Sylvain Chatel,Christian Knabenhans,Apostolos Pyrgelis,Carmela Troncoso,Jean-Pierre Hubaux

2024-06-04

Abstract:Homomorphic encryption, which enables the execution of arithmetic operations directly on ciphertexts, is a promising solution for protecting privacy of cloud-delegated computations on sensitive data. However, the correctness of the computation result is not ensured. We propose two error detection encodings and build authenticators that enable practical client-verification of cloud-based homomorphic computations under different trade-offs and without compromising on the features of the encryption algorithm. Our authenticators operate on top of trending ring learning with errors based fully homomorphic encryption schemes over the integers. We implement our solution in VERITAS, a ready-to-use system for verification of outsourced computations executed over encrypted data. We show that contrary to prior work VERITAS supports verification of any homomorphic operation and we demonstrate its practicality for various applications, such as ride-hailing, genomic-data analysis, encrypted search, and machine-learning training and inference.

Cryptography and Security

Kemal Akkaya,Soamar Homsi,Oscar G. Bautista

DOI: https://doi.org/10.1109/LCN52139.2021.9524971

2021-10-04

Abstract:With the increasing interest in Secure Multi-Party Computation protocols (MPC), there have been several works such as the SPDZ1 protocol that tackled this problem under a malicious security with dishonest majority attack model. However, most of these MPC efforts assume that the nodes running the computations are also supplying the inputs, which is not a realistic assumption for many real-life applications. In this paper, we extend the SPDZ protocol to enable clients outsource data and computation to the clouds while ensuring the correctness of the results, in addition to integrity and confidentiality of the input and output. We guarantee that the computation among nodes is done correctly by verifying their output’s Message Authentication Codes (MACs) at the end. Specifically, we delegate this task to an honest server. Our approach strives to minimize the burden on clients while enabling cheating detection even when assuming a malicious attack model with dishonest majority.

Engineering,Computer Science

Nikolaj Sidorenco,Sabine Oechsner,Bas Spitters

DOI: https://doi.org/10.1109/csf51468.2021.00050

2021-06-01

Abstract:Zero-knowledge proofs allow a prover to convince a verifier of the veracity of a statement without revealing any other information. An interesting class of zero-knowledge protocols are those following the MPC-in-the-head paradigm (Ishai et al., STOC ’07) which use secure multiparty computation (MPC) protocols as the basis. Efficient instances of this paradigm have emerged as an active research topic in the last years, starting with ZKBoo (Giacomelli et al., USENIX ’16). Zero-knowledge protocols are a vital building block in the design of privacy-preserving technologies as well as cryptographic primitives like digital signature schemes that provide post-quantum security. This work investigates the security of zero-knowledge protocols following the MPC-in-the-head paradigm. We provide the first machine-checked security proof of such a protocol on the example of ZKBoo. Our proofs are checked in the EasyCrypt proof assistant. To enable a modular security proof, we develop a new security notion for the MPC protocols used in MPC-in-the-head zero-knowledge protocols. This allows us to recast existing security proofs in a black-box fashion which we believe to be of independent interest.

Bingxue Zhang,Guangguang Lu,Pengpeng Qiu,Xumin Gui,Yang Shi

DOI: https://doi.org/10.3390/e25111550

IF: 2.738

2023-11-16

Entropy

Abstract:Federated learning, as one of the three main technical routes for privacy computing, has been widely studied and applied in both academia and industry. However, malicious nodes may tamper with the algorithm execution process or submit false learning results, which directly affects the performance of federated learning. In addition, learning nodes can easily obtain the global model. In practical applications, we would like to obtain the federated learning results only by the demand side. Unfortunately, no discussion on protecting the privacy of the global model is found in the existing research. As emerging cryptographic tools, the zero-knowledge virtual machine (ZKVM) and homomorphic encryption provide new ideas for the design of federated learning frameworks. We have introduced ZKVM for the first time, creating learning nodes as local computing provers. This provides execution integrity proofs for multi-class machine learning algorithms. Meanwhile, we discuss how to generate verifiable proofs for large-scale machine learning tasks under resource constraints. In addition, we implement the fully homomorphic encryption (FHE) scheme in ZKVM. We encrypt the model weights so that the federated learning nodes always collaborate in the ciphertext space. The real results can be obtained only after the demand side decrypts them using the private key. The innovativeness of this paper is demonstrated in the following aspects: 1. We introduce the ZKVM for the first time, which achieves zero-knowledge proofs (ZKP) for machine learning tasks with multiple classes and arbitrary scales. 2. We encrypt the global model, which protects the model privacy during local computation and transmission. 3. We propose and implement a new federated learning framework. We measure the verification costs under different federated learning rounds on the IRIS dataset. Despite the impact of homomorphic encryption on computational accuracy, the framework proposed in this paper achieves a satisfactory 90% model accuracy. Our framework is highly secure and is expected to further improve the overall efficiency as cryptographic tools continue to evolve.

physics, multidisciplinary

Chang Xu,Hongzhou Rao,Liehuang Zhu,Chuan Zhang,Kashif Sharif

DOI: https://doi.org/10.1007/s10586-024-04329-2

2024-03-16

Cluster Computing

Abstract:With the rapid development of cloud computing, clients and users with limited computing resources can outsource their computation-intensive tasks to the Cloud Service Providers (CSPs). However, as the CSPs are commercial in nature and aim to increase their profits, some security challenges are still attached to them. In this paper, we propose an efficient publicly verifiable computation scheme (EPVM) for large-scale matrix multiplication with privacy preservation. Based on the theory of discrete logarithm problem and the techniques of privacy-preserving matrix transformation, our scheme not only protects the privacy of the client's matrices but also significantly reduces the computation overhead on the client end as well as the CSP side. Our detailed security analysis and proofs show that the proposed scheme can achieve the established security requirements. The experimental evaluation also demonstrates that the proposed scheme works efficiently as compared to other existing solutions.

computer science, information systems, theory & methods

Sven Laur,Bingsheng Zhang

DOI: https://doi.org/10.1007/978-3-319-13257-0_9

2014-01-01

Abstract:Crypto-computing is a set of well-known techniques for computing with encrypted data. The security of the corresponding protocols are usually proven in the semi-honest model. In this work, we propose a new class of zero-knowledge proofs, which are tailored for cryptocomputing protocols. First, these proofs directly employ properties of the underlying crypto systems and thus many facts have more concise proofs compared to generic solutions. Second, we show how to achieve universal composability in the trusted set-up model where all zero-knowledge proofs share the same system-wide parameters. Third, we derive a new protocol for multiplicative relations and show how to combine it with several crypto-computing frameworks.

Muhammad Husni Santriaji,Jiaqi Xue,Qian Lou,Yan Solihin

2024-10-20

Abstract:Fully Homomorphic Encryption (FHE) allows computations to be performed directly on encrypted data without needing to decrypt it first. This "encryption-in-use" feature is crucial for securely outsourcing computations in privacy-sensitive areas such as healthcare and finance. Nevertheless, in the context of FHE-based cloud computing, clients often worry about the integrity and accuracy of the outcomes. This concern arises from the potential for a malicious server or server-side vulnerabilities that could result in tampering with the data, computations, and results. Ensuring integrity and verifiability with low overhead remains an open problem, as prior attempts have not yet achieved this goal. To tackle this challenge and ensure the verification of FHE's private computations on encrypted data, we introduce DataSeal, which combines the low overhead of the algorithm-based fault tolerance (ABFT) technique with the confidentiality of FHE, offering high efficiency and verification capability. Through thorough testing in diverse contexts, we demonstrate that DataSeal achieves much lower overheads for providing computation verifiability for FHE than other techniques that include MAC, ZKP, and TEE. DataSeal's space and computation overheads decrease to nearly negligible as the problem size increases.

Cryptography and Security

Yi Lu,Keisuke Hara,Keisuke Tanaka

DOI: https://doi.org/10.1109/access.2022.3197634

IF: 3.9

2022-09-04

IEEE Access

Abstract:A homomorphic encryption (HE) scheme is an advanced encryption technology which allows any user receiving ciphertexts to perform computations over them in a public manner. An important application of an HE scheme is a private delegating computation where clients encrypt their secret data, send the ciphertexts to a (computationally powerful) server who perform computations over encrypted data. In this application, one of the crucial problems is that the delegated server might be not trusted one and in this case, we cannot believe that a server always returns correct computation results. To solve this problem, Lai et al. (ESORICS 2014) proposed a verifiable homomorphic encryption (VHE) as a core primitive realizing private and verifiable secure delegating computation. However, their VHE scheme only supports homomorphic evaluation over ciphertexts generated by a single user. In this paper, we propose a formalization and its construction of multi-key verifiable homomorphic encryption (MVHE), which is a new cryptographic primitive for realizing private and verifiable delegated computation in the multi-client setting. Our construction can be obtained by combining a multi-key homomorphic encryption scheme and a multi-key homomorphic encrypted authentication scheme, which is also a new primitive provided in this work.

computer science, information systems,telecommunications,engineering, electrical & electronic

Sanket Kanjalkar,Ye Zhang,Shreyas Gandlur,Andrew Miller

DOI: https://doi.org/10.48550/arXiv.2107.04248

2021-07-09

Abstract:In recent years, multiparty computation as a service (MPCaaS) has gained popularity as a way to build distributed privacy-preserving systems. We argue that for many such applications, we should also require that the MPC protocol is publicly auditable, meaning that anyone can check the given computation is carried out correctly -- even if the server nodes carrying out the computation are all corrupt. In a nutshell, the way to make an MPC protocol auditable is to combine an underlying MPC protocol with verifiable computing proof (in particular, a SNARK). Building a general-purpose MPCaaS from existing constructions would require us to perform a costly "trusted setup" every time we wish to run a new or modified application. To address this, we provide the first efficient construction for auditable MPC that has a one-time universal setup. Despite improving the trusted setup, we match the state-of-the-art in asymptotic performance: the server nodes incur a linear computation overhead and constant round communication overhead compared to the underlying MPC, and the audit size and verification are logarithmic in the application circuit size. We also provide an implementation and benchmarks that support our asymptotic analysis in example applications. Furthermore, compared with existing auditable MPC protocols, besides offering a universal setup our construction also has a 3x smaller proof, 3x faster verification time and comparable prover time.

Cryptography and Security

Shimin Li,Xin Wang,Rui Zhang

DOI: https://doi.org/10.1007/978-3-319-94289-6_7

2018-01-01

Abstract:Homomorphic Message Authentication Code (MAC) allows a user to outsource data to an untrusted server and verify that results of computation on the data returned by the server are correct. Recently, much effort has been independently focused on whether a homomorphic MAC scheme supports data confidentiality or the authenticators can be efficiently verified. In this paper, we address the question of whether it is possible for homomorphic MAC to simultaneously achieve both the privacy and the efficiency . The answer is affirmative and we propose a new cryptographic primitive, privacy-preserving homomorphic MACs with efficient verification that can guarantee the authenticator can not reveal the underlying message. More precisely, our contributions are three-fold: ( i ) we introduce the primitive of privacy-preserving homomorphic MAC (PHMAC) that provides both data confidentiality and efficient verification, ( ii ) We provide a PHMAC construction which supports homogeneous polynomials, and demonstrate it shows high efficiency, ( iii ) We investigate how our PHMAC primitive with efficient verification can be employed to homomorphic authenticator-encryption and verifiable computation.

Claude Crépeau,John Stuart

2023-04-20

Abstract:A Zero-Knowledge Protocol (ZKP) allows one party to convince another party of a fact without disclosing any extra knowledge except the validity of the fact. For example, it could be used to allow a customer to prove their identity to a potentially malicious bank machine without giving away private information such as a personal identification number. This way, any knowledge gained by a malicious bank machine during an interaction cannot be used later to compromise the client's banking account. An important tool in many ZKPs is bit commitment, which is essentially a digital way for a sender to put a message in a lock-box, lock it, and send it to the receiver. Later, the key is sent for the receiver to open the lock box and read the message. This way, the message is hidden from the receiver until they receive the key, and the sender is unable to change their mind after sending the lock box. In this paper, the homomorphic properties of a particular multi-party commitment scheme are exploited to allow the receiver to perform operations on commitments, resulting in polynomial time ZKPs for two NP-Complete problems: the Subset Sum Problem and 3SAT. These ZKPs are secure with no computational restrictions on the provers, even with shared quantum entanglement. In terms of efficiency, the Subset Sum ZKP is competitive with other practical quantum-secure ZKPs in the literature, with less rounds required, and fewer computations.

Quantum Physics,Cryptography and Security

Xuejian Zhang,Yan Chang,Lin Zeng,Weifeng Xue,Lili Yan,Shibin Zhang

DOI: https://doi.org/10.1088/2058-9565/ad749a

IF: 6.568

2024-09-12

Quantum Science and Technology

Abstract:Due to the stringent hardware requirements and high cost, quantum computing as a service (QCaaS) is currently the main way to output quantum computing capabilities. However, the current QCaaS has significant shortcomings in privacy protection. The existing researches mainly focus on dataset privacy in some specific quantum machine learning algorithms, and there is no general and comprehensive research on privacy protection for dataset, parameter sets and algorithm models. To solve this problem, this paper defines the concept of generalized quantum homomorphic encryption and pioneers a novel method termed quantum circuit equivalence homomorphic encryption (QCEHE), aiming at protecting the privacy of the complete quantum circuits—encompassing data, parameters, and model. Based on QCEHE, a privacy protection scheme and its approximate implementation called quantum circuit equivalent substitution algorithm are proposed for any quantum algorithm, which can encrypt the complete quantum circuit on a classical computer, ensuring that the encrypted quantum circuit is physically equivalent to the original one, and does not reveal data holders' privacy (data, parameters and model). By theoretical derivation, we prove that the proposed solution can effectively execute any quantum algorithm while protecting privacy. By applying the proposed solution to the privacy protection of the Harrow–Hassidim–Lloyd algorithm and the variational quantum classifier algorithm, the results showed that the accuracy rate before and after encryption are almost the same, which means that the proposed solution can effectively protect the privacy of data holders without impacting the usability and accuracy.

physics, multidisciplinary,quantum science & technology

Helene Haagh,Aleksandr Karbyshev,Sabine Oechsner,Bas Spitters,Pierre-Yves Strub

DOI: https://doi.org/10.1109/csf.2018.00016

2018-07-01

Abstract:Secure multi-party computation (MPC) is a general cryptographic technique that allows distrusting parties to compute a function of their individual inputs, while only revealing the output of the function. It has found applications in areas such as auctioning, email filtering. and secure teleconference. Given their importance, it is crucial that the protocols are specified and implemented correctly. In the programming language community, it has become good practice to use computer proof assistants to verify correctness proofs. In the field of cryptography, EasyCrypt is the state of the art proof assistant. It provides an embedded language for probabilistic programming, together with a specialized logic, embedded into an ambient general purpose higher-order logic. It allows us to conveniently express cryptographic properties. EasyCrypt has been used successfully on many applications, including public-key encryption, signatures, garbled circuits and differential privacy. Here we show for the first time that it can also be used to prove security of MPC against a malicious adversary. We formalize additive and replicated secret sharing schemes and apply them to Maurer's MPC protocol for secure addition and multiplication. Our method extends to general polynomial functions. We follow the insights from EasyCrypt that security proofs can often be reduced to proofs about program equivalence, a topic that is well understood in the verification of programming languages. In particular, we show that for a class of MPC protocols in the passive case the non-interference-based (NI) definition is equivalent to a standard simulation-based security definition. For the active case, we provide a new non-interference based alternative to the usual simulation-based cryptographic definition that is tailored specifically to our protocol.

Xiong Li,Jiabei He,Pandi Vijayakumar,Xiaosong Zhang,Victor Chang,P. Vijayakumar

DOI: https://doi.org/10.1109/tii.2021.3110808

IF: 12.3

2021-01-01

IEEE Transactions on Industrial Informatics

Abstract:As a highly integrated industrial system, human cyber-physical systems (HCPSs) provide accurate and high-quality services for Industry 5.0. In HCPSs, machine learning (ML) prediction provides reliable prediction results for users based on matured models, while security and privacy protection are considerable issues. In this article, based on the modified Okamoto–Uchiyama homomorphic encryption, we propose a verifiable privacy-preserving machine learning prediction scheme for the edge-enhanced HCPSs, which outputs the verifiable prediction results for users without privacy leakage. Specifically, a batch of prediction results can be verified at one time, which improves the efficiency of verification. Security analysis shows that our scheme protects the privacy of inputs, ML model, and prediction results. The experiment results demonstrate that the edge computing architecture remarkably alleviates the computational burden of the cloud server. Furthermore, compared with other related schemes, our scheme shows the best execution efficiency, and batch verification optimizes the performance by about 15% compared with single verification on the same scale.

automation & control systems,computer science, interdisciplinary applications,engineering, industrial

Liang Zhao,Liqun Chen

DOI: https://doi.org/10.1109/tcc.2019.2922344

IF: 5.697

2020-10-01

IEEE Transactions on Cloud Computing

Abstract:Privacy-preserving verifiable (outsourced) computation (PPVC) is a useful technique for a resource-constrained client to outsource computationally heavy but sensitive tasks to a computationally powerful but untrusted worker and to obtain expected correct results from the worker. In this paper, we analyze the privacy property of three matrix masking-based PPVC protocols, which have recently been published in IEEE Transactions on Cloud Computing [2] , [3] . To do this, we present a formal definition of a privacy model for a PPVC protocol (see Definition 1 ), and then prove that neither of those three PPVC protocols holds privacy under this model. We also review the comments by Cao et al. [1] on two of the three protocols and show an issue in their comments.

computer science, information systems, theory & methods

Qi Wang,Dehua Zhou,Yanling Li

DOI: https://doi.org/10.48550/arXiv.1812.00599

2018-12-03

Cryptography and Security

Abstract:With the rapid development of cloud computing, the privacy security incidents occur frequently, especially data security issues. Cloud users would like to upload their sensitive information to cloud service providers in encrypted form rather than the raw data, and to prevent the misuse of data. The main challenge is to securely process or analyze these encrypted data without disclosing any useful information, and to achieve the rights management efficiently. In this paper, we propose the encrypted data processing protocols for cloud computing by utilizing additively homomorphic encryption and proxy cryptography. For the traditional homomorphic encryption schemes with many limitations, which are not suitable for cloud computing applications. We simulate a cloud computing scenario with flexible access control and extend the original homomorphic cryptosystem to suit our scenario by supporting various arithmetical calculations. We also prove the correctness and security of our protocols, and analyze the advantages and performance by comparing with some latest works.

ZhenHua Chen,WeiGuo Zhang,ShunDong Li,DaoShun Wang,Qiong Huang

DOI: https://doi.org/10.3969/j.issn.0372-2112.2017.05.013

2017-01-01

Tien Tzu Hsueh Pao/Acta Electronica Sinica

Abstract:Secure multiparty computation of set membership is significant to privacy-preserving data mining,data query,etc.In this paper,we first transform the original problem into the one-time evaluation problem for polynomial,and then construct four protocols.We design the trivial protocol 1 using homomorphic encryption and construct the efficient protocol 2 using discrete logarithm instead of encryption,which is very concise.Lastly,according to the different application scenarios,we also propose protocol 3 and protocol 4:the former can be used to outsource computation in cloud computing environment;the latter can be used for public secure computation against repudiation.The analysis and comparison show that our protocols are more efficient and concise than previously known.

Renke He,Lingli Chen,Qin Li,Xiaoqing Tan,Lv Chen

DOI: https://doi.org/10.1088/2058-9565/ad7a9c

IF: 6.568

2024-09-14

Quantum Science and Technology

Abstract:Quantum homomorphic encryption (QHE) can allow directly computation on the encrypted data without need to decrypt it in advance. It is also necessary to provide another property of verifiability that the client should verify whether the evaluation result is correct. However, most existing QHE schemes do not consider it and only assume servers to be honest. In this paper, we propose a verifiable QHE (vQHE) scheme by using different types of circuits indistinguishable to the server, where the client can detect whether the server is honest or not by verifying the results of test circuits. Furthermore, by designing the gadgets to implement and test T gates and H gates in a non-interactive way for the used circuits, the proposed vQHE scheme does not require interaction during the process of evaluation. Thus the proposed vQHE scheme has the potential to make clients prefer to use it for protecting their private data in future quantum cloud environments.

physics, multidisciplinary,quantum science & technology

Philipp Binfet,Nils Schlüter,Moritz Schulze Darup

2023-11-09

Abstract:Control related data, such as system states and inputs or controller specifications, is often sensitive. Meanwhile, the increasing connectivity of cloud-based or networked control results in vast amounts of such data, which poses a privacy threat, especially when evaluation on external platforms is considered. In this context, a cipher based on a random affine transformation gained attention, which is supposed to enable privacy-preserving evaluations of quadratic programs (QPs) with little computational overhead compared to other methods. This paper deals with the security of such randomly transformed QPs in the context of model predictive control (MPC). In particular, we show how to construct attacks against this cipher and thereby underpin concerns regarding its security in a practical setting. To this end, we exploit invariants under the transformations and common specifications of MPC-related QPs. Our numerical examples then illustrate that these two ingredients suffice to extract information from ciphertexts.

Systems and Control

Chenfei Hu,Chuan Zhang,Dian Lei,Tong Wu,Ximeng Liu,Liehuang Zhu

DOI: https://doi.org/10.1109/TIFS.2023.3283104

2023-01-01

Abstract:With the proliferation of machine learning, the cloud server has been employed to collect massive data and train machine learning models. Several privacy-preserving machine learning schemes have been suggested recently to guarantee data and model privacy in the cloud. However, these schemes either mandate the involvement of the data owner in model training or utilize high-cost cryptographic techniques, resulting in excessive computational and communication overheads. Furthermore, none of the existing work considers the malicious behavior of the cloud server during model training. In this paper, we propose the first privacy-preserving and verifiable support vector machine training scheme by employing a two-cloud platform. Specifically, based on the homomorphic verification tag, we design a verification mechanism to enable verifiable machine learning training. Meanwhile, to improve the efficiency of model training, we combine homomorphic encryption and data perturbation to design an efficient multiplication operation for the encryption domain. A rigorous theoretical analysis demonstrates the security and reliability of our scheme. The experimental results indicate that our scheme can reduce computational and communication overheads by at least 43.94% and 99.58%, respectively, compared to state-of-the-art SVM training methods.