Secure Two-Party Computation with Reusable Bit-Commitments, via a Cut-and-Choose with Forge-and-Lose Technique

Brandão, Luís T. A. N.

doi:10.1007/978-3-642-42045-0_23

Cited by 25 publications

(8 citation statements)

References 42 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Previous reusable garbled-circuit schemes include that of Brandão [5], which uses homomorphic encryption, Gentry et al [10], which uses attribute-based functional encryption, and Goldwasser et al [13], which introduces a succinct functional encryption scheme. These previous works are purely theoretical; none of them provides experimental performance analysis.…”

Section: Commit Cut-and-choose Vs Ot Cut-and-choosementioning

confidence: 99%

“…Through the use of improved input validation mechanisms proposed by shelat and Shen [38] (hereon sS13) and new methods of partial input gate checks and evaluation, we improve on previous proposals. There are other approaches to the creation of reusable garbled circuits [13,10,5], and previous work on reusing encrypted values in the ORAM model [30,11,31], but these earlier schemes have not been implemented. By contrast, we have implemented our scheme and found it to be both practical and efficient; we provide a performance analysis and a sample application to illustrate its feasibility (Section 6), as well as a simplified example execution (Appendix C).…”

Section: Introductionmentioning

confidence: 98%

See 1 more Smart Citation

Reuse It Or Lose It

Mood

Gupta

Butler

et al. 2014

Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

View full text Add to dashboard Cite

Two-party secure-function evaluation (SFE) has become significantly more feasible, even on resource-constrained devices, because of advances in server-aided computation systems. However, there are still bottlenecks, particularly in the input-validation stage of a computation. Moreover, SFE research has not yet devoted sufficient attention to the important problem of retaining state after a computation has been performed so that expensive processing does not have to be repeated if a similar computation is done again. This paper presents PartialGC, an SFE system that allows the reuse of encrypted values generated during a garbled-circuit computation. We show that using PartialGC can reduce computation time by as much as 96% and bandwidth by as much as 98% in comparison with previous outsourcing schemes for secure computation. We demonstrate the feasibility of our approach with two sets of experiments, one in which the garbled circuit is evaluated on a mobile device and one in which it is evaluated on a server. We also use PartialGC to build a privacy-preserving "friend-finder" application for Android. The reuse of previous inputs to allow stateful evaluation represents a new way of looking at SFE and further reduces computational barriers.

show abstract

Section: Commit Cut-and-choose Vs Ot Cut-and-choosementioning

confidence: 99%

Section: Introductionmentioning

confidence: 98%

Reuse It Or Lose It

Mood

Gupta

Butler

et al. 2014

Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security

View full text Add to dashboard Cite

show abstract

“…The needed commitments can be obtained by a specialized S2PC protocol that directly provides commitments of the inputs and outputs of both parties (e.g., [6]). However, in the interest of generality, below we also propose an alternative applicable to any generic S2PC protocol of Boolean circuits.…”

Section: Initial Intuitionmentioning

confidence: 99%

Toward Mending Two Nation-Scale Brokered Identification Systems

Brandão

Christin

Danezis

2015

Proceedings on Privacy Enhancing Technologies

Self Cite

View full text Add to dashboard Cite

Available online public/governmental services requiring authentication by citizens have considerably expanded in recent years. This has hindered the usability and security associated with credential management by users and service providers. To address the problem, some countries have proposed nation-scale identification/authentication systems that intend to greatly reduce the burden of credential management, while seemingly offering desirable privacy benefits. In this paper we analyze two such systems: the Federal Cloud Credential Exchange (FCCX) in the United States and GOV.UK Verify in the United Kingdom, which altogether aim at serving more than a hundred million citizens. Both systems propose a brokered identification architecture, where an online central hub mediates user authentications between identity providers and service providers. We show that both FCCX and GOV.UK Verify suffer from serious privacy and security shortcomings, fail to comply with privacy-preserving guidelines they are meant to follow, and may actually degrade user privacy. Notably, the hub can link interactions of the same user across different service providers and has visibility over private identifiable information of citizens. In case of malicious compromise it is also able to undetectably impersonate users. Within the structural design constraints placed on these nation-scale brokered identification systems, we propose feasible technical solutions to the privacy and security issues we identified. We conclude with a strong recommendation that FCCX and GOV.UK Verify be subject to a more in-depth technical and public review, based on a defined and comprehensive threat model, and adopt adequate structural adjustments.

show abstract

“…Over the last decade several solutions to the above issues have been proposed, along with dramatic efficiency improvements for secure 2PC protocols based on the cut-and-choose approach of garbled circuits [4], [18], [32], [36], [39], [40], [42], [48], [50], [51], [53], [58], [64], [66], [67], [69]. Finally we note for completeness that secure computation has also been studied in great detail for many other settings, including the more general multi-party case (MPC).…”

Section: Introductionmentioning

confidence: 99%

Constant Round Maliciously Secure 2PC with Function-independent Preprocessing using LEGO

Nielsen

Schneider

Trifiletti

2017

Proceedings 2017 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Secure two-party computation (S2PC) allows two parties to compute a function on their joint inputs while leaking only the output of the function. At TCC 2009 Orlandi and Nielsen proposed the LEGO protocol for maliciously secure 2PC based on cut-and-choose of Yao's garbled circuits at the gate level and showed that this is asymptotically more efficient than on the circuit level. Since then the LEGO approach has been improved upon in several theoretical works, but never implemented. In this paper we describe further concrete improvements and provide the first implementation of a protocol from the LEGO family. Our protocol has a constant number of rounds and is optimized for the offline/online setting with function-independent preprocessing. We have benchmarked our prototype and find that our protocol can compete with all existing implementations and that it is often more efficient. As an example, in a LAN setting we can evaluate an AES-128 circuit with online latency down to 1.13 ms, while if evaluating 128 AES-128 circuits in parallel the amortized cost is 0.09 ms per AES-128. This online performance does not come at the price of offline inefficiency as we achieve comparable performance to previous, less general protocols, and significantly better if we ignore the cost of the function-independent preprocessing. Also, as our protocol has an optimal 2-round online phase it is significantly more efficient than previous protocols when considering a high latency network.

show abstract

Secure Two-Party Computation with Reusable Bit-Commitments, via a Cut-and-Choose with Forge-and-Lose Technique

Cited by 25 publications

References 42 publications

Reuse It Or Lose It

Reuse It Or Lose It

Toward Mending Two Nation-Scale Brokered Identification Systems

Constant Round Maliciously Secure 2PC with Function-independent Preprocessing using LEGO

Contact Info

Product

Resources

About