MPC for Comparing Two Shared Secrets without Bit-Decomposition Takashi Nishide * Kazuo Ohta The University of Electro-Communications * Hitachi Software.

Slides:



Advertisements
Similar presentations
Private Inference Control David Woodruff MIT Joint work with Jessica Staddon (PARC)
Advertisements

Private Inference Control
Secret Sharing Protocols [Sha79,Bla79]
A Verifiable Secret Shuffle of Homomorphic Encryptions Jens Groth UCLA On ePrint archive:
Multi-Query Computationally-Private Information Retrieval with Constant Communication Rate Jens Groth, University College London Aggelos Kiayias, University.
Efficient Zero-Knowledge Argument for Correctness of a Shuffle Stephanie Bayer University College London Jens Groth University College London.
Function Technique Eduardo Pinheiro Paul Ilardi Athanasios E. Papathanasiou The.
Efficiency vs. Assumptions in Secure Computation Yuval Ishai Technion & UCLA.
Secure Evaluation of Multivariate Polynomials
1 Reducing Complexity Assumptions for Statistically-Hiding Commitment Iftach Haitner Omer Horviz Jonathan Katz Chiu-Yuen Koo Ruggero Morselli Ronen Shaltiel.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Mental Poker The SRA Protocol. What is Mental Poker? Playing poker without cards (ie over telephone or internet). No Trusted Third Party or source of.
Efficient Two-party and Multiparty Computation against Covert Adversaries Vipul Goyal Payman Mohassel Adam Smith Penn Sate UCLAUC Davis.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Vipul Goyal Abhishek Jain UCLA On the Round Complexity of Covert Computation.
CIS 5371 Cryptography 3b. Pseudorandomness.
Computer Science Dr. Peng NingCSC 774 Adv. Net. Security1 CSC 774 Advanced Network Security Topic 5 Group Key Management.
Eran Omri, Bar-Ilan University Joint work with Amos Beimel and Ilan Orlov, BGU Ilan Orlov…!??!!
Improving the Round Complexity of VSS in Point-to-Point Networks Jonathan Katz (University of Maryland) Chiu-Yuen Koo (Google Labs) Ranjit Kumaresan (University.
Zero-Knowledge Proofs J.W. Pope M.S. – Mathematics May 2004.
Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.
Information Security for Sensors Overwhelming Random Sequences and Permutations Shlomi Dolev, Niv Gilboa, Marina Kopeetsky, Giuseppe Persiano, and Paul.
1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Secure Multi-party Computations (MPC) A useful tool to cryptographic applications Vassilis Zikas.
Co-operative Private Equality Test(CPET) Ronghua Li and Chuan-Kun Wu (received June 21, 2005; revised and accepted July 4, 2005) International Journal.
Establishment of Conference Keys in Heterogeneous Networks Wade Trappe, Yuke Wang, K. J. Ray Liu ICC IEEE International Conference.
Randomized and Quantum Protocols in Distributed Computation Michael Ben-Or The Hebrew University Michael Rabin’s Birthday Celebration.
How to Share a Secret Amos Beimel. Secret Sharing [Shamir79,Blakley79,ItoSaitoNishizeki87] ? bad.
Introduction to Modern Cryptography, Lecture 7/6/07 Zero Knowledge and Applications.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Completely Anonymous, Secure, Verifiable, and Secrecy Preserving Auctions Michael O. Rabin, Harvard University and Google Research Joint work with Yishay.
1 Hidden Exponent RSA and Efficient Key Distribution author: He Ge Cryptology ePrint Archive 2005/325 PDFPDF 報告人:陳昱升.
DANSS Colloquium By Prof. Danny Dolev Presented by Rica Gonen
Chapter 5. Operations on Multiple R. V.'s 1 Chapter 5. Operations on Multiple Random Variables 0. Introduction 1. Expected Value of a Function of Random.
Efficient and Robust Private Set Intersection and multiparty multivariate polynomials Dana Dachman-Soled 1, Tal Malkin 1, Mariana Raykova 1, Moti Yung.
Oblivious Signature-Based Envelope Ninghui Li, Stanford University Wenliang (Kevin) Du, Syracuse University Dan Boneh, Stanford University.
PARALLEL TABLE LOOKUP FOR NEXT GENERATION INTERNET
Cyrtographic Security Identity-based Encryption 1Dennis Kafura – CS5204 – Operating Systems.
Secure Computation (Lecture 7-8) Arpita Patra. Recap >> (n,t)-Secret Sharing (Sharing/Reconstruction) > Shamir Sharing > Lagrange’s Interpolation for.
On the Practical Feasibility of Secure Distributed Computing A Case Study Gregory Neven, Frank Piessens, Bart De Decker Dept. of Computer Science, K.U.Leuven.
Introduction to Modern Cryptography Sharif University Spring 2015 Data and Network Security Lab Sharif University of Technology Department of Computer.
Cryptanalysis and Improvement of an Access Control in User Hierarchy Based on Elliptic Curve Cryptosystem Reporter : Tzer-Long Chen Information Sciences.
Yu-Li Lin and Chien-Lung Hsu Department of Information Management, Chang-Gung University Information Science(SCI) Reporter: Tzer-Long Chen.
1 Secure Multi-party Computation Minimizing Online Rounds Seung Geol Choi Columbia University Joint work with Ariel Elbaz(Columbia University) Tal Malkin(Columbia.
Secret Sharing Nisarg Raval Sep 24, Material is adapted from CS513 lecture notes.
Umans Complexity Theory Lectures Lecture 7b: Randomization in Communication Complexity.
Homework #1 J. H. Wang Oct. 2, 2013.
Quantum Computing Michael Larson. The Quantum Computer Quantum computers, like all computers, are machines that perform calculations upon data. Quantum.
Secured Hash Function Efficient hardware implementation by Liron Cohen Based on “LFSR-based Hashing and Authentication” by Hugo Krawvzyk (IBM)
Assignment #3 Solutions January 24, Practical Aspects of Modern Cryptography Problem #1 Use Fermat’s Little Theorem and induction on k to prove.
1 MEVAL: A Practically Efficient System for Secure Multi-party Statistical Analysis Koki Hamada NTT Secure Platform Laboratories.
Efficient multi-secret image sharing based on Boolean operations Signal Processing Tzung-Her Chen, Chang-Sian Wu.
1 Introduction to Quantum Information Processing CS 467 / CS 667 Phys 667 / Phys 767 C&O 481 / C&O 681 Richard Cleve DC 2117 Lecture.
Secret computation of purchase history data using somewhat homomorphic encryption Date: Reporter: 許哲毓.
Round-Efficient Multi-Party Computation in Point-to-Point Networks Jonathan Katz Chiu-Yuen Koo University of Maryland.
Cryptographic methods. Outline  Preliminary Assumptions Public-key encryption  Oblivious Transfer (OT)  Random share based methods  Homomorphic Encryption.
Key Exchange in Systems VPN usually has two phases –Handshake protocol: key exchange between parties sets symmetric keys –Traffic protocol: communication.
Multi-Party Computation r n parties: P 1,…,P n  P i has input s i  Parties want to compute f(s 1,…,s n ) together  P i doesn’t want any information.
Lower bounds for Unconditionally Secure MPC Ivan Damgård Jesper Buus Nielsen Antigoni Polychroniadou Aarhus University.
MPC and Verifiable Computation on Committed Data
Foundations of Secure Computation
Committed MPC Multiparty Computation from Homomorphic Commitments
Secret Sharing (or, more accurately, “Secret Splitting”)
Practical Aspects of Modern Cryptography
Secret Sharing CPS Computer Security Nisarg Raval Sep 24, 2014
Going round in circles… Going round in circles…
Zero-Knowledge Proofs
Secret Sharing CPS Computer Security Nisarg Raval Sep 24, 2014
Presentation transcript:

MPC for Comparing Two Shared Secrets without Bit-Decomposition Takashi Nishide * Kazuo Ohta The University of Electro-Communications * Hitachi Software Engineering Co., Ltd. 2006/03/05

2 Comparison Protocol Given [a] p, [b] p, parties compute[a < ? b] p where a,b {0,1, …,p-1}, (a < ? b) {0,1} and (a < ? b) = 1 iff a < b. [a] p : Polynomial sharing of a secret a [a] B : Bitwise sharing of a secret a that is, the shares of the bits of a [a] B = {[a l-1 ] p, …,[a 0 ] p } s.t. a =2 i a i

3 Overview of 2 Approaches Existing Scheme[DFKNT06] Given [a] p, [b] p Compute [a] B, [b] B. Compute [a < ? b] p by Bitwise Less- Than. Our Scheme Given [a] p, [b] p Compute [a < ? p/2] p, [b < ? p/2] p, and [a-b mod p < ? p/2] p Compute [a < ? b] p from the above 3 shared bits.

4 Our Construction Comparison Protocol for [a < ? b] p assuming [a < ? p/2] p is available

5 Our Construction(Cont.) How to Compute [a < ? p/2] p Generate a bitwise sharing [r] B, compute [c] p =[a] p +[r] p and reveal c. If r { r low, …, r high } a p/2. [r ? { r low, …, r high }] p = [r low - 1 < ? r] p * [r < ? r high + 1] p 0 p/2 p a r c=a+r mod p r low r high

6 Complexity Analysis Comparison Protocol based on [DFKNT06] 2 * Bit-Decomposition in parallel 1 * Bitwise Less-Than Our Comparison Protocol 3 * joint random number bitwise-sharing in parallel 6 * bitwise less-than in parallel 3 * multiplication in parallel 3 * multiplication in 2 rounds

7 Other Improvements

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.