Technological innovations in security and privacy are critical to advancing modern computing in our time. I will present an effort involving deployment of experimental commercial applications designed and built as a &...
详细信息
ISBN:
(纸本)9781450338325
Technological innovations in security and privacy are critical to advancing modern computing in our time. I will present an effort involving deployment of experimental commercial applications designed and built as a 'secure multi-party computation protocol for specific tasks,' to be used repetitively to achieve a number of concrete ubiquitous business goals. In these applications, the outputs are calculated in the presence of privacy constraints which prevent parties from sharing their individual inputs directly and openly. I will also discuss what I think are the reasons for the inherent difficulty of developing such routines in general (for achieving business goals). In particular, I will survey what I believe to be the reasons that almost 40 years since secure computation protocols was invented as a basic theoretical notion, capturing specific and then general computational tasks, and in spite of its theoretical and even experimentation success, the notion has not yet been widely and seriously used in achieving routine relevant business goals (in contrast with symmetric key and public key cryptosystems and protocols, which were also proposed 40 years ago and are used extensively, primarily to implement secure authenticated channels). The presentation will also cover the general bottom up methodology used in this effort leading to the design and development process. This exemplifying methodology includes: feasibility study of the specific domain, extraction of business needs which are limited by privacy constraints, application analysis from the perspective of utility metrics and secure computing. Then, the methodology further includes design, implementation, and experimentation, guided by the analysis and employing appropriate protocols, while considering scale and performance constraints, and cost overhead that is tolerable.
In the last decade, location information became easily obtainable using off-the-shelf mobile devices. This gave momentum to developing location-based services (LBSs) such as location proximity detection, which can be ...
详细信息
In the last decade, location information became easily obtainable using off-the-shelf mobile devices. This gave momentum to developing location-based services (LBSs) such as location proximity detection, which can be used to find friends or taxis nearby. LBSs can, however, be easily misused to track users, which draws attention to the need for protecting the privacy of these users. In this work, the authors address this issue by designing, implementing, and evaluating multiple algorithms for privacy-preserving location proximity (PPLP) that are based on different secure computation protocols. Their PPLP protocols support both circle and polygon range queries and have runtimes from a few to some hundreds of milliseconds and bandwidth requirements from a few hundreds of bytes to one megabyte. Consequently, they are well suited for different scenarios and offer faster runtimes and savings in bandwidth and computational power as well as security improvements compared to previous PPLP schemes. In addition, the computationally most expensive parts of the PPLP computation can be precomputed in their protocols, such that the input-dependent online phase runs in just a few milliseconds.
secure computation protocols inherently involve multiple rounds of interaction among the parties where, typically a party has to keep a state about what has happened in the protocol so far and then wait for the other ...
详细信息
ISBN:
(纸本)9780769545714
secure computation protocols inherently involve multiple rounds of interaction among the parties where, typically a party has to keep a state about what has happened in the protocol so far and then wait for the other party to respond. We study if this is inherent. In particular, we study the possibility of designing cryptographic protocols where the parties can be completely stateless and compute the outgoing message by applying a single fixed function to the incoming message (independent of any state). The problem of designing stateless secure computation protocols can be reduced to the problem of designing protocols satisfying the notion of resettable computation introduced by Canetti, Goldreich, Goldwasser and Micali (FOCS'01) and widely studied thereafter. The current start of art in resettable computation allows for construction of protocols which provide security only when a single predetermined party is resettable [15]. An exception is for the case of the zero-knowledge functionality for which a protocol in which both parties are resettable was recently obtained by Deng, Goyal and Sahai (FOCS'09). The fundamental question left open in this sequence of works is, whether fully-resettable computation is possible, when: 1) An adversary can corrupt any number of parties, and 2) The adversary can reset any party to its original state during the execution of the protocol and can restart the protocol. In this paper, we resolve the above problem by constructing secureprotocols realizing any efficiently computable multi-party functionality in the plain model under standard cryptographic assumptions. First, we construct a Fully-Resettable Simulation Sound Zero-Knowledge (ss-rs-rZK) protocol. Next, based on these ss-rs-rZK protocols, we show how to compile any semi-honest secure protocol into a protocol secure against fully resetting adversaries. Next, we study a seemingly unrelated open question: "Does there exist a functionality which, in the concurrent setting, is im
暂无评论