Presentation is loading. Please wait.

Presentation is loading. Please wait.

Outsourcing Private RAM Computation Daniel Wichs Northeastern University with: Craig Gentry, Shai Halevi, Mariana Raykova.

Published byMaria Miles Modified over 9 years ago

Similar presentations

Presentation on theme: "Outsourcing Private RAM Computation Daniel Wichs Northeastern University with: Craig Gentry, Shai Halevi, Mariana Raykova."— Presentation transcript:

1 Outsourcing Private RAM Computation Daniel Wichs Northeastern University with: Craig Gentry, Shai Halevi, Mariana Raykova

2 Problem Overview Client Server …

3 Private outsourcing is possible using Fully Homomorphic Encryption (FHE). [RAD78,Gen09,…] But FHE works over circuits rather than RAM programs. I’m very efficient! Use FHE! Done?

4 Circuits vs. RAM

5 Goals Client Server …

6 Goals Client Server …

7 Goals Non-interactive solution: “reusable garbled RAM”. Client Server

8 Garbled Computation Garbled Circuits [Yao82] Reusable Garbled Circuits [GKPVZ 13a,b] Can garble many inputs per circuit. Efficiently outsource circuit comp. Extension to TM. Garbled RAM [LO13, GHLORW14] Reusable Garbled RAM This Talk! Can garble many inputs per program. Efficiently outsource RAM comp.

9 Main Results 1-time Garbled RAM Reusable Garbled RAM+ Reusable Garbled Circuits New security/efficiency requirements. Instantiate with iO or Functional Rnc.

10 Main Result 1-time Garbled RAM Reusable Garbled RAM+ Reusable Garbled Circuits Stronger security requirements. Instantiate with “strong diO” (heuristic obf) with persistent data

11 Without Persistent Data

12 1-Time Garbled RAM Definition Client Server secret: k without persistent data View can be simulated given y

13 Reusable Garbled RAM Definition Client Server secret: k without persistent data

14 Construct reusable garbled RAM by combining: – one-time garbled RAM (GProg1, GInput1, GEval1) – reusable garbled circuits

15 Construct reusable garbled RAM by combining: – one-time garbled RAM (GProg1, GInput1, GEval1) – reusable garbled circuits Problem: In reusable garbled circuits of [GKPVZ13], size of garbled input always exceeds size of circuit output. Unfortunately: This is inherent. Cannot do better if want simulation security.

16 Construct reusable garbled RAM by combining: – one-time garbled RAM (GProg1, GInput1, GEval1) – reusable garbled circuits Solution: – Show that we do not need simulation-security for reusable garbled-circuits. A weaker notion suffices. – Construct reusable garbled-circuits with weaker security notion but better efficiency needed in construction.

17 Distributional Indistinguishability

18

19 With Persistent Memory

20 1-time Garbled RAM Definition Client Server secret: k with persistent data

21 Reusable Garbled RAM Definition Client Server secret: k with persistent data

22

23 Correlated Distributional Indistinguishability

24 Theorem: Get reusable garbled RAM where: – Garble, evaluate program: O(RAM run-time P). – Garble input = O( input + output size). assuming “ind. obfuscation” + stat. sound NIZK. Theorem: Get reusable garbled RAM with persistent memory where: – garble data = O( data size) – garble program = O( description size P ) – garble input = O( input + output size) – evaluate = O( RAM run-time P) assuming “strong differing-inputs obfuscation” (heuristic).

25 Outsourcing via Reusable G-RAM Client Server

26 Client Server Outsourcing via Reusable G-RAM

27 Don’t turn me into a circuit! Thank You!

Download ppt "Outsourcing Private RAM Computation Daniel Wichs Northeastern University with: Craig Gentry, Shai Halevi, Mariana Raykova."

Similar presentations

Constant-Round Private Database Queries Nenad Dedic and Payman Mohassel Boston UniversityUC Davis.

Constant-Round Private Database Queries Nenad Dedic and Payman Mohassel Boston UniversityUC Davis.
1 Cryptography: on the Hope for Privacy in a Digital World Omer Reingold VVeizmann and Harvard CRCS.

1 Cryptography: on the Hope for Privacy in a Digital World Omer Reingold VVeizmann and Harvard CRCS.
Security Seminar, Fall 2003 On the (Im)possibility of Obfuscating Programs Boaz Barak, Oded Goldreich, Russel Impagliazzo, Steven Rudich, Amit Sahai, Salil.

Security Seminar, Fall 2003 On the (Im)possibility of Obfuscating Programs Boaz Barak, Oded Goldreich, Russel Impagliazzo, Steven Rudich, Amit Sahai, Salil.
Computational Privacy. Overview Goal: Allow n-private computation of arbitrary funcs. –Impossible in information-theoretic setting Computational setting:

Computational Privacy. Overview Goal: Allow n-private computation of arbitrary funcs. –Impossible in information-theoretic setting Computational setting:
Secure Evaluation of Multivariate Polynomials

Secure Evaluation of Multivariate Polynomials
+ Accelerating Fully Homomorphic Encryption on GPUs Wei Wang, Yin Hu, Lianmu Chen, Xinming Huang, Berk Sunar ECE Dept., Worcester Polytechnic Institute.

+ Accelerating Fully Homomorphic Encryption on GPUs Wei Wang, Yin Hu, Lianmu Chen, Xinming Huang, Berk Sunar ECE Dept., Worcester Polytechnic Institute.
Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,

Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,
Vote privacy: models and cryptographic underpinnings Bogdan Warinschi University of Bristol 1.

Vote privacy: models and cryptographic underpinnings Bogdan Warinschi University of Bristol 1.
REDUCTION-RESILIENT CRYPTOGRAPHY: PRIMITIVES THAT RESIST REDUCTIONS FROM ALL STANDARD ASSUMPTIONS Daniel Wichs (Charles River Crypto Day ‘12)

REDUCTION-RESILIENT CRYPTOGRAPHY: PRIMITIVES THAT RESIST REDUCTIONS FROM ALL STANDARD ASSUMPTIONS Daniel Wichs (Charles River Crypto Day ‘12)
CS555Topic 241 Cryptography CS 555 Topic 24: Secure Function Evaluation.

CS555Topic 241 Cryptography CS 555 Topic 24: Secure Function Evaluation.
How to Delegate Computations: The Power of No-Signaling Proofs Ron Rothblum Weizmann Institute Joint work with Yael Kalai and Ran Raz.

How to Delegate Computations: The Power of No-Signaling Proofs Ron Rothblum Weizmann Institute Joint work with Yael Kalai and Ran Raz.
Garbled RAM, Revisited Daniel Wichs (Northeastern University) Joint work with: Craig Gentry, Shai Halevi, Seteve Lu, Rafail Ostrovsky, Mariana Raykova.

Garbled RAM, Revisited Daniel Wichs (Northeastern University) Joint work with: Craig Gentry, Shai Halevi, Seteve Lu, Rafail Ostrovsky, Mariana Raykova.
NON-MALLEABLE EXTRACTORS AND SYMMETRIC KEY CRYPTOGRAPHY FROM WEAK SECRETS Yevgeniy Dodis and Daniel Wichs (NYU) STOC 2009.

NON-MALLEABLE EXTRACTORS AND SYMMETRIC KEY CRYPTOGRAPHY FROM WEAK SECRETS Yevgeniy Dodis and Daniel Wichs (NYU) STOC 2009.
Efficient Zero-Knowledge Proof Systems Jens Groth University College London FOSAD 2014.

Efficient Zero-Knowledge Proof Systems Jens Groth University College London FOSAD 2014.
Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.

Protecting Circuits from Leakage the computationally bounded and noisy cases Sebastian Faust Eurocrypt 2010, Nice Joint work with KU Leuven Tal Rabin Leo.
New Advances in Garbling Circuits Based on joint works with Yuval Ishai Eyal Kushilevitz Brent Waters University of TexasTechnion Benny Applebaum Tel Aviv.

New Advances in Garbling Circuits Based on joint works with Yuval Ishai Eyal Kushilevitz Brent Waters University of TexasTechnion Benny Applebaum Tel Aviv.
Yan Huang, Jonathan Katz, David Evans University of Maryland, University of Virginia Efficient Secure Two-Party Computation Using Symmetric Cut-and-Choose.

Yan Huang, Jonathan Katz, David Evans University of Maryland, University of Virginia Efficient Secure Two-Party Computation Using Symmetric Cut-and-Choose.
Secure Efficient Multiparty Computing of Multivariate Polynomials and Applications Dana Dachman-Soled, Tal Malkin, Mariana Raykova, Moti Yung.

Secure Efficient Multiparty Computing of Multivariate Polynomials and Applications Dana Dachman-Soled, Tal Malkin, Mariana Raykova, Moti Yung.
On the Implausibility of Differing-Inputs Obfuscation (and Extractable Witness Encryption) with Auxiliary Input Daniel Wichs (Northeastern U) with: Sanjam.

On the Implausibility of Differing-Inputs Obfuscation (and Extractable Witness Encryption) with Auxiliary Input Daniel Wichs (Northeastern U) with: Sanjam.
On Everlasting Security in the Hybrid Bounded Storage Model Danny Harnik Moni Naor.

On Everlasting Security in the Hybrid Bounded Storage Model Danny Harnik Moni Naor.

Similar presentations

Ads by Google