fast distributed rsa key generation for fast distributed
play

FAST DISTRIBUTED RSA KEY GENERATION FOR FAST DISTRIBUTED RSA KEY - PowerPoint PPT Presentation

Oct 05, 2023 •192 likes •458 views

Making malicious security orders of magnitude more efficient than previous efficient than previous FAST DISTRIBUTED RSA KEY GENERATION FOR FAST DISTRIBUTED RSA KEY GENERATION FOR semi-honest SEMI-HONEST AND MALICIOUS ADVERSARIES Tore

  1. Making malicious security orders of magnitude more efficient than previous efficient than previous FAST DISTRIBUTED RSA KEY GENERATION FOR FAST DISTRIBUTED RSA KEY GENERATION FOR semi-honest SEMI-HONEST AND MALICIOUS ADVERSARIES Tore Frederiksen 3 , Yehuda Lindell 1,2 , Valery Osheter 2 , Benny Pinkas 1 15 min vs. 41 sec 15 min vs. 41 sec 3: 1: 2:

  2. OUTLINE • Introduction • Semi-honest construction • Malicious construction • Efficiency • Conclusion • Conclusion 06-10-2018 Page 2

  3. INTRODUCTION – PUBLIC KEY ENCRYPTION m m 06-10-2018 Page 3

  4. INTRODUCTION – DISTRIBUTED PKE m 06-10-2018 Page 4

  5. INTRODUCTION – MOTIVATION • Sometimes it can also be used for distributed signature schemes schemes – Which is an end in itself • Relevant for MPC protocols – CDN01, semi-homomorphic PKE – DPSZ12, somewhat-homomorphic PKE – DPSZ12, somewhat-homomorphic PKE • Cloud based key management – – 06-10-2018 Page 5

  6. INTRODUCTION – RSA • 06-10-2018 Page 6

  7. INTRODUCTION – DISTRIBUTED RSA • 06-10-2018 Page 7

  8. INTRODUCTION – DISTRIBUTED RSA • 06-10-2018 Page 8

  9. INTRODUCTION – INTUITION Candidate generation Candidate generation Construct modulus Verify modulus Construct keys 06-10-2018 Page 9

  10. OUTLINE • Introduction • Semi-honest construction • Malicious construction • Efficiency • Conclusion • Conclusion 06-10-2018 Page 10

  11. SEMI-HONEST – CANDIDATE GENERATION • 06-10-2018 Page 11

  12. SEMI-HONEST – CONSTRUCT MODULUS • 06-10-2018 Page 12

  13. SEMI-HONEST – VERIFY MODULUS • Biprimality test [BF01] False positive positive prob ½ Repeat 06-10-2018 Page 14

  14. SEMI-HONEST – CONSTRUCT KEYS • 06-10-2018 Page 16

  15. OUTLINE • Introduction • Semi-honest construction • Malicious construction • Efficiency • Conclusion • Conclusion 06-10-2018 Page 17

  16. MALICIOUS – IDEA • Allow adversary to fail good candidates • Accepted key must be “good” without leakage • Accepted key must be “good” without leakage • Selective failure prevention • Input consistency • Correctness of biprimality • Correctness of biprimality 06-10-2018 Page 18

  17. MALICIOUS – STEPS • Selective failure prevention – Do OT on random, linear encoding – Do OT on random, linear encoding – Use linearity to obtain correct product – Randomness ensures leakage on encoding does not leak on input • Input consistency – Commitments based on AES encryption – Zero-knowledge of correct encryption – Very efficient commit-many-open-few – Very efficient commit-many-open-few • Correctness of biprimality (zero-knowledge) – Almost standard proof-of-knowledge of discrete log – Few “commitments” on top to ensure composability 06-10-2018 Page 19

  18. MALICIOUS – CONSISTENCY • “Commitment” by encrypting using AES • Efficient commit-many-open-few 06-10-2018 Page 21

  19. MALICIOUS – VERIFY MODULUS 06-10-2018 Page 22

  20. MALICIOUS – VERIFY MODULUS Zero-knowledge 06-10-2018 Page 23

  21. OUTLINE • Introduction • Semi-honest construction • Malicious construction • Efficiency • Conclusion • Conclusion 06-10-2018 Page 24

  22. EFFICIENCY – IMPLEMENTATION 2048 RSA • 06-10-2018 Page 26

  23. IMPLEMENTATION – EXPERIMENTS Malicious! • Azure using multi-threaded Xeon machine • Single-thread min 56, max 598, average 182 seconds • 8-thread, average 41 seconds • Best previous 15 minutes for semi-honest [HMR+12] Phase Percentage Candidate generation 10 Construct modulus Construct modulus 55 55 Verify modulus 6 Zero-knowledge 16* Other 13 06-10-2018 Page 27

  24. OUTLINE • Introduction • Semi-honest construction • Malicious construction • Efficiency • Conclusion • Conclusion 06-10-2018 Page 28

  25. CONCLUSION • New protocol for malicious distributed RSA generation – Malicious security almost for free – Malicious security almost for free – No specific number theoretic assumptions – Implementation • New efficient commit-many-open-few protocol • Effective selective failure prevention for multiplication using OT 06-10-2018 Page 29

  26. Thank you for your attention! Tore Frederiksen Cryptography Engineer tore.frederiksen@alexandra.dk Cutting-edge IT research and technology

Recommend

Sol Fast Distributed Computation Over Slow Networks Fan Lai , Jie You, Xiangfeng Zhu Harsha V.

Sol Fast Distributed Computation Over Slow Networks Fan Lai , Jie You, Xiangfeng Zhu Harsha V.

Sol Fast Distributed Computation Over Slow Networks Fan Lai , Jie You, Xiangfeng Zhu Harsha V. Madhyastha, Mosharaf Chowdhury 1 Distributed Data Processing is Ubiquitous Distributed computation in Local-Area Networks (LAN) To accelerate

1.92k views • 77 slides
Nimbus: Running Fast, Distributed Computations with Execution Templates Omid Mashayekhi

Nimbus: Running Fast, Distributed Computations with Execution Templates Omid Mashayekhi

Nimbus: Running Fast, Distributed Computations with Execution Templates Omid Mashayekhi (omidm@stanford.edu) Hang Qu Chinmayee Shah Philip Levis February 2016 Nimbus: Running Fast, Distributed Computations with Execution Templates Omid

303 views • 8 slides
A Distributed Multi-GPU System for Fast Graph Processing Z. Jia, Y. Kwon, G. Shipman, P.

A Distributed Multi-GPU System for Fast Graph Processing Z. Jia, Y. Kwon, G. Shipman, P.

A Distributed Multi-GPU System for Fast Graph Processing Z. Jia, Y. Kwon, G. Shipman, P. McCormick, M. Erez, A. Aiken Presented by Oliver Hope 1 / 11 What is Lux? / Contributions of paper Computational Model: 2 execution models A dynamic

354 views • 11 slides
Distributed Fusion in Sensor Distributed Fusion in Sensor Networks Networks Jie Gao Computer

Distributed Fusion in Sensor Distributed Fusion in Sensor Networks Networks Jie Gao Computer

Distributed Fusion in Sensor Distributed Fusion in Sensor Networks Networks Jie Gao Computer Science Department Stony Brook University Papers Papers [Xiao04] Lin Xiao, Stephen Boyd, Fast Linear Iterations for Distributed Averaging ,

659 views • 50 slides
Fast Distributed Process Creation with the XMOS XS1 Architecture James Hanlon Department of

Fast Distributed Process Creation with the XMOS XS1 Architecture James Hanlon Department of

Fast Distributed Process Creation with the XMOS XS1 Architecture James Hanlon Department of Computer Science University of Bristol, UK 20 th June 2011 Introduction Processors as a resource Scalable parallel programming Contributions

597 views • 25 slides
Fast Algorithms for Distributed Optimization over Time-varying Graphs Angelia.Nedich@asu.edu

Fast Algorithms for Distributed Optimization over Time-varying Graphs Angelia.Nedich@asu.edu

Fast Algorithms for Distributed Optimization over Time-varying Graphs Angelia.Nedich@asu.edu School of Electrical, Computer, and Energy Engineering Arizona State University at Tempe Collaborative work with Wei (Wilbur) Shi and Alexander

701 views • 41 slides
Fast and Generic Collectives for Distributed ML Guanhua Wang , Shivaram Venkataraman, Amar

Fast and Generic Collectives for Distributed ML Guanhua Wang , Shivaram Venkataraman, Amar

Fast and Generic Collectives for Distributed ML Guanhua Wang , Shivaram Venkataraman, Amar Phanishayee Jorgen Thelin, Nikhil R. Devanur, Ion Stoica 1 DNNs empower state-of-the-art results across many different applications Image Classification

1.02k views • 84 slides
Distributed Fast Multiple Method Hao Gao CS598 APK Dec 13, 2017 Why FMM? Direct Evaluation

Distributed Fast Multiple Method Hao Gao CS598 APK Dec 13, 2017 Why FMM? Direct Evaluation

Distributed Fast Multiple Method Hao Gao CS598 APK Dec 13, 2017 Why FMM? Direct Evaluation O(MN) too costly for large problem FMM solves this problem in linear time - O(M+N) In this class, used to evaluate layer potentials Idea:

309 views • 12 slides
Fast and Accurate Load Balancing for Geo-Distributed Storage Systems Kirill L. Bogdanov 1 Waleed

Fast and Accurate Load Balancing for Geo-Distributed Storage Systems Kirill L. Bogdanov 1 Waleed

Fast and Accurate Load Balancing for Geo-Distributed Storage Systems Kirill L. Bogdanov 1 Waleed Reda 1,2 Gerald Q. Maguire Jr. 1 Dejan Kostic 1 Marco Canini 3 1 KTH Royal Institute of Technology 2 Universit Catholique de Louvain 3 KAUST

959 views • 33 slides
Fast distributed approximation algorithms for vertex cover and set cover in anonymous networks

Fast distributed approximation algorithms for vertex cover and set cover in anonymous networks

Fast distributed approximation algorithms for vertex cover and set cover in anonymous networks Jukka Suomela Helsinki Institute for Information Technology HIIT University of Helsinki, Finland Braunschweig, 29 November 2010 3 1378 Joint

630 views • 47 slides
Piccolo: Building fast distributed programs with partitioned tables Russell Power Jinyang Li

Piccolo: Building fast distributed programs with partitioned tables Russell Power Jinyang Li

Piccolo: Building fast distributed programs with partitioned tables Russell Power Jinyang Li New York University Motivating Example: PageRank for each node X in graph: Repeat until for each edge X Z: convergence next[Z] += curr[X] Fits

649 views • 32 slides
Asynchronous Logging and Fast Recovery for a Large-Scale Distributed In-Memory Storage Kevin

Asynchronous Logging and Fast Recovery for a Large-Scale Distributed In-Memory Storage Kevin

Asynchronous Logging and Fast Recovery for a Large-Scale Distributed In-Memory Storage Kevin Beineke, Florian Klein, Michael Schttner Institut fr Informatik, Heinrich-Heine-Universitt Dsseldorf Outline Motivation The In-Memory

323 views • 21 slides
Temporally Distributed Networks for Fast Video Semantic Segmentation Ping Hu 1 Fabian Caba

Temporally Distributed Networks for Fast Video Semantic Segmentation Ping Hu 1 Fabian Caba

Temporally Distributed Networks for Fast Video Semantic Segmentation Ping Hu 1 Fabian Caba Heilbron 2 Oliver Wang 2 Zhe Lin 2 Stan Sclaroff 1 Federico Perazzi 2 1 Boston University 2 Adobe Research Challenge Video Semantic Segmentation frame

984 views • 11 slides
FaSST: Fast, Scalable, and Simple Distributed Transactions with Two-Sided (RDMA) Datagram RPCs

FaSST: Fast, Scalable, and Simple Distributed Transactions with Two-Sided (RDMA) Datagram RPCs

FaSST: Fast, Scalable, and Simple Distributed Transactions with Two-Sided (RDMA) Datagram RPCs Anuj Kalia (CMU) Michael Kaminsky (Intel Labs) David Andersen (CMU) 1 One-slide summary Node 1 Node 2 One-sided (READ) NIC Two-sided (SEND)

236 views • 13 slides
FaSST: Fast, Scalable, and Simple Distributed Transactions with Two-Sided (RDMA) Datagram RPCs

FaSST: Fast, Scalable, and Simple Distributed Transactions with Two-Sided (RDMA) Datagram RPCs

FaSST: Fast, Scalable, and Simple Distributed Transactions with Two-Sided (RDMA) Datagram RPCs Anuj Kalia (CMU), Michael Kaminsky (Intel Labs), David Andersen (CMU) RDMA Modes of communication One-sided RDMA (CPU bypass) RDMA is a

1.05k views • 71 slides
Community Update MST T Fast st Facts cts MST T Fast st Facts cts MST T Fast st Facts

Community Update MST T Fast st Facts cts MST T Fast st Facts cts MST T Fast st Facts

Monter nterey-Sali Salinas nas Transit ansit Community Update MST T Fast st Facts cts MST T Fast st Facts cts MST T Fast st Facts cts MST T Fast ast Facts acts 231,706 miles between preventable accidents 89% on time

198 views • 19 slides
Fault-Tolerance, Fast and Slow: Exploiting Failure Asynchrony in Distributed Systems Ramnatthan

Fault-Tolerance, Fast and Slow: Exploiting Failure Asynchrony in Distributed Systems Ramnatthan

Fault-Tolerance, Fast and Slow: Exploiting Failure Asynchrony in Distributed Systems Ramnatthan Alagappan, Aishwarya Ganesan, Jing Liu, Andrea Arpaci-Dusseau, and Remzi Arpaci-Dusseau Replication Protocols Viewstamped Paxos Raft replication

1.83k views • 144 slides
Overview of Draft Distributed Generation Regulation Mark A. Prettyman Environmental Scientist,

Overview of Draft Distributed Generation Regulation Mark A. Prettyman Environmental Scientist,

Overview of Draft Distributed Generation Regulation Mark A. Prettyman Environmental Scientist, Air Quality Management Distributed Generation Regulation Development Workgroup Meeting June 16, 2004 Distributed Generation Regulation The

691 views • 17 slides
Accurate, Fast and Scalable Kernel Ridge Regression on Parallel and Distributed Systems speaker:

Accurate, Fast and Scalable Kernel Ridge Regression on Parallel and Distributed Systems speaker:

Accurate, Fast and Scalable Kernel Ridge Regression on Parallel and Distributed Systems speaker: Yang You PhD student at UC Berkeley, advised by James Demmel with James Demmel 1 , Cho-Jui Hsieh 2 , and Richard Vuduc 3 1Professor at UC Berkeley

588 views • 48 slides
Fast but Not Loose: Typesafe Clients in a Distributed Service Architecture, a retrospective

Fast but Not Loose: Typesafe Clients in a Distributed Service Architecture, a retrospective

Fast but Not Loose: Typesafe Clients in a Distributed Service Architecture, a retrospective #gotocon #gotoaar #gilttech Eric Bowman @ebowman VP Architecture @ Gilt Groupe ebowman@gilt.com Monday, September 30, 13 Monday, September 30, 13

1.11k views • 86 slides
Fast, Distributed Computa2ons in the Cloud Omid Mashayekhi Advisor: Philip Levis April 7, 2017

Fast, Distributed Computa2ons in the Cloud Omid Mashayekhi Advisor: Philip Levis April 7, 2017

Fast, Distributed Computa2ons in the Cloud Omid Mashayekhi Advisor: Philip Levis April 7, 2017 2 2 Cloud Frameworks Machine Streaming Graph SQL Learning Cloud Framework ... ... ... ... Cloud frameworks abstract away the complexi2es

1.71k views • 123 slides
Fast Crash Recovery in RAMCloud Micha Gregorczyk Based on "Fast Crash Recovery in

Fast Crash Recovery in RAMCloud Micha Gregorczyk Based on "Fast Crash Recovery in

Fast Crash Recovery in RAMCloud Micha Gregorczyk Based on "Fast Crash Recovery in RAMCloud" by D. Ongaro, S.M. Rumble, R. Stutsman, J. Ousterhout, and M. Rosenblum What is RAMCloud? key-value distributed store

261 views • 24 slides
Booster Fast Loss Monitoring PIP Booster Workshop R.J. Tesarek 11/23/15 1 Fast Loss Monitor

Booster Fast Loss Monitoring PIP Booster Workshop R.J. Tesarek 11/23/15 1 Fast Loss Monitor

Booster Fast Loss Monitoring PIP Booster Workshop R.J. Tesarek 11/23/15 1 Fast Loss Monitor Module Fast Loss Monitors: Module Schematic sensitive to losses in single RF bucket (time resolved) 2nd Generation Module Design: 2 PMTs and

637 views • 26 slides
Improvements on Distributed Key Generation Bachelor Project Kopiga Rasiah Responsible

Improvements on Distributed Key Generation Bachelor Project Kopiga Rasiah Responsible

Improvements on Distributed Key Generation Bachelor Project Kopiga Rasiah Responsible Supervisor Bryan Ford Nicolas Gailly 1 Improvements on Distributed Key Generation Objective: Bringing improvements in order to enhance the security of

634 views • 28 slides

More recommend