Advertisement

Constant-Round Private Function Evaluation with Linear Complexity

  • Jonathan Katz
  • Lior Malka
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7073)

Abstract

We consider the problem of private function evaluation (PFE) in the two-party setting. Here, informally, one party holds an input x while the other holds a (circuit describing a) function f; the goal is for one (or both) of the parties to learn f(x) while revealing nothing more to either party. In contrast to the usual setting of secure computation, where the function being computed is known to both parties, PFE is useful in settings where the function (i.e., algorithm) itself must remain secret, e.g., because it is proprietary or classified.

It is known that PFE can be reduced to standard secure computation by having the parties evaluate a universal circuit, and this is the approach taken in most prior work. Using a universal circuit, however, introduces additional overhead and results in a more complex implementation. We show here a completely new technique for PFE that avoids universal circuits, and results in constant-round protocols with communication/computational complexity linear in the size of the circuit computing f. This gives the first constant-round protocol for PFE with linear complexity (without using fully homomorphic encryption), even restricted to semi-honest adversaries.

Keywords

Encryption Scheme Linear Complexity Homomorphic Encryption Oblivious Transfer Malicious Adversary 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

References

  1. 1.
    Abadi, M., Feigenbaum, J.: Secure circuit evaluation. Journal of Cryptology 2(1), 1–12 (1990)CrossRefzbMATHMathSciNetGoogle Scholar
  2. 2.
    Applebaum, B., Harnik, D., Ishai, Y.: Semantic security under related-key attacks and applications. In: 2nd Symp. on Innovations in Computer Science, ICS (2011), http://eprint.iacr.org/2010/544
  3. 3.
    Barni, M., Failla, P., Kolesnikov, V., Lazzeretti, R., Sadeghi, A.-R., Schneider, T.: Secure Evaluation of Private Linear Branching Programs with Medical Applications. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 424–439. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  4. 4.
    Boneh, D., Goh, E.-J., Nissim, K.: Evaluating 2-DNF Formulas on Ciphertexts. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 325–341. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  5. 5.
    Brickell, J., Porter, D.E., Shmatikov, V., Witchel, E.: Privacy-preserving re¬mote diagnostics. In: 14th ACM Conf. on Computer and Communications Security (CCS), pp. 498–507. ACM Press (2007)Google Scholar
  6. 6.
    Cachin, C., Camenisch, J., Kilian, J., Müller, J.: One-Round Secure Computation and Secure Autonomous Mobile Agents. In: Welzl, E., Montanari, U., Rolim, J.D.P. (eds.) ICALP 2000. LNCS, vol. 1853, pp. 512–523. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  7. 7.
    Camenisch, J., Shoup, V.: Practical Verifiable Encryption and Decryption of Discrete Logarithms. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 126–144. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  8. 8.
    Canetti, R., Ishai, Y., Kumar, R., Reiter, M.K., Rubinfeld, R., Wright, R.N.: Selective private function evaluation with applications to private statistics. In: 20th Annual ACM Symposium on Principles of Distributed Computing (PODC), pp. 293–304. ACM Press (2001)Google Scholar
  9. 9.
    Chang, Y.-C., Lu, C.-J.: Oblivious Polynomial Evaluation and Oblivious Neural Learning. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 369–384. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  10. 10.
    El Gamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans. Information Theory 31, 469–472 (1985)CrossRefzbMATHGoogle Scholar
  11. 11.
    Frikken, K., Atallah, M., Li, J.: Hidden access control policies with hidden credentials. In: Proc. ACM Workshop on Privacy in the Electronic Society (WPES), p. 27. ACM (2004)Google Scholar
  12. 12.
    Frikken, K., Attallah, M., Zhang, C.: Privacy-preserving credit checking. In: ACM Conf. on Electronic Commerce (EC), pp. 147–154. ACM (2005)Google Scholar
  13. 13.
    Frikken, K.B., Li, J., Atallah, M.J.: Trust negotiation with hidden credentials, hidden policies, and policy cycles. In: Network and Distributed System Security Symposium (NDSS), pp. 157–172. The Internet Society (2006)Google Scholar
  14. 14.
    Goldreich, O.: Foundations of Cryptography. Basic Applications, vol. 2. Cambridge University Press, Cambridge (2004)CrossRefzbMATHGoogle Scholar
  15. 15.
    Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game, or a completeness theorem for protocols with honest majority. In: 19th Annual ACM Symposium on Theory of Computing (STOC), pp. 218–229. ACM Press (1987)Google Scholar
  16. 16.
    Henecka, W., Kögl, S., Sadeghi, A.-R., Schneider, T., Wehrenberg, I.: TASTY: Tool for automating secure two-party computations. In: 17th ACM Conf. on Com¬puter and Communications Security (CCS), pp. 451–462. ACM Press (2010)Google Scholar
  17. 17.
    Huang, Y., Evans, D., Katz, J., Malka, L.: Faster secure two-party computation using garbled circuits. In: 20th USENIX Security Symposium (2011)Google Scholar
  18. 18.
    Ishai, Y., Kilian, J., Nissim, K., Petrank, E.: Extending Oblivious Transfers Efficiently. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 145–161. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  19. 19.
    Ishai, Y., Paskin, A.: Evaluating Branching Programs on Encrypted Data. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 575–594. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  20. 20.
    Jarecki, S., Shmatikov, V.: Efficient Two-Party Secure Computation on Committed Inputs. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 97–114. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  21. 21.
    Katz, J., Malka, L.: Constant-round private function evaluation with linear complexity, http://eprint.iacr.org/2010/528
  22. 22.
    Kolesnikov, V., Schneider, T.: Improved Garbled Circuit: Free XOR Gates and Applications. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 486–498. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  23. 23.
    Kolesnikov, V., Schneider, T.: A Practical Universal Circuit Construction and Secure Evaluation of Private Functions. In: Tsudik, G. (ed.) FC 2008. LNCS, vol. 5143, pp. 83–97. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  24. 24.
    Lindell, Y., Pinkas, B.: An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 52–78. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  25. 25.
    Lindell, Y., Pinkas, B.: A proof of security of Yao’s protocol for two-party computation. Journal of Cryptology 22(2), 161–188 (2009)CrossRefzbMATHMathSciNetGoogle Scholar
  26. 26.
    Lindell, Y., Pinkas, B., Smart, N.P.: Implementing Two-Party Computation Efficiently with Security Against Malicious Adversaries. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) SCN 2008. LNCS, vol. 5229, pp. 2–20. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  27. 27.
    Malkhi, D., Nisan, N., Pinkas, B., Sella, Y.: Fairplay — a secure two-party computation system. In: Proc. 13th USENIX Security Symposium, pp. 287–302. USENIX Association (2004)Google Scholar
  28. 28.
    Naor, M., Pinkas, B.: Oblivious polynomial evaluation. SIAM Journal on Computing 35(5), 1254–1281 (2006)CrossRefzbMATHMathSciNetGoogle Scholar
  29. 29.
    Nielsen, J.B., Orlandi, C.: LEGO for Two-Party Secure Computation. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 368–386. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  30. 30.
    Paillier, P.: Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999)Google Scholar
  31. 31.
    Paus, A., Sadeghi, A.-R., Schneider, T.: Practical Secure Evaluation of Semi-Private Functions. In: Abdalla, M., Pointcheval, D., Fouque, P.-A., Vergnaud, D. (eds.) ACNS 2009. LNCS, vol. 5536, pp. 89–106. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  32. 32.
    Pinkas, B., Schneider, T., Smart, N.P., Williams, S.C.: Secure Two-Party Computation is Practical. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 250–267. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  33. 33.
    Sadeghi, A.-R., Schneider, T.: Generalized Universal Circuits for Secure Evaluation of Private Functions with Application to Data Classification. In: Lee, P.J., Cheon, J.H. (eds.) ICISC 2008. LNCS, vol. 5461, pp. 336–353. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  34. 34.
    Sander, T., Young, A., Yung, M.: Non-interactive cryptocomputing for NC1. In: 40th Annual Symposium on Foundations of Computer Science (FOCS), pp. 554–567. IEEE (1999)Google Scholar
  35. 35.
    Schneider, T.: Practical secure function evaluation. Master’s thesis, University Erlangen-Nürnberg (2008), http://thomasckneider.de/FairplayPF
  36. 36.
    Valiant, L.: Universal circuits. In: 8th Annual ACM Symposium on Theory of Computing (STOC), pp. 196–203. ACM Press (1976)Google Scholar
  37. 37.
    Yao, A.C.-C.: How to generate and exchange secrets. In: 27th Annual Symposium on Foundations of Computer Science (FOCS), pp. 162–167. IEEE (1986)Google Scholar

Copyright information

© International Association for Cryptologic Research 2011

Authors and Affiliations

  • Jonathan Katz
    • 1
  • Lior Malka
    • 2
  1. 1.Dept. of Computer ScienceUniversity of MarylandUSA
  2. 2.IntelUSA

Personalised recommendations