Suthee Ruangwises,Toshiya Itoh

DOI: https://doi.org/10.1007/978-3-030-19955-5_30

2019-07-30

Abstract:Secure multi-party computation using a deck of playing cards has been a subject of research since the "five-card trick" introduced by den Boer in 1989. One of the main problems in card-based cryptography is to design committed-format protocols to compute a Boolean AND operation subject to different runtime and shuffle restrictions by using as few cards as possible. In this paper, we introduce two AND protocols that use only uniform shuffles. The first one requires four cards and is a restart-free Las Vegas protocol with finite expected runtime. The second one requires five cards and always terminates in finite time.

Cryptography and Security

Run-Hua Shi,Yi-Fei Li

DOI: https://doi.org/10.1109/tc.2022.3207121

IF: 3.183

2023-04-08

IEEE Transactions on Computers

Abstract:In modern cryptography, distributing a private and unique index number to each participant is an important cryptographic task, which can be adopted to efficiently solve many complicated secure multiparty computations. In this paper, we define this cryptographic primitive, called Secret Permutating, in which every one of n participants can get a random but unique secret ki∈{1,2,...,n}. Furthermore, we focus on the unconditional security of Secret Permutating based on laws of quantum mechanics. Accordingly, by local Pauli operators and entanglement swapping of Bell states, we design novel quantum Secret Permutating protocols. What's more, to reduce the communicational complexity, we exploit the uniform, random and independent properties of quantum measurements to evenly divide all participants into many secret groups with the small approximate sizes. Finally, the analysis results and simulated experiments show that the proposed protocols have the unconditional security and the good feasibility.

engineering, electrical & electronic,computer science, hardware & architecture

Amos Beimel,Eran Omri,Ilan Orlov

DOI: https://doi.org/10.48550/arXiv.1011.5567

2010-11-25

Abstract:A protocol for computing a functionality is secure if an adversary in this protocol cannot cause more harm than in an ideal computation where parties give their inputs to a trusted party which returns the output of the functionality to all parties. In particular, in the ideal model such computation is fair -- all parties get the output. Cleve (STOC 1986) proved that, in general, fairness is not possible without an honest majority. To overcome this impossibility, Gordon and Katz (Eurocrypt 2010) suggested a relaxed definition -- 1/p-secure computation -- which guarantees partial fairness. For two parties, they construct 1/p-secure protocols for functionalities for which the size of either their domain or their range is polynomial (in the security parameter). Gordon and Katz ask whether their results can be extended to multiparty protocols. We study 1/p-secure protocols in the multiparty setting for general functionalities. Our main result is constructions of 1/p-secure protocols when the number of parties is constant provided that less than 2/3 of the parties are corrupt. Our protocols require that either (1) the functionality is deterministic and the size of the domain is polynomial (in the security parameter), or (2) the functionality can be randomized and the size of the range is polynomial. If the size of the domain is constant and the functionality is deterministic, then our protocol is efficient even when the number of parties is O(log log n) (where n is the security parameter). On the negative side, we show that when the number of parties is super-constant, 1/p-secure protocols are not possible when the size of the domain is polynomial.

Cryptography and Security

Sven Laur,Jan Willemson,Bingsheng Zhang

DOI: https://doi.org/10.1007/978-3-642-24861-0_18

2011-01-01

Abstract:Most of the multi-party computation frameworks can be viewed as oblivious databases where data is stored and processed in a secret-shared form. However, data manipulation in such databases can be slow and cumbersome without dedicated protocols for certain database operations. In this paper, we provide efficient protocols for oblivious selection, filtering and shuffle essential tools in privacy-preserving data analysis. As the first contribution, we present a 1-out-of-n oblivious transfer protocol with 0(log log n) rounds, which achieves optimal communication and time complexity and works over any ring Z(N). Secondly, we show how to construct round-efficient shuffle protocols with optimal asymptotic computation complexity and provide several optimizations.

ZhenHua Chen,WeiGuo Zhang,ShunDong Li,DaoShun Wang,Qiong Huang

DOI: https://doi.org/10.3969/j.issn.0372-2112.2017.05.013

2017-01-01

Tien Tzu Hsueh Pao/Acta Electronica Sinica

Abstract:Secure multiparty computation of set membership is significant to privacy-preserving data mining,data query,etc.In this paper,we first transform the original problem into the one-time evaluation problem for polynomial,and then construct four protocols.We design the trivial protocol 1 using homomorphic encryption and construct the efficient protocol 2 using discrete logarithm instead of encryption,which is very concise.Lastly,according to the different application scenarios,we also propose protocol 3 and protocol 4:the former can be used to outsource computation in cloud computing environment;the latter can be used for public secure computation against repudiation.The analysis and comparison show that our protocols are more efficient and concise than previously known.

J. Mueller-Quade,H. Imai

DOI: https://doi.org/10.48550/arXiv.cs/0101020

2001-06-23

Abstract:With oblivious transfer multiparty protocols become possible even in the presence of a faulty majority. But all known protocols can be aborted by just one disruptor. This paper presents more robust solutions for multiparty protocols with oblivious transfer. This additional robustness against disruptors weakens the security of the protocol and the guarantee that the result is correct. We can observe a trade off between robustness against disruption and security and correctness. We give an application to quantum multiparty protocols. These allow the implementation of oblivious transfer and the protocols of this paper relative to temporary assumptions, i.e., the security increases after the termination of the protocol.

Cryptography and Security

Hassan Jameel Asghar,Arghya Mukherjee,Gavin K. Brennen

2024-09-06

Abstract:We present a quantum protocol which securely and implicitly implements a random shuffle to realize differential privacy in the shuffle model. The shuffle model of differential privacy amplifies privacy achievable via local differential privacy by randomly permuting the tuple of outcomes from data contributors. In practice, one needs to address how this shuffle is implemented. Examples include implementing the shuffle via mix-networks, or shuffling via a trusted third-party. These implementation specific issues raise non-trivial computational and trust requirements in a classical system. We propose a quantum version of the protocol using entanglement of quantum states and show that the shuffle can be implemented without these extra requirements. Our protocol implements k-ary randomized response, for any value of k > 2, and furthermore, can be efficiently implemented using fault-tolerant computation.

Quantum Physics,Cryptography and Security

Yuji Hashimoto,Kazumasa Shinagawa,Koji Nuida,Masaki Inamura,Goichiro Hanaoka

DOI: https://doi.org/10.1587/transfun.E101.A.1512

2017-09-22

Abstract:We consider a problem, which we call secure grouping, of dividing a number of parties into some subsets (groups) in the following manner: Each party has to know the other members of his/her group, while he/she may not know anything about how the remaining parties are divided (except for certain public predetermined constraints, such as the number of parties in each group). In this paper, we construct an information-theoretically secure protocol using a deck of physical cards to solve the problem, which is jointly executable by the parties themselves without a trusted third party. Despite the non-triviality and the potential usefulness of the secure grouping, our proposed protocol is fairly simple to describe and execute. Our protocol is based on algebraic properties of conjugate permutations. A key ingredient of our protocol is our new techniques to apply multiplication and inverse operations to hidden permutations (i.e., those encoded by using face-down cards), which would be of independent interest and would have various potential applications.

Cryptography and Security

Borja Balle,James Bell,Adrià Gascón

2023-09-08

Abstract:Motivated by recent developments in the shuffle model of differential privacy, we propose a new approximate shuffling functionality called Alternating Shuffle, and provide a protocol implementing alternating shuffling in a single-server threat model where the adversary observes all communication. Unlike previous shuffling protocols in this threat model, the per-client communication of our protocol only grows sub-linearly in the number of clients. Moreover, we study the concrete efficiency of our protocol and show it can improve per-client communication by one or more orders of magnitude with respect to previous (approximate) shuffling protocols. We also show a differential privacy amplification result for alternating shuffling analogous to the one for uniform shuffling, and demonstrate that shuffling-based protocols for secure summation based a construction of Ishai et al. (FOCS'06) remain secure under the Alternating Shuffle. In the process we also develop a protocol for exact shuffling in single-server threat model with amortized logarithmic communication per-client which might be of independent interest.

Cryptography and Security

Takeshi Nakai,Yuto Misawa,Yuuki Tokushige,Mitsugu Iwamoto,Kazuo Ohta

DOI: https://doi.org/10.1007/s00354-020-00118-8

2021-01-05

New Generation Computing

Abstract:Abstract Card-based cryptography, introduced by den Boer aims to realize multiparty computation (MPC) by using physical cards. We propose several efficient card-based protocols for the millionaires’ problem by introducing a new operation called Private Permutation (PP) instead of the shuffle used in most of existing card-based cryptography. Shuffle is a useful randomization technique by exploiting the property of card shuffling, but it requires a strong assumption from the viewpoint of arithmetic MPC because shuffle assumes that public randomization is possible. On the other hand, private randomness can be used in PPs, which enables us to design card-based protocols taking ideas of arithmetic MPCs into account. Actually, we show that Yao’s millionaires’ protocol can be easily transformed into a card-based protocol by using PPs, which is not straightforward by using shuffles because Yao’s protocol uses private randomness. Furthermore, we propose entirely novel and efficient card-based millionaire protocols based on PPs by securely updating bitwise comparisons between two numbers, which unveil a power of PPs. As another interest of these protocols, we point out they have a deep connection to the well-known logical puzzle known as “The fork in the road.”

computer science, theory & methods, hardware & architecture

Xiaoming Sun,Andrew Chi-Chih Yao,Christophe Tartary

DOI: https://doi.org/10.1007/978-3-540-89255-7_3

2008-01-01

Abstract:Recently, Desmedt et al. studied the problem of achieving securen -party computation over non-Abelian groups. Theyconsidered the passive adversary model and they assumed that theparties were only allowed to perform black-box operations over thefinite group G . They showed three results for then -product function f G (x 1 ,...,x n ) : =x 1 ·x 2 ·...·x n ,where the input of party P i isx i ∈ G for i ∈ {1,...,n }. First, if $t \geq \lceil \tfrac{n}{2}\rceil$ then it is impossible to have a t -private protocolcomputing f G . Second, theydemonstrated that one could t -privately compute f G for any $t \leq \lceil \tfrac{n}{2} \rceil -1$ in exponential communication cost. Third, they constructed arandomized algorithm with O (n t 2) communication complexity for anyt≤n/2.948 In this paper, we extend these results in two directions. First,we use percolation theory to show that for any fixedε 0, one can design a randomized algorithm forany $t\leq \frac{n}{2+\epsilon}$ using O (n 3) communication complexity, thus nearly matching theknown upper bound $\lceil \tfrac{n}{2} \rceil - 1$. This is thefirst time that percolation theory is used for multipartycomputation. Second, we exhibit a deterministic construction havingpolynomial communication cost for any t =O (n 1-ε ) (again forany fixed ε 0). Our results extend to the moregeneral function $\widetilde{f}_{G}(x_{1},\ldots,x_{m}) := x_{1}\cdot x_{2} \cdot \ldots \cdot x_{m}$ where m ≥n and each of the n parties holds one or moreinput values.

Xiaochen Li,Weiran Liu,Hanwen Feng,Kunzhe Huang,Yuke Hu,Jinfei Liu,Kui Ren,Zhan Qin

DOI: https://doi.org/10.1109/tdsc.2023.3263162

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:The shuffle model is recently proposed to address the issue of severe utility loss in Local Differential Privacy (LDP) due to distributed data randomization. In the shuffle model, a shuffler is utilized to break the link between the user identity and the message uploaded to the data analyst. Since less noise needs to be introduced to achieve the same privacy guarantee, following this paradigm, the utility of privacy-preserving data collection is improved. We propose DUMP ( DUM my- P oint-based), a framework for privacy-preserving histogram estimation in the shuffle model. The core of DUMP is a new concept of dummy blanket , which enables enhancing privacy by just introducing dummy points on the user side and further improving the utility of the shuffle model. We instantiate DUMP by proposing two protocols: pureDUMP and mixDUMP, and conduct a comprehensive experimental evaluation to compare them with existing protocols. The experimental results show that, under the same privacy guarantee, (1) the proposed protocols have significant improvements in communication efficiency over all existing multi-message protocols, by at least 3 orders of magnitude; (2) they achieve competitive utility, while the only known protocol (Ghazi et al. , PMLR 2020) having better utility than ours employs hard-to-exactly-sample distributions which are vulnerable to floating-point attacks (CCS 2012).

Fatemeh Shirazi,Elena Andreeva,Markulf Kohlweiss,Claudia Diaz

DOI: https://doi.org/10.48550/arXiv.1708.03387

2017-11-09

Abstract:Anonymous communication networks are important building blocks for online privacy protection. One approach to achieve anonymity is to relay messages through multiple routers, where each router shuffles messages independently. To achieve anonymity, at least one router needs to be honest. In the presence of an adversary that is controlling a subset of the routers unbiased routing is important for guaranteeing anonymity. However, the routing strategy also influenced other factors such as the scalability and the performance of the system. One solution is to use a fixed route for relaying all messages with many routers. If the route is not fixed the routing decision can either be made by the communication initiator or the intermediate routers. However, the existing routing types each have limitations. For example, one faces scalability issues when increasing the throughput of systems with fixed routes. Moreover, when the routing decision is left to the initiator, the initiator needs to maintain an up-to-date view of the system at all times, which also does not scale. If the routing decision is left to intermediate routers the routing of the communication can be influenced by an adversary. In this work, we propose a novel multiparty routing approach for anonymous communication that addresses these shortcomings. We distribute the routing decision and verify the correctness of routing to achieve routing integrity. More concretely, we provide a mixnet design that uses our routing approach and that in addition, addresses load balancing. We show that our system is secure against a global active adversary.

Cryptography and Security

Anastasiia Doi,Tomoki Ono,Yoshiki Abe,Takeshi Nakai,Kazumasa Shinagawa,Yohei Watanabe,Koji Nuida,Mitsugu Iwamoto

DOI: https://doi.org/10.1007/s00354-024-00268-z

2024-06-24

New Generation Computing

Abstract:Card-based cryptography aims to realize secure multiparty computation with physical cards. This paper is the first to address Private Set Intersection (PSI) and Private Set Union (PSU) in card-based cryptography. PSI and PSU are well-studied secure computation protocols to compute the set intersection and the set union, respectively. We show two-party PSI and PSU protocols in each of the two operation models: one is the shuffle-based model in which parties perform all operations publicly, and the other is the private-permutation-based model that allows parties to perform some operations privately. In the shuffle-based model, we show PSI and PSU protocols can be realized with existing secure AND and OR protocols, respectively. However, these protocols have an issue of increasing the number of shuffles depending on the size of the universal set. To resolve the issue, we further propose PSI and PSU protocols with only one shuffle at the cost of increasing the number of cards. In the private-permutation-based model, we show PSI and PSU protocols can be achieved with existing secure AND and OR protocols, respectively, as in the shuffle-based protocols. These protocols have an advantage of requiring only one private permutation and one communication. We further show that the number of cards of these protocols can be reduced at the cost of increasing the number of private permutations and communications.

computer science, theory & methods, hardware & architecture

Yun Luo,Yuling Chen,Tao Li,Yilei Wang

DOI: https://doi.org/10.1109/ithings-greencom-cpscom-smartdata-cybermatics55523.2022.00080

2022-01-01

Abstract:Many distributed interaction scenarios exist in big data networks, which require joint computation in different environments. In the traditional secure multiparty computation(SMPC), there exist constant rounds or even more rounds of interaction, which greatly increases the communication overhead. In this paper, we address the problem of optimizing the complexity of rounds by constructing a secure computation protocol that achieves semi-honest static security based on a polynomial puzzle assumption. The multiparty interactive computation is performed using multilinear maps operation, and the obtained results are transmitted over the broadcast channel. The security analysis shows that the protocol achieves static security.

Seng Pei Liew,Satoshi Hasegawa,Tsubasa Takahashi

2023-07-04

Abstract:We study a protocol for distributed computation called shuffled check-in, which achieves strong privacy guarantees without requiring any further trust assumptions beyond a trusted shuffler. Unlike most existing work, shuffled check-in allows clients to make independent and random decisions to participate in the computation, removing the need for server-initiated subsampling. Leveraging differential privacy, we show that shuffled check-in achieves tight privacy guarantees through privacy amplification, with a novel analysis based on R{é}nyi differential privacy that improves privacy accounting over existing work. We also introduce a numerical approach to track the privacy of generic shuffling mechanisms, including Gaussian mechanism, which is the first evaluation of a generic mechanism under the distributed setting within the local/shuffle model in the literature. Empirical studies are also given to demonstrate the efficacy of the proposed approach.

Machine Learning,Cryptography and Security

Christopher Harth-Kitzerow,Ajith Suresh,Yonqing Wang,Hossein Yalame,Georg Carle,Murali Annavaram

2024-06-29

Abstract:In this work, we present novel protocols over rings for semi-honest secure three-party computation (3PC) and malicious four-party computation (4PC) with one corruption. While most existing works focus on improving total communication complexity, challenges such as network heterogeneity and computational complexity, which impact MPC performance in practice, remain underexplored. Our protocols address these issues by tolerating multiple arbitrarily weak network links between parties without any substantial decrease in performance. Additionally, they significantly reduce computational complexity by requiring up to half the number of basic instructions per gate compared to related work. These improvements lead to up to twice the throughput of state-of-the-art protocols in homogeneous network settings and even larger performance improvements in heterogeneous settings. These advantages come at no additional cost: Our protocols maintain the best-known total communication complexity per multiplication, requiring 3 elements for 3PC and 5 elements for 4PC. We implemented our protocols alongside several state-of-the-art protocols (Replicated 3PC, ASTRA, Fantastic Four, Tetrad) in a novel open-source C++ framework optimized for high throughput. Five out of six implemented 3PC and 4PC protocols achieve more than one billion 32-bit multiplications or over 32 billion AND gates per second using our implementation in a 25 Gbit/s LAN environment. This represents the highest throughput achieved in 3PC and 4PC so far, outperforming existing frameworks like MP-SPDZ, ABY3, MPyC, and MOTION by two to three orders of magnitude.

Cryptography and Security

Zixian Li,Wenjie Liu

2023-07-26

Abstract:In this paper, we present a secure multiparty computation (SMC) protocol for least common multiple (LCM) based on Shor's quantum period-finding algorithm (QPA). Our protocol is based on the following principle: the connection of multiple periodic functions is also a periodic function whose period is exactly the least common multiple of all small periods. Since QPA is a probabilistic algorithm, we also propose a one-vote-down vote protocol based on the existing secure multi-party quantum summation protocol, which is used to verify the results of the proposed LCM protocol. Security analysis shows that under the semi-honest model, the proposed protocol is secure with high probability, while the computational consumption remains at polynomial complexity. The protocol proposed in this paper solves the problem of efficient and secure multiparty computation of LCM, demonstrating quantum computation potential.

Quantum Physics,Cryptography and Security

Shaowei Wang,Changyu Dong,Xiangfu Song,Jin Li,Zhili Zhou,Di Wang,Han Wu

2024-07-12

Abstract:In data-driven applications, preserving user privacy while enabling valuable computations remains a critical challenge. Technologies like Differential Privacy (DP) have been pivotal in addressing these concerns. The shuffle model of DP requires no trusted curators and can achieve high utility by leveraging the privacy amplification effect yielded from shuffling. These benefits have led to significant interest in the shuffle model. However, the computation tasks in the shuffle model are limited to statistical estimation, making the shuffle model inapplicable to real-world scenarios in which each user requires a personalized output. This paper introduces a novel paradigm termed Private Individual Computation (PIC), expanding the shuffle model to support a broader range of permutation-equivariant computations. PIC enables personalized outputs while preserving privacy, and enjoys privacy amplification through shuffling. We propose a concrete protocol that realizes PIC. By using one-time public keys, our protocol enables users to receive their outputs without compromising anonymity, which is essential for privacy amplification. Additionally, we present an optimal randomizer, the Minkowski Response, designed for the PIC model to enhance utility. We formally prove the security and privacy properties of the PIC protocol. Theoretical analysis and empirical evaluations demonstrate PIC's capability in handling non-statistical computation tasks, and the efficacy of PIC and the Minkowski randomizer in achieving superior utility compared to existing solutions.

Cryptography and Security,Machine Learning

Minglang Dong,Yu Chen,Cong Zhang,Yujie Bai

2024-07-01

Abstract:Multi-party private set union (MPSU) protocol enables $m$ $(m > 2)$ parties, each holding a set, to collectively compute the union of their sets without revealing any additional information to other parties. There are two main categories of MPSU protocols: The first builds on public-key techniques. All existing works in this category involve a super-linear number of public-key operations, resulting in poor practical efficiency. The second builds on oblivious transfer and symmetric-key techniques. The only existing work in this category is proposed by Liu and Gao (ASIACRYPT 2023), which features the best concrete performance among all existing protocols, despite its super-linear computation and communication. Unfortunately, it does not achieve the standard semi-honest security, as it inherently relies on a non-collusion assumption, which is unlikely to hold in practice. Therefore, the problem of constructing a practical MPSU protocol based on oblivious transfer and symmetric-key techniques in standard semi-honest model remains open. Furthermore, there is no MPSU protocol achieving both linear computation and linear communication complexity, which leaves another unresolved problem. In this work, we resolve these two open problems. We propose the first MPSU protocol based on oblivious transfer and symmetric-key techniques in the standard semi-honest model. This protocol is $4.9-9.3 \times$ faster than Liu and Gao in the LAN setting. Concretely, our protocol requires only $3.6$ seconds in online phase for 3 parties with sets of $2^{20}$ items each. We propose the first MPSU protocol achieving both linear computation and linear communication complexity, based on public-key operations. This protocol has the lowest overall communication costs and shows a factor of $3.0-36.5\times$ improvement in terms of overall communication compared to Liu and Gao.

Cryptography and Security