Secure Evaluation of Private Linear Branching Programs with Medical Applications

  • Mauro Barni
  • Pierluigi Failla
  • Vladimir Kolesnikov
  • Riccardo Lazzeretti
  • Ahmad-Reza Sadeghi
  • Thomas Schneider
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5789)


Diagnostic and classification algorithms play an important role in data analysis, with applications in areas such as health care, fault diagnostics, or benchmarking. Branching programs (BP) is a popular representation model for describing the underlying classification/diagnostics algorithms. Typical application scenarios involve a client who provides data and a service provider (server) whose diagnostic program is run on client’s data. Both parties need to keep their inputs private.

We present new, more efficient privacy-protecting protocols for remote evaluation of such classification/diagnostic programs. In addition to efficiency improvements, we generalize previous solutions – we securely evaluate private linear branching programs (LBP), a useful generalization of BP that we introduce. We show practicality of our solutions: we apply our protocols to the privacy-preserving classification of medical ElectroCardioGram (ECG) signals and present implementation results. Finally, we discover and fix a subtle security weakness of the most recent remote diagnostic proposal, which allowed malicious clients to learn partial information about the program.


Attribute Vector Decision Node Secure Evaluation Homomorphic Encryption Oblivious Transfer 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Acharya, U.R., Suri, J., Spaan, J.A.E., Krishnan, S.M.: Advances in Cardiac Signal Processing, ch. 8. Springer, Heidelberg (2007)CrossRefzbMATHGoogle Scholar
  2. 2.
    Aiello, W., Ishai, Y., Reingold, O.: Priced oblivious transfer: How to sell digital goods. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 119–135. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  3. 3.
    Barni, M., Failla, P., Kolesnikov, V., Lazzeretti, R., Sadeghi, A.-R., Schneider, T.: Secure evaluation of private linear branching programs with medical applications (Full Version). Cryptology ePrint Archive, Report 2009/195 (2009)Google Scholar
  4. 4.
    Brickell, J., Porter, D.E., Shmatikov, V., Witchel, E.: Privacy-preserving remote diagnostics. In: ACM CCS 2007, pp. 498–507. ACM Press, New York (2007)Google Scholar
  5. 5.
    Brickell, J., Shmatikov, V.: Privacy-preserving classifier learning. In: FC 2009. LNCS. Springer, Heidelberg (2009)Google Scholar
  6. 6.
    Chang, Y.-C., Lu, C.-J.: Oblivious polynomial evaluation and oblivious neural learning. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 369–384. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  7. 7.
    Damgård, I., Jurik, M.: A generalisation, a simplification and some applications of paillier’s probabilistic public-key system. In: Kim, K.-c. (ed.) PKC 2001. LNCS, vol. 1992, pp. 119–136. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Delany, S.J., Cunningham, P., Doyle, D., Zamolotskikh, A.: Generating estimates of classification confidence for a case-based spam filter. In: Muñoz-Ávila, H., Ricci, F. (eds.) ICCBR 2005. LNCS (LNAI), vol. 3620, pp. 177–190. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  9. 9.
    Ge, D.F., Srinivasan, N., Krishnan, S.M.: Cardiac arrhythmia classification using autoregressive modeling. BioMedical Engineering OnLine 1(1), 5 (2002)CrossRefGoogle Scholar
  10. 10.
    Giry, D., Quisquater, J.-J.: Cryptographic key length recommendation (March 2009),
  11. 11.
    Google Health (2009),
  12. 12.
    Ha, J., Rossbach, C.J., Davis, J.V., Roy, I., Ramadan, H.E., Porter, D.E., Chen, D.L., Witchel, E.: Improved error reporting for software that uses black-box components. In: Programming Language Des. and Impl (PLDI 2007). ACM Press, New York (2007)Google Scholar
  13. 13.
    Ishai, Y., Kilian, J., Nissim, K., Petrank, E.: Extending oblivious transfers efficiently. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 145–161. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  14. 14.
    Ishai, Y., Paskin, A.: Evaluating branching programs on encrypted data. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 575–594. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  15. 15.
    Jarecki, S., Shmatikov, V.: Efficient two-party secure computation on committed inputs. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 97–114. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  16. 16.
    Kilian, J.: Founding cryptography on oblivious transfer. In: ACM Symposium on Theory of Comp. (STOC 1988), pp. 20–31. ACM Press, New York (1988)Google Scholar
  17. 17.
    Kolesnikov, V., Schneider, T.: Improved garbled circuit: Free XOR gates and applications. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 486–498. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  18. 18.
    Kolesnikov, V., Schneider, T.: A practical universal circuit construction and secure evaluation of private functions. In: Tsudik, G. (ed.) FC 2008. LNCS, vol. 5143, pp. 83–97. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  19. 19.
    Kruger, L., Jha, S., Goh, E.-J., Boneh, D.: Secure function evaluation with ordered binary decision diagrams. In: ACM CCS 2006, pp. 410–420. ACM Press, New York (2006)Google Scholar
  20. 20.
    Lindell, Y., Pinkas, B.: A proof of Yao’s protocol for secure two-party computation. ECCC Report TR04-063, Electronic Colloq. on Comp. Complexity (2004)Google Scholar
  21. 21.
    Lipmaa, H.: Verifiable homomorphic oblivious transfer and private equality test. In: Laih, C.-S. (ed.) ASIACRYPT 2003, vol. 2894, pp. 416–433. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  22. 22.
    Lipmaa, H.: Private branching programs: On communication-efficient cryptocomputing. Cryptology ePrint Archive, Report 2008/107 (2008),
  23. 23.
    Malkhi, D., Nisan, N., Pinkas, B., Sella, Y.: Fairplay — a secure two-party computation system. In: USENIX (2004),
  24. 24.
    Naor, M., Pinkas, B.: Efficient oblivious transfer protocols. In: ACM-SIAM Symposium On Discrete Algorithms (SODA 2001), pp. 448–457. Society for Industrial and Applied Mathematics (2001)Google Scholar
  25. 25.
    Orlandi, C., Piva, A., Barni, M.: Oblivious neural network computing via homomorphic encryption. European Journal of Information Systems (EURASIP) 2007(1), 1–10 (2007)Google Scholar
  26. 26.
    Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  27. 27.
    Pinkas, B.: Cryptographic techniques for privacy-preserving data mining. SIGKDD Explor. Newsl. 4(2), 12–19 (2002)MathSciNetCrossRefGoogle Scholar
  28. 28.
    Piva, A., Caini, M., Bianchi, T., Orlandi, C., Barni, M.: Enhancing privacy in remote data classification. In: New Approaches for Security, Privacy and Trust in Complex Environments, SEC 2008 (2008)Google Scholar
  29. 29.
    Rodriguez, J., Goni, A., Illarramendi, A.: Real-time classification of ECGs on a PDA. IEEE Transact. on Inform. Technology in Biomedicine 9(1), 23–34 (2005)CrossRefGoogle Scholar
  30. 30.
    Sadeghi, A.-R., Schneider, T.: Generalized universal circuits for secure evaluation of private functions with application to data classification. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 336–353. Springer, Heidelberg (2008)Google Scholar
  31. 31.
    Sander, T., Young, A., Yung, M.: Non-interactive cryptocomputing for NC 1. In: IEEE Symp. on Found. of Comp. Science (FOCS 1999), pp. 554–566. IEEE Computer Society Press, Los Alamitos (1999)Google Scholar
  32. 32.
    Schneider, T.: Practical secure function evaluation. Master’s thesis, University of Erlangen-Nuremberg, February 27 (2008)Google Scholar
  33. 33.
    Yao, A.C.: How to generate and exchange secrets. In: IEEE Symposium on Found. of Comp. Science (FOCS 1986), pp. 162–167. IEEE, Los Alamitos (1986)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Mauro Barni
    • 1
  • Pierluigi Failla
    • 1
  • Vladimir Kolesnikov
    • 2
  • Riccardo Lazzeretti
    • 1
  • Ahmad-Reza Sadeghi
    • 3
  • Thomas Schneider
    • 3
  1. 1.Department of Information EngineeringUniversity of SienaItaly
  2. 2.Bell LaboratoriesUSA
  3. 3.Horst Görtz Institute for IT-SecurityRuhr-University BochumGermany

Personalised recommendations