Presentation is loading. Please wait.

Presentation is loading. Please wait.

COVERT MULTI-PARTY COMPUTATION YINMENG ZHANG ALADDIN REU 2005 LUIS VON AHN MANUEL BLUM.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "COVERT MULTI-PARTY COMPUTATION YINMENG ZHANG ALADDIN REU 2005 LUIS VON AHN MANUEL BLUM."— Presentation transcript:

1 COVERT MULTI-PARTY COMPUTATION YINMENG ZHANG ALADDIN REU 2005 LUIS VON AHN MANUEL BLUM

2 JUST THE ANSWER PLEASE WHAT CAN WE KEEP SECRET? INPUTS PARTICIPATION [FROM OUTSIDERS] PARTICIPATION [FROM EACH OTHER]

3 R 1,R 2,R 3 SECRET + R 1 +R 2 +R 3 R1R1 R2R2 R3R3 SECURE COMPUTATION  KEEP INPUTS SECRET SPLIT THE SECRETS INTO RANDOM SHARES 2-PARTY COMPUTE ON SHARES RECOMBINE ANSWE R+ R 1 +R 2 +R 3 R1R1 R2R2 R3R3

4 STEGANOGRAPHY  EXTERNAL COVERTNESS EXTERNAL OBSERVERS DON’T NOTICE ANYTHING WEATHER SURE IS NICE THINK OF IT AS A CLEVER HASH 10011

5 WE CAN HASH ANY MESSAGE [EVEN IF THE SENDER HONESTLY WANTED TO TALK ABOUT THE WEATHER] CAN WE DO SOMETHING CLEVER WITH THAT?

6 COVERT COMPUTATION  INTERNAL COVERTNESS EVEN THE OTHER PARTIES DON’T KNOW YOU’RE COMPUTING! WEATHER SURE IS NICE RANDOM OR PSEUDO- RANDOM ??? WHAT DO YOU MEAN “DON’T KNOW”? THREE DEFINITIONS AND PROOFS/DISPROOFS OF FEASIBILITY

7 COVERT TWO PARTY COMPUTATION: VON AHN,HOPPER,LANGFORD

8 COVERT TWO-PARTY COMPUTATION AFTER LEARNING F(X,Y), EACH PARTY CAN ONLY TELL WHETHER THE OTHER PARTICIPATED IF THEY CAN DISTINGUISH F(X,Y) FROM RANDOM BITS EXTERNAL COVERTNESS INTERNAL COVERTNESS NO OUTSIDE OBSERVER CAN TELL IF THE TWO PARTIES ARE RUNNING A COMPUTATION OR JUST COMMUNICATING AS NORMAL ASSOCIATE REVEALING OTHER PARTIES WITH SUCCESSFUL OUTPUT

9 COULD WE GET THE ANSWER WITHOUT EVER REVEALING WHO WAS COMPUTING?

10 A SIMPLE WORLD [GIVEN STEGO] 01101 01111 11001 01001 10000 11100 10101 10100 A ROOM OF SLEEPING PARTIES SNORING 0s AND 1s AT RANDOM SOME PARTIES ARE AWAKE AND “SNORING” PSEUDO- RANDOMLY

11 COULD WE GET THE ANSWER WITHOUT REVEALING GUILT? AT THE END OF THE PROTOCOL: –OUR INPUT –THE ANSWER –TRANSCRIPT OF ALL COMMUNICATIONS PROTOCOL SHOULD GIVE: –ANSWER WRONG WITH NEGLIGIBLE [<1/POLY] PROBABILITY –NEGLIGIBLY BETTER CHANCE OF GUESSING WHO’S ASLEEP THAN WITH JUST INPUT AND ANSWER

12 COULD WE GET THE ANSWER WITHOUT REVEALING GUILT? EXAMPLE: VOTING IN A SECRET ORGANIZATION IF, SAY, MORE THAN HALF THE PEOPLE ARE PARTICIPATING, CAN WE DETERMINE A NEW LEADER?

13 INFORMATION THEORY POV COMPUTATIONAL COMPLEXITY POV NO.

14 SIMPLIFYING FURTHER: AWAKE PARTY’S POINT OF VIEW W S/W W/S THREE PLAYERS FORGET ABOUT HIDING INPUTS [SAY WE ARE CALCULATING THE XOR] ONE PERSON IS ASLEEP; CAN I TELL WHICH?

15 THOUGHT EXPERIMENT: INFORMATION THEORETIC VIEW W:A BIT S/W W/S THE OTHER BIT INFORMATION GETS TO THE AWAKE PARTY ONE CHANNEL IS RANDOM - THE OTHER MUST NOT BE!

16 COMPUTATIONAL COMPLEXITY VIEW EVEN PUBLIC KEY CRYPTO BREAKS IN INFORMATION THEORETIC MODEL IDEA: NORMALLY, WE CAN’T MODEL THE OTHER PARTIES – BUT SNORING IS JUST RANDOM THE AWAKE PARTY’S ALGORITHM SHOULD WORK REGARDLESS OF SNORER’S INPUT

17 COMPUTATIONAL COMPLEXITY VIEW: PROOF IDEA CONSIDER THE LAST ROUND OF COMMUNICATION WHAT HAPPENS IF WE REPLACE ONE OF THE MESSAGES WITH RANDOM NOISE? IF THE ALGORITHM DOESN’T BREAK – THE LAST ROUND WASN’T HELPFUL!

18 THAT’S NOT RANDOM I GUESS EVERYONE’S AWAKE CHANGE OF DEFINITION CONCLUSION: SNORING PEOPLE SUCK TOO HARD TO PROTECT THEM! COULD WE HAVE INDISTINGUISHABLE PARTIES UNLESS A NON-RANDOM ANSWER IS OUTPUTTED? RESULT: 111111 ASSOCIATE REVEALING OTHER PARTIES WITH SUCCESSFUL OUTPUT

19 YES.

20 COVERT COMPUTATION  SNORERS GIVE RANDOM RESULTS A BAD COMPUTATION THROWS EVERYTHING ELSE OFF RESULT RANDOM SPLIT THE SECRETS INTO RANDOM SHARES COVERT 2- PARTY COMPUTE ON SHARES RECOMBINE

21 MALICIOUS PARTIES SNORERS ARE A KIND OF MALICIOUS PARTY YET WE WANT TO PROTECT THEM [IF WE KNOW THE SNORERS, THEN WE KNOW WHO WAS AWAKE] CAN WE FIDDLE THE DEFINITION INTO HANDLING MALICIOUS PARTIES SENSIBLY?

22 THANK YOU!

Download ppt "COVERT MULTI-PARTY COMPUTATION YINMENG ZHANG ALADDIN REU 2005 LUIS VON AHN MANUEL BLUM."

Similar presentations

Dov Gordon & Jonathan Katz University of Maryland.

Dov Gordon & Jonathan Katz University of Maryland.
Joe Kilian NEC Laboratories, America Aladdin Workshop on Privacy in DATA March 27, 2003.

Joe Kilian NEC Laboratories, America Aladdin Workshop on Privacy in DATA March 27, 2003.
Secure Computation Slides stolen from Joe Kilian & Vitali Shmatikov Boaz Barak.

Secure Computation Slides stolen from Joe Kilian & Vitali Shmatikov Boaz Barak.
Foundations of Cryptography Lecture 10 Lecturer: Moni Naor.

Foundations of Cryptography Lecture 10 Lecturer: Moni Naor.
Authority 2. HW 8: AGAIN HW 8 I wanted to bring up a couple of issues from grading HW 8. Even people who got problem #1 exactly right didn’t think about.

Authority 2. HW 8: AGAIN HW 8 I wanted to bring up a couple of issues from grading HW 8. Even people who got problem #1 exactly right didn’t think about.
Efficient Two-party and Multiparty Computation against Covert Adversaries Vipul Goyal Payman Mohassel Adam Smith Penn Sate UCLAUC Davis.

Efficient Two-party and Multiparty Computation against Covert Adversaries Vipul Goyal Payman Mohassel Adam Smith Penn Sate UCLAUC Davis.
ITIS 6200/8200. 2 Secure multiparty computation – Alice has x, Bob has y, we want to calculate f(x, y) without disclosing the values – We can only do.

ITIS 6200/ Secure multiparty computation – Alice has x, Bob has y, we want to calculate f(x, y) without disclosing the values – We can only do.
1 Vipul Goyal Abhishek Jain UCLA On the Round Complexity of Covert Computation.

1 Vipul Goyal Abhishek Jain UCLA On the Round Complexity of Covert Computation.
CS555Topic 241 Cryptography CS 555 Topic 24: Secure Function Evaluation.

CS555Topic 241 Cryptography CS 555 Topic 24: Secure Function Evaluation.
Foundations of Cryptography Lecture 13 Lecturer: Moni Naor.

Foundations of Cryptography Lecture 13 Lecturer: Moni Naor.
Introduction to Modern Cryptography, Lecture 12 Secure Multi-Party Computation.

Introduction to Modern Cryptography, Lecture 12 Secure Multi-Party Computation.
Eran Omri, Bar-Ilan University Joint work with Amos Beimel and Ilan Orlov, BGU Ilan Orlov…!??!!

Eran Omri, Bar-Ilan University Joint work with Amos Beimel and Ilan Orlov, BGU Ilan Orlov…!??!!
Receipt-Free Universally-Verifiable Voting With Everlasting Privacy Tal Moran Joint work with Moni Naor.

Receipt-Free Universally-Verifiable Voting With Everlasting Privacy Tal Moran Joint work with Moni Naor.
 When you are ready › The more comfortable you feel, the more likely it is they will feel uncomfortable.  Do not hurry to interact with the teacher.

 When you are ready › The more comfortable you feel, the more likely it is they will feel uncomfortable.  Do not hurry to interact with the teacher.
Modeling Insider Attacks on Group Key Exchange Protocols Jonathan Katz Ji Sun Shin University of Maryland.

Modeling Insider Attacks on Group Key Exchange Protocols Jonathan Katz Ji Sun Shin University of Maryland.
Yan Huang, Jonathan Katz, David Evans University of Maryland, University of Virginia Efficient Secure Two-Party Computation Using Symmetric Cut-and-Choose.

Yan Huang, Jonathan Katz, David Evans University of Maryland, University of Virginia Efficient Secure Two-Party Computation Using Symmetric Cut-and-Choose.
Foundations of Cryptography Lecture 12 Lecturer: Moni Naor.

Foundations of Cryptography Lecture 12 Lecturer: Moni Naor.
15-251 Great Theoretical Ideas in Computer Science.

Great Theoretical Ideas in Computer Science.
Explorations in Anonymous Communication Andrew Bortz with Luis von Ahn Nick Hopper Aladdin Center, Carnegie Mellon University, 8/19/2003.

Explorations in Anonymous Communication Andrew Bortz with Luis von Ahn Nick Hopper Aladdin Center, Carnegie Mellon University, 8/19/2003.
COVERT TWO-PARTY COMPUTATION LUIS VON AHN CARNEGIE MELLON UNIVERSITY JOINT WORK WITH NICK HOPPER JOHN LANGFORD.

COVERT TWO-PARTY COMPUTATION LUIS VON AHN CARNEGIE MELLON UNIVERSITY JOINT WORK WITH NICK HOPPER JOHN LANGFORD.

Similar presentations

Ads by Google