Skip to main content
Book cover

International Conference on Applied Cryptography and Network Security

ACNS 2021: Applied Cryptography and Network Security pp 100–129Cite as

Blind Polynomial Evaluation and Data Trading

Part of the Lecture Notes in Computer Science book series (LNSC,volume 12726)

Abstract

Data trading is an emerging business, in which data sellers provide buyers with, for example, their private datasets and get paid from buyers. In many scenarios, sellers prefer to sell pieces of data, such as statistical results derived from the dataset, rather than the entire dataset. Meanwhile, buyers wish to hide the results they retrieve. Since it is not preferable to rely on a trusted third party (TTP), we are wondering, in the absence of TTP, whether there exists a practical mechanism satisfying the following requirements: the seller Sarah receives the payment if and only if she obliviously returns the buyer Bob the correct evaluation result of a function delegated by Bob on her dataset, and Bob can only derive the result for which he pays. Despite a lot of attention data trading has received, a desirable mechanism for this scenario is still missing. This is due to the fact that general solutions are inefficient when the size of datasets is considerable or the evaluated function is complicated, and that existing efficient cryptographic techniques cannot fully capture the features of our scenario or can only address very limited computing tasks.

In this paper, we propose the first desirable mechanism that is practical and supports a wide variety of computing tasks—evaluation of arbitrary functions that can be represented as polynomials. We introduce a new cryptographic notion called blind polynomial evaluation and instantiate it with an explicit protocol. We further combine this notion with the blockchain paradigm to provide a practical framework that can satisfy the requirements mentioned above.

Keywords

  • Blind polynomial evaluation
  • Blockchain
  • ElGamal encryption
  • Encryption switching protocol
  • Paillier encryption

This is a preview of subscription content, access via your institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-78372-3_5
  • Chapter length: 30 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   84.99
Price excludes VAT (USA)
  • ISBN: 978-3-030-78372-3
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   109.99
Price excludes VAT (USA)
Learn about institutional subscriptions
Fig. 1.
Fig. 2.
Fig. 3.
Fig. 4.
Fig. 5.
Fig. 6.
Fig. 7.
Fig. 8.
Fig. 9.

Notes

  1. 1.

    Such an approach is similar to that of [6]. However, their security goal indeed cannot be achieved since the random coins of the ElGamal encryption cannot be extracted and the group order is hidden. We overcome the security faults for our scenario.

  2. 2.

    Assume that the gas price is 10 Gwei (a common price, albeit lower fees is possible). The total transaction fees (of US dollar) are calculated according to the average price of gas and coin on April 12th, 2020 (see more in https://etherscan.io/chart/gasprice). For the total fee, we take into account the total gas consumption of all functions for active verification and all functions except complain for passive verification.

  3. 3.

    Note that since our implementation involves big integers and Ethereum today can only support integers represented by 256 bits, we have to use an external library. However, library instructions from therein will be pulled into the calling contract in the compilation. Hence, once a new version of Ethereum has better support of external library call, the cost of our protocol can further be dramatically reduced.

References

  1. Andrychowicz, M., Dziembowski, S., Malinowski, D., Mazurek, L.: Secure multiparty computations on bitcoin. In: 2014 IEEE Symposium on Security and Privacy, SP 2014, Berkeley, CA, USA, 18–21 May 2014, pp. 443–458. IEEE Computer Society (2014)

    Google Scholar 

  2. Bentov, I., Kumaresan, R.: How to use Bitcoin to design fair protocols. In: Garay, J.A., Gennaro, R. (eds.) CRYPTO 2014, Part II. LNCS, vol. 8617, pp. 421–439. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-44381-1_24

    CrossRef  Google Scholar 

  3. Castagnos, G., Imbert, L., Laguillaumie, F.: Encryption switching protocols revisited: switching modulo p. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017, Part I. LNCS, vol. 10401, pp. 255–287. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63688-7_9

    CrossRef  Google Scholar 

  4. Cleve, R.: Limits on the security of coin flips when half the processors are faulty (extended abstract). In: Hartmanis, J. (ed.) Proceedings of the 18th Annual ACM Symposium on Theory of Computing, Berkeley, California, USA, 28–30 May 1986, pp. 364–369. ACM (1986)

    Google Scholar 

  5. Couteau, G., Peters, T., Pointcheval, D.: Secure distributed computation on private inputs. In: Garcia-Alfaro, J., Kranakis, E., Bonfante, G. (eds.) FPS 2015. LNCS, vol. 9482, pp. 14–26. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-30303-1_2

    CrossRef  Google Scholar 

  6. Couteau, G., Peters, T., Pointcheval, D.: Encryption switching protocols. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part I. LNCS, vol. 9814, pp. 308–338. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53018-4_12

    CrossRef  Google Scholar 

  7. Damgård, I., Jurik, M., Nielsen, J.B.: A generalization of Paillier’s public-key system with applications to electronic voting. Int. J. Inf. Sec. 9(6), 371–385 (2010)

    CrossRef  Google Scholar 

  8. Delgado-Segura, S., Pérez-Solà, C., Navarro-Arribas, G., Herrera-Joancomartí, J.: A fair protocol for data trading based on bitcoin transactions. Future Gener. Comput. Syst. 107, 832–840 (2017)

    CrossRef  Google Scholar 

  9. Dwork, C.: Differential privacy. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006, Part II. LNCS, vol. 4052, pp. 1–12. Springer, Heidelberg (2006). https://doi.org/10.1007/11787006_1

    CrossRef  Google Scholar 

  10. Dziembowski, S., Eckey, L., Faust, S.: FairSwap: how to fairly exchange digital goods. In: Lie, D., Mannan, M., Backes, M., Wang, X. (eds.) Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS 2018, Toronto, ON, Canada, 15–19 October 2018, pp. 967–984. ACM (2018)

    Google Scholar 

  11. Eckey, L., Faust, S., Schlosser, B.: OptiSwap: fast optimistic fair exchange. In: Sun, H., Shieh, S., Gu, G., Ateniese, G. (eds.) ASIA CCS 2020: The 15th ACM Asia Conference on Computer and Communications Security, Taipei, Taiwan, 5–9 October 2020, pp. 543–557. ACM (2020)

    Google Scholar 

  12. Fiat, A., Shamir, A.: How to prove yourself: practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987). https://doi.org/10.1007/3-540-47721-7_12

    CrossRef  Google Scholar 

  13. ElGamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 10–18. Springer, Heidelberg (1985). https://doi.org/10.1007/3-540-39568-7_2

    CrossRef  Google Scholar 

  14. Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Mitzenmacher, M. (ed.) Proceedings of the 41st Annual ACM Symposium on Theory of Computing, STOC 2009, Bethesda, MD, USA, May 31 – June 2 2009, pp. 169–178. ACM (2009)

    Google Scholar 

  15. Koutsos, V., Papadopoulos, D., Chatzopoulos, D., Tarkoma, S., Hui, P.: Agora: a privacy-aware data marketplace. In: 40th IEEE International Conference on Distributed Computing Systems, ICDCS 2020, Singapore, November 29 - December 1, 2020, pp. 1211–1212. IEEE (2020)

    Google Scholar 

  16. Kumaresan, R., Vaikuntanathan, V., Vasudevan, P.N.: Improvements to secure computation with penalties. In: Weippl, E.R., Katzenbeisser, S., Kruegel, C., Myers, A.C., Halevi, S. (eds.) Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, 24–28 October 2016, pp. 406–417. ACM (2016)

    Google Scholar 

  17. Liu, Y., Wang, Q., Yiu, S.-M.: An improvement of multi-exponentiation with encrypted bases argument: smaller and faster. In: Wu, Y., Yung, M. (eds.) Inscrypt 2020. LNCS, vol. 12612, pp. 397–414. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-71852-7_27

    CrossRef  Google Scholar 

  18. Liu, Y., Wang, Q., Yiu, S.: Blind polynomial evaluation and data trading. IACR Cryptol. ePrint Arch. 2021, 413 (2021). https://eprint.iacr.org/2021/413

  19. Lu, Y., Tang, Q., Wang, G.: ZebraLancer: private and anonymous crowdsourcing system atop open blockchain. In: 38th IEEE International Conference on Distributed Computing Systems, ICDCS 2018, Vienna, Austria, 2–6 July 2018, pp. 853–865. IEEE Computer Society (2018)

    Google Scholar 

  20. Lu, Y., Tang, Q., Wang, G.: Dragoon: private decentralized hits made practical. In: 40th IEEE International Conference on Distributed Computing Systems, ICDCS 2020, Singapore, November 29 – December 1 2020, pp. 910–920. IEEE (2020)

    Google Scholar 

  21. Nakamoto, S., et al.: Bitcoin: a peer-to-peer electronic cash system (2008)

    Google Scholar 

  22. Naor, M., Pinkas, B.: Oblivious polynomial evaluation. SIAM J. Comput. 35(5), 1254–1281 (2006)

    CrossRef  MathSciNet  Google Scholar 

  23. Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_16

    CrossRef  Google Scholar 

  24. Poupard, G., Stern, J.: Short proofs of knowledge for factoring. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 147–166. Springer, Heidelberg (2000). https://doi.org/10.1007/978-3-540-46588-1_11

    CrossRef  Google Scholar 

  25. Shoup, V.: NTL: a library for doing number theory. http://www.shoup.net/ntl

  26. Tassa, T., Jarrous, A., Ben-Ya’akov, Y.: Oblivious evaluation of multivariate polynomials. J. Math. Cryptol. 7(1), 1–29 (2013)

    CrossRef  MathSciNet  Google Scholar 

  27. Valiant, L.G.: Universal circuits (preliminary report). In: Chandra, A.K., Wotschke, D., Friedman, E.P., Harrison, M.A. (eds.) Proceedings of the 8th Annual ACM Symposium on Theory of Computing, Hershey, Pennsylvania, USA, 3–5 May 1976, pp. 196–203. ACM (1976)

    Google Scholar 

  28. Wood, G., et al.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper 151(2014), 1–32 (2014)

    Google Scholar 

  29. Yao, A.C.: Protocols for secure computations (extended abstract). In: 23rd Annual Symposium on Foundations of Computer Science, Chicago, Illinois, USA, 3–5 November 1982, pp. 160–164. IEEE Computer Society (1982)

    Google Scholar 

  30. Yao, A.C.: How to generate and exchange secrets (extended abstract). In: 27th Annual Symposium on Foundations of Computer Science, Toronto, Canada, 27–29 October 1986, pp. 162–167. IEEE Computer Society (1986)

    Google Scholar 

  31. Zhao, S., Yu, Yu., Zhang, J., Liu, H.: Valiant’s universal circuits revisited: an overall improvement and a lower bound. In: Galbraith, S.D., Moriai, S. (eds.) ASIACRYPT 2019, Part I. LNCS, vol. 11921, pp. 401–425. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-34578-5_15

    CrossRef  Google Scholar 

Download references

Acknowledgments

We thank the reviewers for their detailed and helpful comments. Y. Liu and Q. Wang were partially supported by the National Science Foundation of China under Grant No. 61672015 and Guangdong Provincial Key Laboratory (Grant No. 2020B121201001). Y. Liu and S.-M. Yiu were also partially supported by ITF, Hong Kong (ITS/173/18FP).

Author information

Authors and Affiliations

  1. Guangdong Provincial Key Laboratory of Brain-inspired Intelligent Computation, Department of Computer Science and Engineering, Southern University of Science and Technology, Shenzhen, 518055, China

    Yi Liu & Qi Wang

  2. National Center for Applied Mathematics (Shenzhen), Southern University of Science and Technology, Shenzhen, 518055, China

    Qi Wang

  3. Department of Computer Science, The University of Hong Kong, Pokfulam, Hong Kong SAR, China

    Yi Liu & Siu-Ming Yiu

Authors
  1. Yi Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Qi Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Siu-Ming Yiu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Qi Wang .

Editor information

Editors and Affiliations

  1. Waseda University, Tokyo, Japan

    Kazue Sako

  2. CISPA Helmholtz Center for Information Security, Saarbrücken, Germany

    Nils Ole Tippenhauer

Rights and permissions

Reprints and Permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Liu, Y., Wang, Q., Yiu, SM. (2021). Blind Polynomial Evaluation and Data Trading. In: Sako, K., Tippenhauer, N.O. (eds) Applied Cryptography and Network Security. ACNS 2021. Lecture Notes in Computer Science(), vol 12726. Springer, Cham. https://doi.org/10.1007/978-3-030-78372-3_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-78372-3_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-78371-6

  • Online ISBN: 978-3-030-78372-3

  • eBook Packages: Computer ScienceComputer Science (R0)