Jamie Cui,Chaochao Chen,Alex X. Liu,Li Wang

2021-01-01

Abstract:With the emerging popularity of cloud computing, the problem of how to query over cryptographically-protected data has been widely studied. However, most existing works focus on querying protected relational databases, few work has shown interests in graph databases. In this paper, we first investigate and summarize two single-instruction queries, namely Graph Pattern Matching (GPM) and Graph Navigation (GN). Then we follow their design intuitions and leverage secure Multi-Party Computation (MPC) to implement their functionalities in a privacy-preserving manner. Moreover, we propose a general framework for processing multi-instruction query on secret-shared graph databases and present a novel cryptographic primitive Oblivious Filter (OF) as a core building block. Nevertheless, we formalize the problem of OF and present its constructions using homomorphic encryption. Finally, we conduct an empirical study to evaluate the efficiency of our proposed OF protocol.

Lianke Qin,Rajesh Jayaram,Elaine Shi,Zhao Song,Danyang Zhuo,Shumo Chu

2023-09-29

Abstract:There has been a recent effort in applying differential privacy on memory access patterns to enhance data privacy. This is called differential obliviousness. Differential obliviousness is a promising direction because it provides a principled trade-off between performance and desired level of privacy. To date, it is still an open question whether differential obliviousness can speed up database processing with respect to full obliviousness. In this paper, we present the design and implementation of three new major database operators: selection with projection, grouping with aggregation, and foreign key join. We prove that they satisfy the notion of differential obliviousness. Our differentially oblivious operators have reduced cache complexity, runtime complexity, and output size compared to their state-of-the-art fully oblivious counterparts. We also demonstrate that our implementation of these differentially oblivious operators can outperform their state-of-the-art fully oblivious counterparts by up to $7.4\times$.

Databases,Cryptography and Security

Simeon Krastnikov,Florian Kerschbaum,Douglas Stebila

DOI: https://doi.org/10.14778/3407790.3407814

2020-12-16

Abstract:A major algorithmic challenge in designing applications intended for secure remote execution is ensuring that they are oblivious to their inputs, in the sense that their memory access patterns do not leak sensitive information to the server. This problem is particularly relevant to cloud databases that wish to allow queries over the client's encrypted data. One of the major obstacles to such a goal is the join operator, which is non-trivial to implement obliviously without resorting to generic but inefficient solutions like Oblivious RAM (ORAM). We present an oblivious algorithm for equi-joins which (up to a logarithmic factor) matches the optimal $O(n\log n)$ complexity of the standard non-secure sort-merge join (on inputs producing $O(n)$ outputs). We do not use use expensive primitives like ORAM or rely on unrealistic hardware or security assumptions. Our approach, which is based on sorting networks and novel provably-oblivious constructions, is conceptually simple, easily verifiable, and very efficient in practice. Its data-independent algorithmic structure makes it secure in various different settings for remote computation, even in those that are known to be vulnerable to certain side-channel attacks (such as Intel SGX) or with strict requirements for low circuit complexity (like secure multiparty computation). We confirm that our approach is easily realizable through a compact implementation which matches our expectations for performance and is shown, both formally and empirically, to possess the desired security characteristics.

Databases,Cryptography and Security,Data Structures and Algorithms

Bingsheng Zhang

DOI: https://doi.org/10.1007/978-3-642-24316-5_6

2011-01-01

Abstract:During an adaptive oblivious transfer (OT), a sender has n private documents, and a receiver can adaptively fetch k documents from them such that the sender learns nothing about the receiver’s selection and the receiver learns nothing more than those k documents. Most recent fully simulatable adaptive OT schemes are based on so-called “assisted decryption” or “blind decryption”. In this paper, we revisit another technique, “blind permute-decryption”, for designing adaptive OT. We propose an efficient generic fully simulatable oblivious transfer framework with statistical receiver’s privacy that based on “blind permute-decryption” together with three concrete installations. The first one is based on Elgamal, so the corresponding OT is secure under classical DDH assumption. The second one is based on Paillier, so the corresponding OT is secure under Decisional n-th Residuosity assumption. Besides, we introduce an extended zero-knowledge proof framework with several applications.

Bingsheng Zhang

DOI: https://doi.org/10.1007/978-3-642-24316-5_17

2011-01-01

Abstract:Various information-theoretically secure Multi-Party Computation (MPC) schemes have been proposed over some finite field \(\mathbb{F}\) or some finite ring ℝ. A function f that can be evaluated on MPC is usually represented by boolean or arithmetic circuits. In general, the function class that have constant-depth arithmetic circuit is studied. Additionally, some literatures show that one can represent any formulas and branching program by low-degree randomizing polynomials, which can be evaluated in constant rounds. However, these approaches have their limitations, and it is not easy to construct the optimal branching program for a complex function. Therefore, it is not obvious how to efficiently perform oblivious sort in constant rounds, but oblivious sort is one of the most important primitive protocols for MPC in practice. In this paper, we are going to show several constant-round 0-error oblivious sorting algorithms, together with some useful applications.

Yehuda Afek,Yakov Babichenko,Uriel Feige,Eli Gafni,Nati Linial,Benny Sudakov

DOI: https://doi.org/10.48550/arXiv.1106.2065

2011-06-10

Abstract:Communication is a crucial ingredient in every kind of collaborative work. But what is the least possible amount of communication required for a given task? We formalize this question by introducing a new framework for distributed computation, called {\em oblivious protocols}. We investigate the power of this model by considering two concrete examples, the {\em musical chairs} task $MC(n,m)$ and the well-known {\em Renaming} problem. The $MC(n,m)$ game is played by $n$ players (processors) with $m$ chairs. Players can {\em occupy} chairs, and the game terminates as soon as each player occupies a unique chair. Thus we say that player $P$ is {\em in conflict} if some other player $Q$ is occupying the same chair, i.e., termination means there are no conflicts. By known results from distributed computing, if $m \le 2n-2$, no strategy of the players can guarantee termination. However, there is a protocol with $m = 2n-1$ chairs that always terminates. Here we consider an oblivious protocol where in every time step the only communication is this: an adversarial {\em scheduler} chooses an arbitrary nonempty set of players, and for each of them provides only one bit of information, specifying whether the player is currently in conflict or not. A player notified not to be in conflict halts and never changes its chair, whereas a player notified to be in conflict changes its chair according to its deterministic program. Remarkably, even with this minimal communication termination can be guaranteed with only $m=2n-1$ chairs. Likewise, we obtain an oblivious protocol for the Renaming problem whose name-space is small as that of the optimal nonoblivious distributed protocol. Other aspects suggest themselves, such as the efficiency (program length) of our protocols. We make substantial progress here as well, though many interesting questions remain open.

Distributed, Parallel, and Cluster Computing

Chuan Zhao,Han Jiang,Xiaochao Wei,Qiuliang Xu,Minghao Zhao

DOI: https://doi.org/10.1109/trustcom.2015.398

2015-01-01

Abstract:Oblivious transfer is a fundamental tool in cryptographic protocols, especially in secure two-party computation. In TCC 2011, Lindell and Pinkas proposed a variant called cut-and-choose oblivious transfer, which did a great job in solving the selective failure attack in secure two-party computation protocols based on cut-and-choose paradigm. In this paper, we present a new primitive called cut-and-choose bilateral oblivious transfer. As an extension to cut-and-choose oblivious transfer, in addition to overcoming the selective failure attack, this primitive also makes a contribution to reducing the round number of the protocols that invoke it. This is very important in the scenarios where interactions between parties are limited. Besides, the application of this primitive in the outer protocols enables us to present a more modular and clean high-level description of the protocol framework. Furthermore, we believe that the new primitive is of independent research interest itself and could be useful in many cut-and-choose scenarios. Based on homomorphic encryption, we construct an efficient instantiation of this primitive in malicious model, and present a formal rigorous proof of its security under ideal/real simulation paradigm.

Yvo Desmedt,Aydin Abadi

2024-06-21

Abstract:Databases play a pivotal role in the contemporary World Wide Web and the world of cloud computing. Unfortunately, numerous privacy violations have recently garnered attention in the news. To enhance database privacy, we consider Oblivious Transfer (OT), an elegant cryptographic technology. Our observation reveals that existing research in this domain primarily concentrates on theoretical cryptographic applications, overlooking various practical aspects: - OTs assume parties have direct access to databases. Our "1-out-of-2 Delegated-Query OT" enables parties to privately query a database, without direct access. - With the rise of cloud computing, physically separated databases may no longer remain so. Our "1-out-of-2 Delegated-Query Multi-Receiver OT" protects privacy in such evolving scenarios. - Research often ignores the limitations of thin clients, e.g., Internet of Things devices. To address this, we propose a compiler that transforms any 1-out-of-n OT into a thin client version.

Cryptography and Security

Y Mu,JQ Zhang,V Varadharajan,YX Lin

DOI: https://doi.org/10.1109/lcomm.2003.811213

IF: 3.5529

2003-01-01

IEEE Communications Letters

Abstract:We present a novel scheme of noninteractive m out of n oblivious transfer, which demonstrates significant improvement over the existing schemes in terms of completeness, robustness and flexibility. This scheme is useful for protection of user privacy in the Internet.

Olga Ohrimenko,Michael T. Goodrich,Roberto Tamassia,Eli Upfal

DOI: https://doi.org/10.48550/arXiv.1402.5524

2014-02-22

Cryptography and Security

Abstract:We present a simple, efficient, and secure data-oblivious randomized shuffle algorithm. This is the first secure data-oblivious shuffle that is not based on sorting. Our method can be used to improve previous oblivious storage solutions for network-based outsourcing of data.

Qinglong Wang,Jintai Ding

DOI: https://doi.org/10.1080/01611194.2014.915261

2014-01-01

Cryptologia

Abstract:Abstract In this article, the authors cryptanalyze a k-out-of-n oblivious transfer protocol proposed in [12]. Their protocol is one of the most efficient k-out-of-n oblivious transfer protocols and is directly built from a 1-out-of-n oblivious transfer protocol. However, their analysis shows that the proposed k-out-of-n oblivious transfer protocol is insecure, though the primitive 1-out-of-n oblivious transfer protocol is secure. The weakness is that with high probability the receiver in their protocol can get all n secret messages encrypted by the sender. Finally, they fix the serious flaw and introduce an improved k-out-of-n oblivious transfer protocol without increasing any cost.

Wenlong Tian,Guo Jian,Zhiyong Xu,Ruixuan Li,Weijun Xiao

DOI: https://doi.org/10.1109/tdsc.2024.3361450

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Recently, Oblivious Storage has been proposed to prevent privacy leakage from user access patterns, which obfuscates and makes it computationally indistinguishable from the random sequences by fake accesses and probabilistic encryption. The same data exhibits distinct ciphertexts. Thus, it seriously impedes cloud providers' efforts to improve storage utilization to remove user redundancy, which has been widely used in the existing cloud storage scenario. Inspired by the successful adoption of removing duplicate data in cloud storage, we attempt to integrate obliviousness, remove redundancy, and propose a practical oblivious storage, PEO-Store. Instead of fake accesses, introducing delegates breaks the mapping link between a valid access pattern and a specific client. The cloud interacts only with randomly authorized delegates. This design leverages non-interactive zero-knowledge-based redundancy detection, discrete logarithm problem-based key sharing, and secure time-based delivery proof. These components collectively protect access pattern privacy, accurately eliminate redundancy, and prove the data delivery among delegates and the cloud. Theoretical proof demonstrates that, in our design, the probability of identifying the valid access pattern with a specific client is negligible. Experimental results show that PEO-Store outperforms state-of-the-art methods, achieving an average throughput of up to 3 times faster and saving 74% of storage space.

computer science, information systems, software engineering, hardware & architecture

Run-hua SHI,Hong ZHONG,Jie CUI,Yan XU,Shun ZHANG,Liu-sheng HUANG

DOI: https://doi.org/10.3969/j.issn.0372-2112.2014.11.022

2014-01-01

Abstract:Oblivious Transfer (OT) protocol is a fundamental building block for Secure Multiparty Computation and finds critically important applications in protecting privacy in various settings .Nevertheless ,existing OT protocols do not include the pro-cedure to conduct the statistical analysis in a cooperative environment .Here ,a new OT protocol is proposed with a cooperative sta-tistical analysis by pursuing secure multiparty computation of the sum ,adopting the homomorphic encryption scheme ,and using a clever coding method .Specifically ,the sender can calculate the total number of each message sent privately within a given period . Theoretical analysis indicates that the new protocol allows for secure and efficient transfer of private messages in an oblivious way and shows great promise for practical applications in Electronic Commerce ,Healthcare Management and other secure systems as well .

Li Ye,Zoe L. Jiang,Wang Xuan,S. M. Yiu,Liao Qing

DOI: https://doi.org/10.1109/DSC.2017.80

2017-01-01

Abstract:Many companies want to share data for data-mining tasks. However, the privacy and security concerns become a bottleneck in the data sharing filed. The secure multiparty computation (SMC)-based privacy-preserving data mining has emerged as a solution to this problem. However, traditional SMC solutions are inefficient. We introduce the method of outsourcing to reduce the computation cost of user's side. In order to preserve the privacy of the sharing data, we propose an outsourced privacy-preserving C4.5 algorithm on arbitrarily partitioned databases based on the outsourced accountable computing for finding frequent itemsets (OACFFI) and the outsourced weighted average computing (OWAC) protocols. As a result, we show that our method can achieve similar result with the original C4.5 decision tree algorithm, but also preserve the privacy of the data. We prove that there is a sublinear relationship between the computational cost of user side and the number of participating parties.

Marco Comi,Bhaskar DasGupta,Michael Schapira,Venkatakumar Srinivasan

DOI: https://doi.org/10.1016/j.tcs.2012.07.008

2012-07-10

Abstract:A traditionally desired goal when designing auction mechanisms is incentive compatibility, i.e., ensuring that bidders fare best by truthfully reporting their preferences. A complementary goal, which has, thus far, received significantly less attention, is to preserve privacy, i.e., to ensure that bidders reveal no more information than necessary. We further investigate and generalize the approximate privacy model for two-party communication recently introduced by Feigenbaum et al.[8]. We explore the privacy properties of a natural class of communication protocols that we refer to as "dissection protocols". Dissection protocols include, among others, the bisection auction in [9,10] and the bisection protocol for the millionaires problem in [8]. Informally, in a dissection protocol the communicating parties are restricted to answering simple questions of the form "Is your input between the values \alpha and \beta (under a predefined order over the possible inputs)?". We prove that for a large class of functions, called tiling functions, which include the 2nd-price Vickrey auction, there always exists a dissection protocol that provides a constant average-case privacy approximation ratio for uniform or "almost uniform" probability distributions over inputs. To establish this result we present an interesting connection between the approximate privacy framework and basic concepts in computational geometry. We show that such a good privacy approximation ratio for tiling functions does not, in general, exist in the worst case. We also discuss extensions of the basic setup to more than two parties and to non-tiling functions, and provide calculations of privacy approximation ratios for two functions of interest.

Cryptography and Security,Computer Science and Game Theory

David Reichmuth,Ittoop Vergheese Puthoor,Petros Wallden,Erika Andersson

2024-09-26

Abstract:Oblivious transfer is a fundamental cryptographic primitive which is useful for secure multiparty computation. There are several variants of oblivious transfer. We consider 1 out of 2 oblivious transfer, where a sender sends two bits of information to a receiver. The receiver only receives one of the two bits, while the sender does not know which bit the receiver has received. Perfect quantum oblivious transfer with information theoretic security is known to be impossible. We aim to find the lowest possible cheating probabilities. Bounds on cheating probabilities have been investigated for complete protocols, where if both parties follow the protocol, the bit value obtained by the receiver matches the sender bit value. We instead investigate incomplete protocols, where the receiver obtains an incorrect bit value with probability pf. We present optimal non interactive protocols where Alice bit values are encoded in four symmetric pure quantum states, and where she cannot cheat better than with a random guess. We find the protocols such that for a given pf, Bob cheating probability pr is as low as possible, and vice versa. Furthermore, we show that non-interactive quantum protocols can outperform non-interactive classical protocols, and give a lower bound on Bob cheating probability in interactive quantum protocols. Importantly for optical implementations, our protocols do not require entanglement nor quantum memory.

Quantum Physics

Pengfei Wu,Jianting Ning,Xinyi Huang,Joseph K. Liu

DOI: https://doi.org/10.1109/tdsc.2022.3206758

2023-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Privacy-preserving pattern matching enables a user to find all occurrences of a pattern in a text without revealing any sensitive information. However, many previous works designed on homomorphic encryption suffer from expensive computational overhead and a simple way to use it can lead to potential input leakage via access pattern during the matching process. In this article, we propose a differentially oblivious pattern matching algorithm, called DOPM . It is deployed on two servers by taking a series of lightweight secret-sharing-based protocols as building blocks. In DOPM , we utilize a witness array and the single instruction multiple data (SIMD) technique to parallelize the algorithm, which achieves sublinear round complexity in performing two-party computation. Additionally, we formally define a new access pattern privacy in the context of differential privacy, named $(\epsilon,\delta)$ -differentially oblivious privacy ( $(\epsilon,\delta)$ -DOP), and present a pair of differentially oblivious algorithms to read and write elements in an array without using oblivious shuffle. Detailed security analysis demonstrates that the proposed DOPM achieves the goal of protecting confidentiality and access pattern during the matching process. Finally, we benchmark our scheme on a real-world human genome dataset, and experimental results show that DOPM is $10.9\times$ faster than the brute-force matching, $3.4-7.1\times$ faster than two state-of-the-art approaches.

Zhao Shengnan,Jiang Han,Wei Xiaochao,Ke Junming,Zhao Minghao

DOI: https://doi.org/10.7544/issn1000-1239.2017.20170463

2017-01-01

Journal of Computer Research and Development

Abstract:Oblivious transfer (OT ) is a cryptographic primitive used for choice information hiding for the receiver .As a basic tool for high-level multi-party cryptographic protocol construction ,it plays an important role in numerous specific applications .In the k-out-of-n OT (OT k n ) ,the receiver acquires k selections among the n choice in an oblivious manner .Generally ,the construction of the OT kn involves lots of group exponential operations ,which brings a heavy burden for embedded devices with limited computational capabilities . With the proliferation of cloud computing ,it is feasible to implement complex cryptographic primitives with the support of powerful computing recourse and high-speed dedicated network provided by the cloud service provider (CSP) .In this paper ,we propose a service-assisted k-out-of-n OT protocol in single server architecture ,which outsources the vast majority of exponentiation operations to the cloud . This scheme is constructed with secret sharing and other fundamental public-key primitives ,and it achieves provable security on none-collusion semi-honest model under the decisional Diffie-Hellamn (DDH) hard problem ;meanwhile it ensures data privacy against the cloud server .Besides ,a detailed description of scheme construction and security proof is presented in the context .As a basic cryptographic primitive in cloud environment ,the single server-added oblivious transfer protocol will play an important role in designs of general cloud-assisted multi-party computation protocol as well as developments of secure and efficient cloud service software .

Yun Luo,Yuling Chen,Tao Li,Yilei Wang

DOI: https://doi.org/10.1109/ithings-greencom-cpscom-smartdata-cybermatics55523.2022.00080

2022-01-01

Abstract:Many distributed interaction scenarios exist in big data networks, which require joint computation in different environments. In the traditional secure multiparty computation(SMPC), there exist constant rounds or even more rounds of interaction, which greatly increases the communication overhead. In this paper, we address the problem of optimizing the complexity of rounds by constructing a secure computation protocol that achieves semi-honest static security based on a polynomial puzzle assumption. The multiparty interactive computation is performed using multilinear maps operation, and the obtained results are transmitted over the broadcast channel. The security analysis shows that the protocol achieves static security.

Bingsheng Zhang,Helger Lipmaa,Cong Wang,Kui Ren

DOI: https://doi.org/10.1007/978-3-642-39884-1_8

2013-01-01

Abstract:During an adaptive k-out-of-N oblivious transfer (OT), a sender has N private documents, and a receiver wants to adaptively fetch k documents from them such that the sender learns nothing about the receiver’s selection and the receiver learns nothing more than those chosen documents. Many fully simulatable and universally composable adaptive OT schemes have been proposed, but those schemes typically require \(\mathcal{O}(N)\) communication in the initialization phase, which yields \(\mathcal{O}(N)\) overall communication. On the other hand, in some applications, the receiver just needs to fetch a small number of documents, so the initialization cost dominates in the entire protocol, especially for 1-out-of-N OT. We propose the first fully simulatable adaptive OT with sublinear communication under the DDH assumption in the plain model. Our scheme has \(\mathcal{O}(N^{1/2})\) communication in both the initialization phase and each transfer phase. It achieves better (amortized) overall communication complexity compared to existing schemes when \(k=\mathcal{O}(N^{1/2})\).