Skip to main content
SpringerLink
Log in
Book cover

Towards Hardware-Intrinsic Security pp 367–386Cite as

Efficient Secure Two-Party Computation with Untrusted Hardware Tokens (Full Version)*

  • Chapter
  • First Online:

Part of the book series: Information Security and Cryptography ((ISC))

Abstract

Secure and efficient evaluation of arbitrary functions on private inputs has been subject of cryptographic research for decades. In particular, the following scenario appears in a variety of practical applications: a service provider (server \(\mathcal{S}\)) and user (client \(\mathcal{C}\)) wish to compute a function f on their respective private data, without incurring the expense of a trusted third party. This can be solved interactively using Secure Function Evaluation (SFE) protocols, for example, using the very efficient garbled circuit (GC) approach [23, 36]. However, GC protocols potentially require a large amount of data to be transferred between \(\mathcal{S}\) and \(\mathcal{C}\). This is because f needs to be encrypted (garbled) as \(\widetilde{f}\) and transferred from \(\mathcal{S}\) to \(\mathcal{C}\).

*A short version of this chapter appears at FC’10 [18].

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    In some cases, the impact can be mitigated by creating and transferring GCs in the precomputation phase. However, this is not fully satisfactory. First, even more data needs to be transferred since demand cannot be perfectly predicted. Further, this creates other problems, such as requiring large long-term storage on client devices.

  2. 2.

    Note, if \(\mathcal{C}\) in fact trusts \(\mathcal{T}\) to behave honestly, then there exists a trivial solution, where \(\mathcal{C}\) would let \(\mathcal{T}\) compute the function on her inputs [16].

  3. 3.

    If needed, \(\mathcal{C}\)’s capabilities may be enhanced by using a trusted hardware accelerator.

  4. 4.

    \(\mathcal{T}\)’s key k is a fixed part of its circuit and is kept even without non-volatile storage.

References

  1. W. Aiello, Y. Ishai, O. Reingold, Priced oblivious transfer: How to sell digital goods. in Advances in Cryptology – EUROCRYPT’01. Lecture Notes in Computer Science, vol. 2045 (Springer-Verlag, Berlin, Heidelberg, New York, NY, 2001), pp. 119–135

    Google Scholar 

  2. M. Barni, P. Failla, V. Kolesnikov, R. Lazzeretti, A.R. Sadeghi, T. Schneider, in Secure Evaluation of Private Linear Branching Programs with Medical Applications. European Symposium on Research in Computer Security (ESORICS’09). Lecture Notes in Computer Science, vol. 5789 (Springer, Saint-Malo, France, 21–23 Sept 2009), pp. 424–439

    Google Scholar 

  3. C.L. Berman, Circuit width, register allocation, and ordered binary decision diagrams. IEEE Trans. CAD 10(8), 1059–1066 (1991)

    Google Scholar 

  4. R. Canetti, Y. Lindell, R. Ostrovsky, A. Sahai, in Universally Composable Two-party and Multi-party Secure Computation. ACM Symposium on Theory of Computing (STOC’02), Montréal, Québec, Canada, 19–21 May 2002, pp. 494–503

    Google Scholar 

  5. D. Canright, in A Very Compact S-box for AES. Cryptographic Hardware and Embedded Systems (CHES’05), Edinburgh, UK, 29 Aug–1 Sept 2005. Lecture Notes in Computer Science, vol. 3659 (Springer, 2005), pp. 441–456

    Google Scholar 

  6. G.J. Chaitin, M.A. Auslander, A.K. Chandra, J. Cocke, M.E. Hopkins, P.W. Markstein, Register allocation via coloring. Comput. Lang. 6(1), 47–57 (1981)

    Article  Google Scholar 

  7. N. Chandran, V. Goyal, A. Sahai, New constructions for UC secure computation using tamper-proof hardware. in Advances in Cryptology – EUROCRYPT’08, Istanbul, Turkey, 13–17 Apr 2008. Lecture Notes in Computer Science, vol. 4965 (Springer, 2008), pp. 545–562

    Google Scholar 

  8. I. Damgård, J.B. Nielsen, D. Wichs, in Universally Composable Multiparty Computation with Partially Isolated Parties. Theory of Cryptography (TCC’09), San Francisco, CA, USA, 15–17 Mar 2009. Lecture Notes in Computer Science vol. 5444 (Springer, 2009), pp. 315–331

    Google Scholar 

  9. M. Feldhofer, J. Wolkerstorfer, in Strong Crypto for RFID Tags — A Comparison of Low-Power Hardware Implementations. International Symposium on Circuits and Systems (ISCAS’07) (IEEE Computer Society, 2007), pp. 1839–1842

    Google Scholar 

  10. M. Fort, F.C. Freiling, L.D. Penso, Z. Benenson, D. Kesdogan, in Trustedpals: Secure Multiparty Computation Implemented with Smart Cards. European Symposium on Research in Computer Security (ESORICS’06), Hamburg, Germany, 18–20 Sept 2006. Lecture Notes in Computer Science, vol. 4189 (Springer, 2006), pp. 34–48

    Google Scholar 

  11. Google Health (2009). https://www.google.com/health

  12. V. Goyal, P. Mohassel, A. Smith, Efficient two party and multi party computation against covert adversaries. in Advances in Cryptology – EUROCRYPT’08, Istanbul, Turkey, 13–17 Apr 2008. Lecture Notes in Computer Science, vol. 4965 (Springer, 2008), pp. 289–306

    Google Scholar 

  13. V. Gunupudi, S. Tate, in Generalized Non-interactive Oblivious Transfer Using Count-Limited Objects with Applications to Secure Mobile Agents. Financial Cryptography and Data Security (FC’08), Cozumel, Mexico, 28–31 Jan 2008. Lecture Notes in Computer Science, vol. 5143 (Springer, 2008), pp. 98–112

    Google Scholar 

  14. C. Hazay, Y. Lindell, in Constructions of Truly Practical Secure Protocols Using Standard Smartcards. ACM Conference on Computer and Communications Security (CCS’08) (ACM, New York, NY, USA 2008), pp. 491–500

    Google Scholar 

  15. D. Hofheinz, J. Müller-Quade, D. Unruh, in Universally Composable Zero-Knowledge Arguments and Commitments from Signature Cards. Central European Conference on Cryptology (MoraviaCrypt’05), Brno, The Czech Republic, 15–17 June 2005

    Google Scholar 

  16. A. Iliev, S. Smith, More Efficient Secure Function Evaluation Using Tiny Trusted Third Parties. Technical Report TR2005-551, Dartmouth College, Computer Science, Hanover, NH (2005). http://www.cs.dartmouth.edu/reports/TR2005-551.pdf

  17. Y. Ishai, J. Kilian, K. Nissim, E. Petrank, Extending oblivious transfers efficiently. in Advances in Cryptology – CRYPTO’03. Lecture Notes in Computer Science, vol. 2729 (Springer-Verlag, Berlin, Heidelberg, New York, NY 2003) pp. 145–161

    Google Scholar 

  18. K. Järvinen, V. Kolesnikov, A.-R. Sadeghi, T. Schneider, in Embedded SFE: Offloading Server and Network Using Hardware Tokens. In 14th International Conference on Financial Cryptography and Data Security (FC’10). Lecture Notes in Computer Science vol. 6052 (Springer, Jan 2010) pp. 207–221

    Google Scholar 

  19. J. Katz, Universally composable multi-party computation using tamper-proof hardware. in Advances in Cryptology – EUROCRYPT’07, Barcelona, Spain, 20–24 May 2007. Lecture Notes in Computer Science, vol. 4515 (Springer, 2007), pp. 115–128

    Google Scholar 

  20. V. Kolesnikov, T. Schneider, in Improved Garbled Circuit: Free XOR Gates and Applications. International Colloquium on Automata, Languages and Programming (ICALP’08), Reykjavik, Iceland, 6–13 July 2008. Lecture Notes in Computer Science, vol. 5126 (Springer, 2008), pp. 486–498

    Google Scholar 

  21. H. Krawczyk, M. Bellare, R. Canetti, HMAC: Keyed-hashing for message authentication. RFC 2104 (Informational), (1997). http://tools.ietf.org/html/rfc2104

  22. Y. Lindell, B. Pinkas, An efficient protocol for secure two-party computation in the presence of malicious adversaries. in Advances in Cryptology – EUROCRYPT’07 Barcelona, Spain, 20–24 May 2007. Lecture Notes in Computer Science, vol. 4515 (Springer, 2007), pp. 52–78

    Google Scholar 

  23. Y. Lindell, B. Pinkas, A proof of Yao’s protocol for secure two-party computation. J. Cryptol. 22(2), 161–188 (2009). Cryptology ePrint Archive, Report 2004/175, http://eprint.iacr.org

    Article  MathSciNet  MATH  Google Scholar 

  24. Y. Lindell, B. Pinkas, N. Smart, in Implementing Two-party Computation Efficiently with Security Against Malicious Adversaries. Security and Cryptography for Networks (SCN’08), Amalfi, Italy, 10–12 Sept 2008. Lecture Notes in Computer Science, vol. 5229 (Springer, 2008), pp. 2–20

    Google Scholar 

  25. D. Malkhi, N. Nisan, B. Pinkas, Y. Sella, in Fairplay — A Secure Two-party Computation System. USENIX Security Symposium (Security’04), San Diego, CA, USA, 9–13 Aug 2004 (USENIX Association, 2004)

    Google Scholar 

  26. T. Moran, G. Segev, David and goliath commitments: UC computation for asymmetric parties using tamper-proof hardware. in Advances in Cryptology – EUROCRYPT’08, Istanbul, Turkey, 13–17 Apr 2008. Lecture Notes in Computer Science, vol. 4965 (Springer, 2008), pp. 527–544

    Google Scholar 

  27. M. Naor, B. Pinkas, in Efficient Oblivious Transfer Protocols. ACM-SIAM Symposium On Discrete Algorithms (SODA’01), Washington, DC, USA, 7–9 Jan 2001. (Society for Industrial and Applied Mathematics, 2001), pp. 448–457

    Google Scholar 

  28. NIST, U.S. National Institute of Standards and Technology: Federal information processing standards (FIPS 197). Advanced Encryption Standard (AES) (2001). http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf

  29. NIST, U.S. National Institute of Standards and Technology: Federal information processing standards (FIPS 180-2). Announcing the Secure Hash Standard (2002). http://csrc.nist.gov/publications/fips/fips180-2/fips-180-2.pdf

  30. B. Pinkas, T. Schneider, N.P. Smart, S.C. Williams, Secure two-party computation is practical. in Advances in Cryptology – ASIACRYPT 2009, Tokyo, Japan, 6–10 Dec 2009. Lecture Notes in Computer Science, vol. 5912 (Springer, 2009), pp. 250–267

    Google Scholar 

  31. C.E. Shannon, The synthesis of two-terminal switching circuits. Bell Syst. Tech. J. 28(1), 59–98 (1949)

    MathSciNet  Google Scholar 

  32. J. Song, R. Poovendran, J. Lee, T. Iwata, The AES-CMAC Algorithm. RFC 4493 (Informational) (2006). http://tools.ietf.org/html/rfc4493

  33. Y.N. Srikant, P. Shankar (eds.), The Compiler Design Handbook: Optimizations and Machine Code Generation (CRC Press, Boca Raton, FL, 2002)

    Google Scholar 

  34. S. Tate, R. Vishwanathan, in Improving Cut-and-Choose in Verifiable Encryption and Fair Exchange Protocols Using Trusted Computing Technology. Data and Applications Security (DBSec’09), Concordia University, Montreal, Canada, 12–15 July 2009. Lecture Notes in Computer Science, vol. 5645 (Springer, 2009), pp. 252–267

    Google Scholar 

  35. B.C.H. Turton, Extending Quine-McCluskey for exclusive-or logic synthesis. IEEE Trans. Educ. 39, 81–85 (1996)

    Article  Google Scholar 

  36. A.C. Yao, in How to Generate and Exchange Secrets. IEEE Symposium on Foundations of Computer Science (FOCS’86), Toronto, Canada, 27–29 Oct 1986 (IEEE, 1986), pp. 162–167

    Google Scholar 

Download references

Acknowledgments

We would like to thank Wilko Henecka for preparing test circuits and Ivan Damgård and reviewers of FC’10 for their helpful comments. The first author was supported by EU FP7 project CACE. The third and fourth authors were supported by EU FP6 project SPEED, EU FP7 project CACE, and ECRYPT II.

Author information

Authors and Affiliations

  1. Department of Information and Computer Science, Aalto University, Aalto, Finland

    Kimmo Järvinen

  2. Alcatel-Lucent Bell Laboratories, Murray Hill, NJ, 07974, USA

    Vladimir Kolesnikov

  3. Horst Görtz Institute for IT Security, Ruhr-University Bochum, Bochum, Germany

    Ahmad-Reza Sadeghi & Thomas Schneider

Authors
  1. Kimmo Järvinen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vladimir Kolesnikov
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ahmad-Reza Sadeghi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Thomas Schneider
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Thomas Schneider .

Editor information

Editors and Affiliations

  1. Horst Görtz Institut für, Sicherheit in der, Universität Bochum, Universitätsstr. 150, Bochum, 44780, Germany

    Ahmad-Reza Sadeghi

  2. Département d'informatique, Groupe de cryptographie, École normale supérieure, rue d'Ulm 45, Paris, 75230, France

    David Naccache

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Järvinen, K., Kolesnikov, V., Sadeghi, AR., Schneider, T. (2010). Efficient Secure Two-Party Computation with Untrusted Hardware Tokens (Full Version)*. In: Sadeghi, AR., Naccache, D. (eds) Towards Hardware-Intrinsic Security. Information Security and Cryptography. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14452-3_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-14452-3_17

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-14451-6

  • Online ISBN: 978-3-642-14452-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation