computation for mali licious
play

Computation for Mali licious Adversaries and an Honest Majority Jun - PowerPoint PPT Presentation

Dec 30, 2023 •141 likes •699 views

Hig igh-Throughput Secure Three-Party Computation for Mali licious Adversaries and an Honest Majority Jun Furukawa*, Yehuda Lindell**, Ariel Nof** and Or Weinstein** *NEC corporation, Israel **Bar-Ilan University, Israel Eurocrypt 2017

  1. Hig igh-Throughput Secure Three-Party Computation for Mali licious Adversaries and an Honest Majority Jun Furukawa*, Yehuda Lindell**, Ariel Nof** and Or Weinstein** *NEC corporation, Israel **Bar-Ilan University, Israel Eurocrypt 2017

  2. Secure Three-Party Computation wit ith an Honest Majority 𝑦 1 𝑦 2 𝑔(𝑦 1 , 𝑦 2 , 𝑦 3 ) 𝑦 3

  3. Secure Three-Party Computation wit ith an Honest Majority 𝑦 1 𝑦 2 𝑔(𝑦 1 , 𝑦 2 , 𝑦 3 ) 𝑦 3

  4. Secure Three-Party Computation wit ith an Honest Majority 𝑦 1 𝑦 2 𝑔(𝑦 1 , 𝑦 2 , 𝑦 3 ) 𝑦 3 • Functionality is represented by a Boolean circuit • Security with abort

  5. High-Throughput Secure Three-Party Computation with an Honest Majority

  6. High-Throughput Secure Three-Party Computation with an Honest Majority 𝑢 𝑡𝑢𝑏𝑠𝑢 𝑢 𝑓𝑜𝑒 f How much time it takes to compute a function?

  7. High-Throughput Secure Three-Party Computation with an Honest Majority 𝑢 𝑡𝑢𝑏𝑠𝑢 𝑢 𝑓𝑜𝑒 f How much time it takes to compute a function? Latency

  8. High-Throughput Secure Three-Party Computation with an Honest Majority 1 𝑡𝑓𝑑 f f f f f f f f f 𝑢 𝑡𝑢𝑏𝑠𝑢 𝑢 𝑓𝑜𝑒 f How much time it takes to How many functions can we compute a function? compute in one sec? Latency

  9. High-Throughput Secure Three-Party Computation with an Honest Majority 1 𝑡𝑓𝑑 f f f f f f f f f 𝑢 𝑡𝑢𝑏𝑠𝑢 𝑢 𝑓𝑜𝑒 f How much time it takes to How many functions can we compute a function? compute in one sec? Latency Throughput

  10. Low Latency VS. High-Throughput High-Throughput Low Latency

  11. Low Latency VS. High-Throughput High-Throughput Low Latency • Constant rounds of communication 𝑄 1 𝑄 2 “ the garbled-circuit approach ”

  12. Low Latency VS. High-Throughput High-Throughput Low Latency • Low bandwidth • Constant rounds of • Simple Computations communication 𝑄 𝑄 1 1 𝑄 2 𝑄 2 “ the secret-sharing approach ” “ the garbled-circuit approach ”

  13. Low Latency VS. High-Throughput High-Throughput Low Latency • Low bandwidth • Constant rounds of • Simple Computations communication 𝑄 𝑄 1 1 𝑄 2 𝑄 2 “ the secret-sharing approach ” “ the garbled-circuit approach ”

  14. The Starting Point: The Semi-honest protocol of [AFLNO16 16] • Based on replicated secret sharing • Requires 1 bit of communication sent by each party per AND gate. • Speed: compute over 7 billion AND gates per second • Concretely, over 1,300,000 AES operations per second

  15. From Semi-Honest to Malicious adversary ry • Sharing the inputs • Emulating the circuit • Output Reconstruction

  16. From Semi-Honest to Malicious adversary ry How to force the corrupted party to share its • Sharing the inputs inputs “ correctly ” ? How to verify AND gates were computed • Emulating the circuit correctly? How to verify that the output was • Output Reconstruction reconstructed correctly?

  17. From Semi-Honest to Malicious adversary ry How to force the corrupted party to share its • Sharing the inputs inputs “ correctly ” ? How to verify AND gates were computed • Emulating the circuit correctly? How to verify that the output was • Output Reconstruction reconstructed correctly?

  18. Verification of AND Gates A “ multiplication triple ” is a triple of shares 𝑏 , 𝑐 , 𝑑 such that 𝑑 = 𝑏 ⋅ 𝑐

  19. Verification of AND Gates A “ multiplication triple ” is a triple of shares 𝑏 , 𝑐 , 𝑑 such that 𝑑 = 𝑏 ⋅ 𝑐 Let 𝑦 , 𝑧 , 𝑨 be a triple generated by computing an AND gate Let 𝑏 , 𝑐 , 𝑑 be a random triple

  20. Verification of AND Gates A “ multiplication triple ” is a triple of shares 𝑏 , 𝑐 , 𝑑 such that 𝑑 = 𝑏 ⋅ 𝑐 Let 𝑦 , 𝑧 , 𝑨 be a triple generated by computing an AND gate Let 𝑏 , 𝑐 , 𝑑 be a random triple

  21. Verification of AND Gates A “ multiplication triple ” is a triple of shares 𝑏 , 𝑐 , 𝑑 such that 𝑑 = 𝑏 ⋅ 𝑐 Let 𝑦 , 𝑧 , 𝑨 be a triple generated If 𝑏 , 𝑐 , 𝑑 is a “ valid ” triple, then we by computing an AND gate can use 𝑏 , 𝑐 , 𝑑 to detect cheating Let 𝑏 , 𝑐 , 𝑑 be a random triple in 𝑦 , 𝑧 , 𝑨 with probability 1.

  22. Verification of AND Gates A “ multiplication triple ” is a triple of shares 𝑏 , 𝑐 , 𝑑 such that 𝑑 = 𝑏 ⋅ 𝑐 Let 𝑦 , 𝑧 , 𝑨 be a triple generated If 𝑏 , 𝑐 , 𝑑 is a “ valid ” triple, then we by computing an AND gate can use 𝑏 , 𝑐 , 𝑑 to detect cheating Let 𝑏 , 𝑐 , 𝑑 be a random triple in 𝑦 , 𝑧 , 𝑨 with probability 1. Sub-protocol “ triple verification without opening ” Communication: 2 bits per each party

  23. The Protocol On-line protocol 1. Share the inputs 2. Run the Semi-honest protocol 3. Verify all ANDs gates 4. Reconstruct Output 3 bits per AND gate

  24. The Protocol On-line protocol 1. Share the inputs 2. Run the Semi-honest protocol 3. Verify all ANDs gates Output 𝑶 triples 4. Reconstruct Output 3 bits per AND gate

  25. The Protocol Pre-processing protocol On-line protocol 1. Share the inputs 2. Run the Semi-honest protocol 3. Verify all ANDs gates Output 𝑶 triples 4. Reconstruct Output 3 bits per AND gate

  26. The Protocol Pre-processing protocol On-line protocol ? 1. Share the inputs 2. Run the Semi-honest protocol 3. Verify all ANDs gates Output 𝑶 triples 4. Reconstruct Output 3 bits per AND gate

  27. Generation of f Random Multiplication Triples • 𝑏 , [𝑐] are generated without any interaction! • [𝑑] is computed using the semi-honest protocol

  28. Generation of f Random Multiplication Triples • 𝑏 , [𝑐] are generated without any interaction! 1 bit of communication! • [𝑑] is computed using the semi-honest protocol

  29. Generation of f Random Multiplication Triples • 𝑏 , [𝑐] are generated without any interaction! 1 bit of communication! • [𝑑] is computed using the semi-honest protocol How to verify that the triple is valid?

  30. Generation of f Random Multiplication Triples . . .

  31. Generation of f Random Multiplication Triples Random permutation . . .

  32. Generation of f Random Multiplication Triples Random Open C permutation triples . . .

  33. Generation of f Random Multiplication Triples Random Open C permutation triples If one of the opened triples is incorrect, the honest parties will detect it and abort . . .

  34. Generation of f Random Multiplication Triples Random Open C permutation triples . . .

  35. Generation of f Random Multiplication Triples Split into N Random Open C buckets of permutation triples equal size 𝐶 1 𝛾 𝑢𝑠𝑗𝑞𝑚𝑓𝑡 . . 𝐶 2 𝛾 𝑢𝑠𝑗𝑞𝑚𝑓𝑡 . . . . 𝛾 𝑢𝑠𝑗𝑞𝑚𝑓𝑡 𝐶 𝑂

  36. Generation of f Random Multiplication Triples Verify the Split into N Random Open C first triple in buckets of permutation triples each bucket equal size using 𝜸 − 𝟐 triples 𝐶 1 𝛾 𝑢𝑠𝑗𝑞𝑚𝑓𝑡 . . 𝐶 2 𝛾 𝑢𝑠𝑗𝑞𝑚𝑓𝑡 . . . . . . . 𝛾 𝑢𝑠𝑗𝑞𝑚𝑓𝑡 𝐶 𝑂

  37. Generation of f Random Multiplication Triples Verify the Split into N Random Open C first triple in buckets of permutation triples each bucket equal size using 𝜸 − 𝟐 triples 𝐶 1 𝛾 𝑢𝑠𝑗𝑞𝑚𝑓𝑡 . If one of the . buckets is “ mixed ” , 𝐶 2 𝛾 𝑢𝑠𝑗𝑞𝑚𝑓𝑡 the honest parties . . . will detect it and . . abort . . 𝛾 𝑢𝑠𝑗𝑞𝑚𝑓𝑡 𝐶 𝑂

  38. Generation of f Random Multiplication Triples Verify the Split into N Random Open C first triple in buckets of permutation triples each bucket equal size using 𝜸 − 𝟐 triples 𝐶 1 𝛾 𝑢𝑠𝑗𝑞𝑚𝑓𝑡 . . 𝐶 2 𝛾 𝑢𝑠𝑗𝑞𝑚𝑓𝑡 . . . . . . . 𝛾 𝑢𝑠𝑗𝑞𝑚𝑓𝑡 𝐶 𝑂

  39. Generation of f Random Multiplication Triples Verify the Split into N Random Open C first triple in buckets of permutation triples each bucket equal size using 𝜸 − 𝟐 triples 𝐶 1 𝛾 𝑢𝑠𝑗𝑞𝑚𝑓𝑡 . . 𝐶 2 𝛾 𝑢𝑠𝑗𝑞𝑚𝑓𝑡 . . . . . . . 𝛾 𝑢𝑠𝑗𝑞𝑚𝑓𝑡 𝐶 𝑂

  40. Generation of f Random Multiplication Triples Verify the Split into N Random Open C first triple in buckets of permutation triples each bucket equal size using 𝜸 − 𝟐 triples 𝐶 1 𝛾 𝑢𝑠𝑗𝑞𝑚𝑓𝑡 . . 𝐶 2 𝛾 𝑢𝑠𝑗𝑞𝑚𝑓𝑡 . . . . . . . 𝛾 𝑢𝑠𝑗𝑞𝑚𝑓𝑡 𝐶 𝑂

  41. Generation of f Random Multiplication Triples Verify the Split into N Random Open C first triple in buckets of permutation triples each bucket equal size using 𝜸 − 𝟐 triples 𝐶 1 𝛾 𝑢𝑠𝑗𝑞𝑚𝑓𝑡 . . 𝐶 2 𝛾 𝑢𝑠𝑗𝑞𝑚𝑓𝑡 . . . . . . . 𝛾 𝑢𝑠𝑗𝑞𝑚𝑓𝑡 𝐶 𝑂

Recommend

Pr Projec ject Mali t Mali So Some meone ne or r So Some

Pr Projec ject Mali t Mali So Some meone ne or r So Some

Pr Projec ject Mali t Mali So Some meone ne or r So Some mething thing of f Value alue to Our ur Community mmunity Th The e Ubele Ubele In Ini4

550 views • 11 slides
Scaling Up Renewable Energy Program in Mali (SREP-MALI INVESTMENT PLAN) Presentation to the

Scaling Up Renewable Energy Program in Mali (SREP-MALI INVESTMENT PLAN) Presentation to the

Republic of Mali Ministry of Energy and Water Scaling Up Renewable Energy Program in Mali (SREP-MALI INVESTMENT PLAN) Presentation to the SREP Sub-committee 1 st November 2011 1 Overview of the Presentation I. Country and Energy sector

481 views • 30 slides
MALI: An attractive investment destination Why is Mali an attractive investment destination? The

MALI: An attractive investment destination Why is Mali an attractive investment destination? The

MALI: An attractive investment destination Why is Mali an attractive investment destination? The country has The right Key competitive conditions advantages Preferential A favorable investment Opportunities in access to key

697 views • 33 slides
Mali Mali media presentationJan 2019 A leading African gold miner Jabal Sayid (50%)

Mali Mali media presentationJan 2019 A leading African gold miner Jabal Sayid (50%)

Mali Mali media presentationJan 2019 A leading African gold miner Jabal Sayid (50%) Loulo-Gounkoto Morila (40%) Massawa Kibali (45%) Tongon North Mara Bulyanhulu Lumwana (63.7%) Buzwagi Gold production Projects Acacia (63.9%

1.48k views • 37 slides
Pour sortir de la violence au nord du Mali cest lensemble du Sahel qui a besoin dun

Pour sortir de la violence au nord du Mali cest lensemble du Sahel qui a besoin dun

Pour sortir de la violence au nord du Mali cest lensemble du Sahel qui a besoin dun vritable plan Marshall Serge Michailof Colloque FERDI 29 juin 2012 Tout le nord du Mali et une bonne part du Sahara se sont transforms de zone

1.9k views • 15 slides
Dansa from Mali: Tempo-Metrical Types in

Dansa from Mali: Tempo-Metrical Types in

Dansa from Mali: Tempo-Metrical Types in Swing-based Meters. Or: Cool things that happen when you speed up a swingin rhythm

787 views • 43 slides
Spotlight on Rural Supply: Critical factors to create successful mobile money agents. By Sarah

Spotlight on Rural Supply: Critical factors to create successful mobile money agents. By Sarah

Spotlight on Rural Supply: Critical factors to create successful mobile money agents. By Sarah Zhou and Aakash Sethi 70% OF GLOBAL POOR LIVE IN RURAL AREAS BASIC GEOGRAPHY: Mali and Chad Chad Mali Background on Mali and Chad In contrast

189 views • 16 slides
how they have survived and how they can be conserved Dr Susan Canney, Director of the Mali

how they have survived and how they can be conserved Dr Susan Canney, Director of the Mali

Malis remarkable desert - adapted elephants: how they have survived and how they can be conserved Dr Susan Canney, Director of the Mali Elephant Project Research Associate, Department of Zoology, University of Oxford Range of habitats

877 views • 54 slides
Workshop, European Caf Debate and presentation of initial findings in Mali Deliverable 7.12

Workshop, European Caf Debate and presentation of initial findings in Mali Deliverable 7.12

Workshop, European Caf Debate and presentation of initial findings in Mali Deliverable 7.12 (Version 1; 27.11.2017) Prepared by: ARGA Project acronym: EUNPACK Project full title: Good intentions, mixed results A conflict sensitive

337 views • 8 slides
Evaluating Climate Services: Lessons from Mali Edward R Carr Humanitarian Response and

Evaluating Climate Services: Lessons from Mali Edward R Carr Humanitarian Response and

Evaluating Climate Services: Lessons from Mali Edward R Carr Humanitarian Response and Development Lab Department of Geography University of South Carolina Malis Agrometeorologial Program Pilot phase (4 villages, 16 farmers) was very

240 views • 10 slides
Print. Winters, Charlene R. Lifting Mali. BYU Magazine Fall 2010: 36-41. Print.

Print. Winters, Charlene R. Lifting Mali. BYU Magazine Fall 2010: 36-41. Print.

Bradbury, Ray. Fahrenheit 451 . The 50 th Anniversary Edition. New York: Ballantine Books, 1953. Print. Winters, Charlene R. Lifting Mali. BYU Magazine Fall 2010: 36-41. Print. Concentration Camps 1933 - 1939. Holocaust Encyclopedia .

597 views • 20 slides
Au 196.97 Lithium Development & Gold Exploration Mali & Cote dIvoire, West Africa

Au 196.97 Lithium Development & Gold Exploration Mali & Cote dIvoire, West Africa

79 Au 196.97 Lithium Development & Gold Exploration Mali & Cote dIvoire, West Africa May 2020 IMPORTANT NOTICE 1 DISCLAIMER The information contained in this document (Presentation) has been prepared by Kodal Minerals plc

694 views • 15 slides
Best Practices Green Business Area in Mali Enabling Enterprise Development: A Selection of Best

Best Practices Green Business Area in Mali Enabling Enterprise Development: A Selection of Best

Best Practices Green Business Area in Mali Enabling Enterprise Development: A Selection of Best Practices in Harnessing Distributed Energy for Productive Uses (Webinar) Jean BILLANT ECODEV programme officer | January 2017 GERES and Sustainable

118 views • 9 slides
Extensible Programming and Modeling Languages Ted Kaminski, Yogesh Mali, August Schwerdfeger and

Extensible Programming and Modeling Languages Ted Kaminski, Yogesh Mali, August Schwerdfeger and

Extensible Programming and Modeling Languages Ted Kaminski, Yogesh Mali, August Schwerdfeger and Eric Van Wyk University of Minnesota September 20, 2012, Lund, Sweden Page 1 Languages are not monolithic. But most language tools

458 views • 24 slides
in Mali - West Africa 26 th May 2016 INVESTOR PRESENTATION (ASX: OKU) Disclaimer The material in

in Mali - West Africa 26 th May 2016 INVESTOR PRESENTATION (ASX: OKU) Disclaimer The material in

Building a Gold Company in Mali - West Africa 26 th May 2016 INVESTOR PRESENTATION (ASX: OKU) Disclaimer The material in this presentation (material) is not and does not constitute an offer, invitation or recommendation to subscribe for, or

407 views • 19 slides
Challenges for the Center of Mali 1. Inner Niger Delta Setting the stage 2. Water Resource

Challenges for the Center of Mali 1. Inner Niger Delta Setting the stage 2. Water Resource

Challenges for the Center of Mali 1. Inner Niger Delta Setting the stage 2. Water Resource Conflicts: Inappropriate conflict management Intensification of violence The rise of inter-community violence 3. Development plans

290 views • 13 slides
OMVS : a successful example of water cooperation (Guinea, Mali, Mauritania, Senegal) Entebbe,

OMVS : a successful example of water cooperation (Guinea, Mali, Mauritania, Senegal) Entebbe,

OMVS : a successful example of water cooperation (Guinea, Mali, Mauritania, Senegal) Entebbe, August 2016 Presented by: Aminata DIOP, OMVS Head of External Funding Division ORIGINALITY OF OMVS EXPERIENCE OMVS Missions Created on March 11,

740 views • 18 slides
randomized computation Sometimes randomness helps in computation. randomized computation Augment

randomized computation Sometimes randomness helps in computation. randomized computation Augment

randomized computation Sometimes randomness helps in computation. randomized computation Augment our usual Turing machines with a read-only tape of random bits . start 0 2 accept 1 # # 0 1 1 0

736 views • 24 slides
Massively Parallel Computation Philip Bille Sequential Computation Computation. Read and

Massively Parallel Computation Philip Bille Sequential Computation Computation. Read and

Massively Parallel Computation Philip Bille Sequential Computation Computation. Read and write in storage Arithmetic and boolean operations Control-flow (if-then-else, while-do, ..) Scalability. Massive data. 001111 E

337 views • 23 slides
A NEW MALI GOLD EXPLORER MAY 2019 DISCLAIMER AND COMPETENT PERSONS STATEMENTS This

A NEW MALI GOLD EXPLORER MAY 2019 DISCLAIMER AND COMPETENT PERSONS STATEMENTS This

A NEW MALI GOLD EXPLORER MAY 2019 DISCLAIMER AND COMPETENT PERSONS STATEMENTS This presentation (the Presentation) has been prepared by Indiana Resources Limited (Indiana). No party other than Indi ana has authorised or caused

412 views • 16 slides
Transnational practices of Malians living in France and health system in Mali The 15th Emerging

Transnational practices of Malians living in France and health system in Mali The 15th Emerging

Claire Boulanger MIGRINTER, Poitiers, FRANCE PhD Student CEDEM, Lige, BELGIUM Transnational practices of Malians living in France and health system in Mali The 15th Emerging New Research in the Geography of Health and Impairment Conference

282 views • 12 slides
Mali Impact of the gold price on exploration and production JMP Conference November 2019 1

Mali Impact of the gold price on exploration and production JMP Conference November 2019 1

Mali Impact of the gold price on exploration and production JMP Conference November 2019 1 Cautionary Statement on Forward Looking Information Certain information contained in this presentation, including any information as to Barricks

314 views • 20 slides
Mathematical Structure of Computation What is computation? Great Ideas in Computing

Mathematical Structure of Computation What is computation? Great Ideas in Computing

Mathematical Structure of Computation What is computation? Great Ideas in Computing Complexity Theory Richard Anderson Churchs Thesis all forms of computation are equivalent University of Washington July 1, 2008 IUCEE:

191 views • 3 slides
A NEW MALI GOLD EXPLORER OCTOBER 2019 DISCLAIMER AND COMPETENT PERSONS STATEMENTS This

A NEW MALI GOLD EXPLORER OCTOBER 2019 DISCLAIMER AND COMPETENT PERSONS STATEMENTS This

A NEW MALI GOLD EXPLORER OCTOBER 2019 DISCLAIMER AND COMPETENT PERSONS STATEMENTS This presentation (the Presentation) has been prepared by Indiana Resources Limited (Indiana). No party other than Indi ana has authorised or

548 views • 13 slides

More recommend