1 / 19

On the Practical Feasibility of Secure Distributed Computing A Case Study

On the Practical Feasibility of Secure Distributed Computing A Case Study. Gregory Neven, Frank Piessens, Bart De Decker Dept. of Computer Science, K.U.Leuven Celestijnenlaan 200A, B-3001 Heverlee, Belgium. Secure Distributed Computing. Given n different participants P 1 …P n

may
Download Presentation

On the Practical Feasibility of Secure Distributed Computing A Case Study

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. On the Practical Feasibility of Secure Distributed ComputingA Case Study Gregory Neven, Frank Piessens, Bart De Decker Dept. of Computer Science, K.U.Leuven Celestijnenlaan 200A, B-3001 Heverlee, Belgium

  2. Secure Distributed Computing • Given • n different participants P1…Pn • each participant Pi has a secret input xi • some function f • How to • compute y = f(x1,…, xn) • without Pi being able to learn anything more about xj(i j) than what is implied by the function result itself Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

  3. Secure Distributed Computing(cont) • Practical applications • Second price auctions • Voting • Privacy for mobile code • Secret Query Database • Query a database while preserving privacy of query • Example Alice sells records from database of CV’s Bob doesn’t want just any CV doesn’t want to reveal his selection criteria Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

  4. Overview • Secure Distributed Computing • Trivial solution • Protocol (by Abadi & Feigenbaum) • Other protocols • Case study: Secret Query Database • Implementation • Assessment • Conclusion

  5. x1 y y xn y x2 Trivial Solution • Using a Trusted Third Party (TTP) y = f(x1,…,xn) Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

  6. Outline of the Protocol • Two participants • Alice knows secret data x = x1x2… • Bob knows secret function f (as a boolean circuit) • Compute y = f(x) without compromising their secrets • Outline Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion Alice Bob f x = x1x2… En(y1), En(y2), … y y

  7. Encryption Scheme • Probabilistic encryption • one plaintext  many possible ciphertexts • secure for small message spaces • disadvantage: huge data blowup • Homomorphic encryption scheme • E(x) op E(y) = E(xop’y) • Properties: Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

  8. ? Evaluation of the Circuit • NOT-gate • XOR-gate • AND-gate Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion No interaction with Alice!

  9. Evaluation of the Circuit (cont) Alice Bob Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion ? Choose random c1, c2 Decryption  d1, d2 !  communication overhead 

  10. Other SDC Protocols • Goldreich, Micali and Wigderson (1987) • Two-party • Based on symmetric encryption and oblivious transfer • Sander and Tschudin (1998) • Two-party • Autonomous protocol • Based on dual-homomorphic encryption schemes • Polynomial evaluation only Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

  11. Other SDC Protocols (cont) • Chaum, Damgard and van de Graaf (1988) • Multi-party • Based on blindable bit commitments • Franklin and Haber (1996) • Multi-party • Based on group-oriented cryptography Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

  12. Secret Query Database • Problem statement • Query DB while preserving privacy of query • Example • Alice sells records from database of CV’s = secret data x • Bob doesn’t want just any CV doesn’t want to reveal his selection criteria = secret function Q( ) Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

  13. Implementation Alice Bob Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion n, En(x1), En(x2),… n = pq record x query Q evaluation En(Q(x)) Decrypt Q(x) En(Q(x)) x Q(x) = 1 ?

  14. Security Trade-Off • Security parameter: |n| • Each record different n 512 bits • Huge data blowup! • 1 plaintext bit  512 encrypted bits • Encrypted records reusable • p and q are never revealed • Same encryption used for multiple session  Edited on CD-ROM Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

  15. Assessment • Typical values • |record x| = 500 bytes • |database| = 1000 records • |query Q| = 1000 gates • |n| = 512 bits (security parameter) • Communication complexity Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

  16. Conclusion • High overhead, but • increasing bandwidth of the Internet • trade-off communication  security • trade-off communication  query complexity • mobile agent technology • SDC is ready for practical applications Introduction Secure Distributed Computing Case Study: Secret Query Database Conclusion

  17. Quadratic Residuosity • Suppose • p and q primes congruent to 3 mod 4 • n = pq • a is a quadratic residue (QR) mod n iff • Quadratic Residuosity Assumption (QRA): Is a a QR mod n or not? • easy if p and q are known • hard if p and q are unknown

  18. Some Properties • Inversion If a is a QR mod n, then is a QNR mod n (and vice versa) • Multiplication mod n a  b

  19. Efficiency Improvement If c2 = 0  b1  c2 = 0  En(b1  c2) = En(0) If c2 = 1  b1  c2 = b1  En(b1  c2) = En(b1) Alice Bob ? Choose random c1, c2 Decryption  d1, d2 !

More Related