicolosi Ryan Rivard.

Calculating Discrete Logarithms John Hawley Nicolette Nicolosi Ryan Rivard.
KAIS T A lightweight secure protocol for wireless sensor networks 윤주범 2007.12. 4 ELSEVIER Mar. 2006.

KAIS T A lightweight secure protocol for wireless sensor networks 윤주범 ELSEVIER Mar
A Secure Protocol for Computing Dot-products in Clustered and Distributed Environments Ioannis Ioannidis, Ananth Grama and Mikhail Atallah Purdue University.

A Secure Protocol for Computing Dot-products in Clustered and Distributed Environments Ioannis Ioannidis, Ananth Grama and Mikhail Atallah Purdue University.
Secure Cloud Database using Multiparty Computation.

Secure Cloud Database using Multiparty Computation.
CMPS 1371 Introduction to Computing for Engineers MATRICES.

CMPS 1371 Introduction to Computing for Engineers MATRICES.
Analysis of Algorithms CSCI 3110. Previous Evaluations of Programs Correctness – does the algorithm do what it is supposed to do? Generality – does it.

Analysis of Algorithms CSCI Previous Evaluations of Programs Correctness – does the algorithm do what it is supposed to do? Generality – does it.
Plethora: A Wide-Area Read-Write Storage Repository Design Goals, Objectives, and Applications Suresh Jagannathan, Christoph Hoffmann, Ananth Grama Computer.

Plethora: A Wide-Area Read-Write Storage Repository Design Goals, Objectives, and Applications Suresh Jagannathan, Christoph Hoffmann, Ananth Grama Computer.
Martin-Gay, Beginning Algebra, 5ed 22 33 Using Both Properties Divide both sides by 3. Example: 3z – 1 = 26 3z = 27 Simplify both sides. z = 9 Simplify.

Martin-Gay, Beginning Algebra, 5ed Using Both Properties Divide both sides by 3. Example: 3z – 1 = 26 3z = 27 Simplify both sides. z = 9 Simplify.
Fast calculation methods. Addition  Add 137,95 Solution: 137+95= (137-5)+100= 132+100= 232.

Fast calculation methods. Addition  Add 137,95 Solution: = (137-5)+100= = 232.

Similar presentations

Ads by Google