Sheng Zhong,Tingting Chen

DOI: https://doi.org/10.1002/dac.1169

2010-01-01

International Journal of Communication Systems

Abstract:An important application of the Internet is that people can find partners satisfying their requirements from the huge number of users. In this paper, we present a cryptographic protocol for private matching, in which a user finds her desired partners without revealing her requirements, and the potential partners do not need to reveal their profiles. An additional advantage of our protocol is that it is identity‐based, which means the involved parties do not need to have a priori knowledge of each other's public keys; as long as they know each other's identities, the protocol can be executed. Copyright © 2010 John Wiley & Sons, Ltd.

Luo Yonglong,Huang Liusheng,Yang Wei,Xu Weijiang

2009-01-01

Abstract:Comparing information secretly is the fundamental to secure multiparty computation. The known private comparison protocols without a third party can only resolve the Greater than (GT) problem and can only compare two integers. In this paper, we develop an improved cross products protocol by using the Paillier's additive homomorphic encryption at first. Then, we propose a three-round protocol for solving the private comparison problem in the semi-honest setting based on the property of the cross products. In comparison with the known private comparison protocols, our method can determine whether a > b, a < b or a = b for two numbers a and b by running our proposed protocol only once. Moreover, our protocol can compare two real numbers in addition to integers. The analysis shows that our method is more powerful than previous methods.

陈良,许勇

DOI: https://doi.org/10.3969/j.issn.1001-3695.2010.03.075

2010-01-01

Abstract:Secure two-party comparing is a special case and a basic module of secure computations,and is applied in mobile code and e-commerce security etc.But known solutions have some disadvantages:expensive costs of computing and communicating,limited ranges of compared numbers.Based on a modified ElGamal algorithm,this paper presented and proved multiplicative,mixed-multiplicative,additive and subtractive homomorphic cryptosystem.Constructed an encrypted function unknown by two-party using the homomorphic cryptosystem.Based on the homomorphic cryptosystem and evaluation of encrypted functions,designed secure two-party comparing protocol under semi-honest model.Proof,example and comparing with other protocols show the proposed protocol has the merits of security,fairness,lower costs of communication and computational complexity,and comparing integers.

XIE Qi,CHEN De-ren,YU Xiu-yuan

IF: 2.034

2010-01-01

Systems Engineering

Abstract:In 2009, Park, et al. proposed an efficient remote user authentication protocol. They claimed that their protocol was the first password and smart card based remote user authentication scheme which can resist the off-line password guessing attack, and had many advantages over existing solutions such as no password tables and timestamp, low communication and computational costs. However, this paper shows that their protocol cannot resist the forgery attack and off-line password guessing attack. To overcome the security weaknesses, two improved schemes based on either nonce or timestamp without affecting the merits of the Park, et al. scheme are proposed. Technical discussions are provided to show that the improved protocol is secure, efficient and practical.

Jianqing Fu,Jian Chen,Rong Fan,XiaoPing Chen,Lingdi Ping

DOI: https://doi.org/10.1109/wcse.2009.731

2009-01-01

Abstract:With the widespread use of mobile devices, authentication and privacy of identification become important issues. We analyzed the security flaws and shortcomings of a delegation-based authentication protocol which was proposed by Caimu Tang, et al., and provided an improved protocol. We use elliptic-curve cryptography and hash chain to ensure the safety of system in our scheme. The research results reveal that the improved protocol can not only corrects the security flaws but also improve the efficiency of key management and reduce the computational load.

Xin Liu,Shundong Li,Jian Liu,Xiubo Chen,Gang Xu

DOI: https://doi.org/10.1186/s40064-016-3061-0

2016-01-01

SpringerPlus

Abstract:Private comparison is fundamental to secure multiparty computation. In this study, we propose novel protocols to privately determine [Formula: see text], or [Formula: see text] in one execution. First, a 0-1-vector encoding method is introduced to encode a number into a vector, and the Goldwasser-Micali encryption scheme is used to compare integers privately. Then, we propose a protocol by using a geometric method to compare rational numbers privately, and the protocol is information-theoretical secure. Using the simulation paradigm, we prove the privacy-preserving property of our protocols in the semi-honest model. The complexity analysis shows that our protocols are more efficient than previous solutions.

Linming Gong,Shundong Li,Chunying Wu,Daoshun Wang

DOI: https://doi.org/10.1109/access.2018.2827025

IF: 3.9

2018-01-01

IEEE Access

Abstract:Many privacy protections in distributed setting are based on secure comparison, according to which two distrusted users try to jointly determine whether a > b, a = b, or a < b. Performing "secure comparison" is fundamental to achieve widespread acceptance of privacy protection for distributed setting users. Surprisingly, however, no attention has been paid to secure comparison on fractions, to the best of our knowledge. In this paper, we first present an efficient system for computing ((ka + k(1))/(kb + k(1))), which implies the potential relationship (a > b, a = b, and a < b) between a and b, where k, k(1), and b belong to the party who doesn't have the secret of the system. Based on this system, two distrusted users in distributed setting can learn whether a > b, a = b, or a < b in one execution, without disclosing a and b to each other. Then, we develop two efficient protocols for secure comparison on integers and secure comparison on fractions, respectively. Our schemes, based on homomorphic encryption, are cryptographically secure. We prove that these protocols are secure using simulation paradigm. Our approaches can be used in many secure multi-party computation protocols that involve fractions, rational numbers, and integers. They can also be more convenient to solve some secure multiparty computational geometry problems that often involve ratio evaluation.

Antigoni Polychroniadou,Gilad Asharov,Benjamin Diamond,Tucker Balch,Hans Buehler,Richard Hua,Suwen Gu,Greg Gimler,Manuela Veloso

2023-10-15

Abstract:Inventory matching is a standard mechanism/auction for trading financial stocks by which buyers and sellers can be paired. In the financial world, banks often undertake the task of finding such matches between their clients. The related stocks can be traded without adversely impacting the market price for either client. If matches between clients are found, the bank can offer the trade at advantageous rates. If no match is found, the parties have to buy or sell the stock in the public market, which introduces additional costs. A problem with the process as it is presently conducted is that the involved parties must share their order to buy or sell a particular stock, along with the intended quantity (number of shares), to the bank. Clients worry that if this information were to leak somehow, then other market participants would become aware of their intentions and thus cause the price to move adversely against them before their transaction finalizes. We provide a solution, Prime Match, that enables clients to match their orders efficiently with reduced market impact while maintaining privacy. In the case where there are no matches, no information is revealed. Our main cryptographic innovation is a two-round secure linear comparison protocol for computing the minimum between two quantities without preprocessing and with malicious security, which can be of independent interest. We report benchmarks of our Prime Match system, which runs in production and is adopted by J.P. Morgan. The system is designed utilizing a star topology network, which provides clients with a centralized node (the bank) as an alternative to the idealized assumption of point-to-point connections, which would be impractical and undesired for the clients to implement in reality. Prime Match is the first secure multiparty computation solution running live in the traditional financial world.

Cryptography and Security,General Economics,Trading and Market Microstructure

Mu-En Wu,Shih-Ying Chang,Chi-Jen Lu,Hung-Min Sun

DOI: https://doi.org/10.1016/j.ins.2014.01.016

IF: 8.1

2014-01-01

Information Sciences

Abstract:In a Private Matching (PM) scheme, the client C has a dataset X of m elements, and the server S has a dataset Y of n elements. The client C can learn the set intersection X∩Y without leaking any information to the server S. Previously, the most efficient PM scheme requires communication of complexity O∼(m+n), which increases linearly with n. This may not be efficient enough in Client–Server models because the server’s dataset Y is usually large. In this paper, we propose a PM scheme based on Oblivious Transfer (OT) and universal hash function. Our scheme requires communication of complexity O∼(m·log2n). Thus, our scheme is especially suitable for Client–Server models. We show that our scheme becomes more efficient when log2(mn)1+Δ=O∼nm for security parameter Δ>0. However, utilizing the universal hash function would cause a mismatch issue which affects the accuracy of the PM scheme. In addition, it leaks the server’s information. Therefore, we define approximate PM by relaxing the definition of PM; it is proved to be almost as secure as a PM scheme in a Client–Server model with proper configurations.

舒剑,许春香

DOI: https://doi.org/10.3969/j.issn.1001-0548.2009.03.018

2009-01-01

Abstract:The security of an authenticated group key exchange is analyzed,the results show that it is insecure due to redundancy of the exchange messages.Based on the protocol of Burmester and Desmedt,an improved protocol is proposed with merits in terms of computation and communication.The improved protocol provides not only the capability of forward secrecy and mutual authentication,but also the capability against man-in-middle attack.The protocol is proven secure in the random-oracle and ideal-cipher models under the computational Diffie-Hellman(CDH) assumption.

XU Chun-xiang,HE Xiao-hu

DOI: https://doi.org/10.3969/j.issn.1001-0548.2012.04.023

2012-01-01

Abstract:Three-party password-based authenticated key exchange protocols allow two clients to authenticate each other and establish a shared session key through a trusted server who preserves clients’ passwords or verifiers about passwords.However,because of the low entropy of passwords,password-based authenticated key exchange protocols are vulnerable to dictionary attacks.Based on available protocols,a new efficient three-party password-based authenticated key exchange protocol is proposed by combining the symmetric encryption algorithm with the method of two-party key exchange protocol of Diffie-Hellman.Results indicate that and the proposed protocol can resist against various attacks and provide the perfect forward security.

Jie Ma,Bin Qi,Kewei Lv

DOI: https://doi.org/10.48550/arXiv.2105.00625

2021-05-03

Abstract:Secure integer comparison has been a popular research topic in cryptography, both for its simplicity to describe and for its applications. The aim is to enable two parties to compare their inputs without revealing the exact value of those inputs. In this paper, we highlight three-party integer comparison (TPIC), where a \emph{judge}, with no private input, wants to know the comparison result, while two \emph{competitors} hold secret integers to do privacy-preserving comparison. The judge actively obtains the result rather than passively waiting for it sent by a competitor. We give two TPIC constructions considering \emph{Mixed adversaries}, who have with different capabilities. One is secure against a semi-honest adversary with low computation and communication cost, while the other is secure against a malicious adversary. Basing on TPIC, we present multi-party comparisons through concrete applications, including a joint bidding scheme and a practical auction. Brief security proofs and analysis for the applications are presented. In comparison, our auction scheme is more efficient with lower cost, making it feasible in practice rather than a theoretical design. All the comparisons and application schemes run on top of blockchain requiring a constant number of rounds.

Cryptography and Security

Xiaochao Wei,Minghao Zhao,Qiuliang Xu

DOI: https://doi.org/10.1007/s00500-017-2560-4

IF: 3.732

2017-01-01

Soft Computing

Abstract:Pattern matching is a basic algorithmic problem that identifies the appearance as well as the location of a pattern in a specific text, and one of the most important variants of that, approximate pattern matching, can be used to discern a substring in the text that is similar to the pattern, as long as their differences stay within a certain threshold. It serves as a basic component in many real-world applications, such as facial recognition, DNA matching and music retrieval. Motivated by the newly emerging secure outsourced computing, in this paper we proposed protocols to realize these functionalities in a privacy-preserving manner. Specifically, we constructed exact and approximate matching protocols, and both of them ensure that the party holds the text (with length of n ) learns noting about the pattern (with length of m ). We composed a novel idea to combine secret sharing scheme with oblivious transfer (OT), such as to transform the secure pattern matching problem into reconstructing of a shared secret, which means that if a shared secret can be correctly reconstructed, it indicates the pattern indeed exists in the text. Our protocol for approximate pattern matching is generated in the cloud-assisted setting, where the reconstruction phase is outsourced to an honest-but-curious cloud server. Using oblivious transfer extension technique, a powerful method to use few integrated OTs to implement large-scale single OTs, our protocol is efficiently constructed. Both of the protocols are secure in semi-honest model, and we present a detailed secure simulation-based proof in this paper.

Linxia Gong,Grace Ndeezi,Dezhi Ye,Hao Li,Runze Wu,Jianrong Tao,Changjie Fan,Peng Cui

DOI: https://doi.org/10.1145/3394486.3403279

2020-01-01

Abstract:Matchmaking is a core problem for the e-sports and online games, which determines the player satisfaction and further influences the life cycle of the gaming products. Most of matchmaking systems take the form of grouping the queuing players into two opposing teams by following certain rules. The design and implementation of matchmaking systems are usually product-specific and labor-intensive.

ShunDong Li,YiQi Dai,DaoShun Wang,Ping Luo

DOI: https://doi.org/10.1007/s11432-008-0112-3

2008-01-01

Abstract:Secure multiparty computation has become a central research focus in the international cryptographic community. Secure comparing two sets is an important problem in secure multiparty computation. The research on privately determining whether two sets are equal has not been investigated. This study solves the problem by mapping these sets into natural numbers and then comparing corresponding numbers. We propose two secure multiparty computation protocols for comparing two sets. It is proved by well-accepted simulation paradigm that these solutions are private in semi-honest model. These solutions have important significance in constructing other secure multiparty computation protocols.

Helger Lipmaa,Bingsheng Zhang

DOI: https://doi.org/10.1007/978-3-642-16342-5_12

2010-01-01

Abstract:In a selective private function evaluation (SPFE) protocol, the client privately computes some predefined function on his own input and on m out of server's n database elements. We propose two new generalized SPFE protocols that are based on the new cryptocomputing protocol by Ishai and Paskin and an efficient CPIR. The first protocol works only for constant values of m,, but has 2 messages, and is most efficient when m = 1. The second SPFE protocol works for any m, has 4 messages, and is efficient for a large class of functionalities. We then propose an efficient protocol for private similarity test, where one can compute how similar client's input is to a specific element in server's database, without revealing any information to the server. The latter protocol has applications in biometric authentication.

Qiming Hu,Huan Ye,Fagen Li,Chaosheng Feng

DOI: https://doi.org/10.1016/j.jisa.2024.103894

IF: 4.96

2024-01-01

Journal of Information Security and Applications

Abstract:The interval test problem is a variant of Yao's millionaires' problem to check whether a value x belongs to an interval R. Existing solutions to the interval test problem prioritize generic protocols but encounter efficiency challenges. There is a growing interest in developing efficient and secure multi-party computation protocols tailored to specific applications. In this paper, we propose a secure and simplified protocol for solving the interval test problem. This protocol exhibits high generality, as it only requires invocations of the private set intersection cardinality (PSI-CA) subprotocol. Furthermore, we modify it to construct amore efficient protocol for small integers by introducing oblivious transfer (OT) to reduce the times of homomorphic encryption. Our protocols provide privacy protection for both clients and servers in the semi-honest security model. We evaluate the computational and communication overhead of our protocols. Our OT-based secure interval test (OT-SIT) protocol is seven times faster than existing protocols for 18-bit integers. When the bit length is 4, it reduces communication overhead by approximately 97%. The upstream overhead is as low as 500 B. However, it uses binary tree structures, so the advantages in computation and communication quickly diminish as the bit length increase.

Xin Liu,Jianwei Kong,Dan Luo,Neal Xiong,Gang Xu,Xiubo Chen

DOI: https://doi.org/10.3390/electronics12122617

IF: 2.9

2023-01-01

Electronics

Abstract:With natural language processing as an important research direction in deep learning, the problems of text similarity calculation, natural language inference, question and answer systems, and information retrieval can be regarded as text matching applications for different data and scenarios. Secure matching computation of text string patterns can solve the privacy protection problem in the fields of biological sequence analysis, keyword search, and database query. In this paper, we propose an Intelligent Semi-Honest System (ISHS) for secret matching against malicious adversaries. Firstly, a secure computation protocol based on the semi-honest model is designed for the secret matching of text strings, which adopts a new digital encoding method and an ECC encryption algorithm and can provide a solution for honest participants. The text string matching protocol under the malicious model which uses the cut-and-choose method and zero-knowledge proof is designed for resisting malicious behaviors that may be committed by malicious participants in the semi-honest protocol. The correctness and security of the protocol are analyzed, which is more efficient and has practical value compared with the existing algorithms. The secure text matching has important engineering applications.

Ye Chen,Zhengtao Jiang,Huiqiang Li,Ting Yu

DOI: https://doi.org/10.1109/ICIS54925.2022.9882463

2022-06-26

Abstract:Secure multi-party computation is a hot research topic in cryptography in recent years, and has become an important research direction in cryptography. This paper studies the millionaires’ problem in secure multi-party computation, and its essence is a comparison issue about the size of two encrypted data. Yao offered a solution to the millionaires’ problem, but his protocol can’t accurately compare two numbers. We improved Yao’s protocol and proposed two generic protocols to solve the millionaires’ problem. Our first protocol has one more round of communication between participants than Yao’s, but our protocol can accurately compare the size of two numbers. The second protocol improved the first protocol, and only one round of communication is needed to get accurate comparison results. Finally, we realized the second protocol based on RSA encryption algorithm, and analyze the security under the semi-honest model.

Computer Science

Xi Huang,Shi-Bin Zhang,Yan Chang,Min Hou,Wen Cheng

DOI: https://doi.org/10.1007/s10773-021-04915-9

2021-09-05

International Journal of Theoretical Physics

Abstract:In this paper, by using entanglement swapping of Bell states, an efficient quantum private comparison(QPC) protocol with a semi-honest party is proposed. The semi-honest third party (TP) is required to help two participants perform the comparison. She can record intermediate results and do some calculations in the whole process of the protocol execution, but she is not allowed to conspire with any participants. Moreover, TP cannot get two participants' privacy information except the comparison results. The security analysis shows that the proposed protocol can resist both outsider attacks and insider attacks. Compared with other similar QPC protocols, the proposed one needs neither unitary operations nor the entanglement swapping of multiparticle quantum states, and it only needs the entanglement swapping of Bell states, which makes it more practical. Since three-bit classical information could be compared in each comparison, the proposed protocol has a good performance in its efficiency.