An Efficient Protocol for Oblivious DFA Evaluation and Applications
In this paper, we design an efficient protocol for oblivious DFA evaluation between an input holder (client) and a DFA holder (server). The protocol runs in a single round, and only requires a small amount of computation by each party. The most efficient version of our protocol only requires O(k) asymmetric operations by either party, where k is the security parameter. Moreover, the client’s total computation is only linear in his own input and independent of the size of the DFA. We prove the protocol fully-secure against a malicious client and private against a malicious server, using the standard simulation-based security definitions for secure two-party computation.
We show how to transform our construction in order to solve multiple variants of the secure pattern matching problem without any computational overhead. The more challenging variant is when parties want to compute the number of occurrences of a pattern in a text (but nothing else). We observe that, for this variant, we need a protocol for counting the number of accepting states visited during the evaluation of a DFA on an input. We then introduce a novel modification to our original protocol in order to solve the counting variant, without any loss in efficiency or security.
Finally, we fully implement our protocol and run a series of experiments on a client/server network environment. Our experimental results demonstrate the efficiency of our proposed protocol and, confirm the particularly low computation overhead of the client.
KeywordsRandom Oracle Security Parameter Input Size Input String Random Oracle Model
Unable to display preview. Download preview PDF.
- 1.FIPS, P.: 186-3. Digital signature standard (DSS) (2009)Google Scholar
- 4.Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proceedings of the 41st Annual ACM Symposium on Theory of Computing, pp. 169–178. ACM (2009)Google Scholar
- 9.Katz, J., Malka, L.: Secure text processing with applications to private DNA matching. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, pp. 485–492. ACM (2010)Google Scholar
- 12.Mohassel, P., Niksefat, S., Sadeghian, S., Sadeghiyan, B.: An efficient protocol for oblivious DFA evaluation and applications. Cryptology ePrint Archive, Report 2011/434 (2011), http://eprint.iacr.org/
- 13.Naor, M., Pinkas, B.: Efficient oblivious transfer protocols. In: Proceedings of the Twelfth Annual ACM-SIAM Symposium on Discrete Algorithms, SODA 2001, pp. 448–457 (2001)Google Scholar
- 14.Sipser, M.: Introduction to the Theory of Computation. International Thomson Publishing (1996)Google Scholar
- 15.Troncoso-Pastoriza, J., Katzenbeisser, S., Celik, M.: Privacy preserving error resilient dna searching through oblivious automata. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, pp. 519–528. ACM (2007)Google Scholar
- 16.Yao, A.: Protocols for secure computations. In: Proceedings of the 23rd Annual Symposium on Foundations of Computer Science, pp. 160–164. Citeseer (1982)Google Scholar