on the lindell pinkas secure computation of logarithms
play

On the Lindell-Pinkas Secure Computation of Logarithms: From Theory - PowerPoint PPT Presentation

On the Lindell-Pinkas Secure Computation of Logarithms: From Theory to Practice Raphael S. Ryger Onur Kardes Rebecca N. Wright Yale University Stevens Institute of Technology Rutgers University New Haven, CT USA Hoboken, NJ USA Piscataway,


  1. On the Lindell-Pinkas Secure Computation of Logarithms: From Theory to Practice Raphael S. Ryger Onur Kardes Rebecca N. Wright Yale University Stevens Institute of Technology Rutgers University New Haven, CT USA Hoboken, NJ USA Piscataway, NJ USA ryger@cs.yale.edu onur@cs.stevens.edu rebecca.wright@rutgers.edu April 26, 2008 P3DM ’08 Lindell-Pinkas Secure Computation of Logarithms 1 / 21

  2. Overview Introduction Introduction The Lindell-Pinkas ln x protocol The Lindell-Pinkas ln x protocol The division problem The division problem Secure non-integer scaling of shared values Secure non-integer scaling of shared values Implementation and performance Implementation and performance Conclusion Conclusion P3DM ’08 Lindell-Pinkas Secure Computation of Logarithms 2 / 21

  3. A variety of PPDM settings Introduction ? ? ⊲ PPDM settings SMC and PPDM Modular SMC Shares to shares Toward practice Building blocks The Lindell-Pinkas ln x protocol The division problem ? Secure non-integer scaling of shared values ? Implementation and performance Conclusion P3DM ’08 Lindell-Pinkas Secure Computation of Logarithms 3 / 21

  4. SMC and PPDM PPDM dilemmas: Introduction � PPDM settings ⊲ SMC and PPDM what data to expose for analysis; – Modular SMC what analyses to allow . – Shares to shares Toward practice Building blocks Secure multiparty computation – SMC – theoretically � The Lindell-Pinkas ln x protocol eliminates the former, reducing PPDM to the latter. The division problem Generic approaches to achieving SMC are computationally � Secure non-integer scaling of shared expensive for non-trivial algorithms and large amounts of values Implementation and input data, making them impractical for PPDM . performance Conclusion Lindell, Pinkas, 2000: A modular, hybrid SMC approach, � combining building blocks implemented through generic or specialized technologies, can be practical for PPDM ! Lindell, Pinkas, 2000: Logarithm computation, an important � building block, is itself amenable to this approach. P3DM ’08 Lindell-Pinkas Secure Computation of Logarithms 4 / 21

  5. SMC and PPDM PPDM dilemmas: Introduction � PPDM settings ⊲ SMC and PPDM what data to expose for analysis; – Modular SMC what analyses to allow . – Shares to shares Toward practice Building blocks Secure multiparty computation – SMC – theoretically � The Lindell-Pinkas ln x protocol eliminates the former, reducing PPDM to the latter. The division problem Generic approaches to achieving SMC are computationally � Secure non-integer scaling of shared expensive for non-trivial algorithms and large amounts of values Implementation and input data, making them impractical for PPDM . performance Conclusion Lindell, Pinkas, 2000: A modular, hybrid SMC approach, � combining building blocks implemented through generic or specialized technologies, can be practical for PPDM ! Lindell, Pinkas, 2000: Logarithm computation, an important � building block, is itself amenable to this approach. P3DM ’08 Lindell-Pinkas Secure Computation of Logarithms 4 / 21

  6. SMC and PPDM PPDM dilemmas: Introduction � PPDM settings ⊲ SMC and PPDM what data to expose for analysis; – Modular SMC what analyses to allow . – Shares to shares Toward practice Building blocks Secure multiparty computation – SMC – theoretically � The Lindell-Pinkas ln x protocol eliminates the former, reducing PPDM to the latter. The division problem Generic approaches to achieving SMC are computationally � Secure non-integer scaling of shared expensive for non-trivial algorithms and large amounts of values Implementation and input data, making them impractical for PPDM . performance Conclusion Lindell, Pinkas, 2000: A modular, hybrid SMC approach, � combining building blocks implemented through generic or specialized technologies, can be practical for PPDM ! Lindell, Pinkas, 2000: Logarithm computation, an important � building block, is itself amenable to this approach. P3DM ’08 Lindell-Pinkas Secure Computation of Logarithms 4 / 21

  7. SMC and PPDM PPDM dilemmas: Introduction � PPDM settings ⊲ SMC and PPDM what data to expose for analysis; – Modular SMC what analyses to allow . – Shares to shares Toward practice Building blocks Secure multiparty computation – SMC – theoretically � The Lindell-Pinkas ln x protocol eliminates the former, reducing PPDM to the latter. The division problem Generic approaches to achieving SMC are computationally � Secure non-integer scaling of shared expensive for non-trivial algorithms and large amounts of values Implementation and input data, making them impractical for PPDM . performance Conclusion Lindell, Pinkas, 2000: A modular, hybrid SMC approach, � combining building blocks implemented through generic or specialized technologies, can be practical for PPDM ! Lindell, Pinkas, 2000: Logarithm computation, an important � building block, is itself amenable to this approach. P3DM ’08 Lindell-Pinkas Secure Computation of Logarithms 4 / 21

  8. SMC and PPDM PPDM dilemmas: Introduction � PPDM settings ⊲ SMC and PPDM what data to expose for analysis; – Modular SMC what analyses to allow . – Shares to shares Toward practice Building blocks Secure multiparty computation – SMC – theoretically � The Lindell-Pinkas ln x protocol eliminates the former, reducing PPDM to the latter. The division problem Generic approaches to achieving SMC are computationally � Secure non-integer scaling of shared expensive for non-trivial algorithms and large amounts of values Implementation and input data, making them impractical for PPDM . performance Conclusion Lindell, Pinkas, 2000: A modular, hybrid SMC approach, � combining building blocks implemented through generic or specialized technologies, can be practical for PPDM ! Lindell, Pinkas, 2000: Logarithm computation, an important � building block, is itself amenable to this approach. P3DM ’08 Lindell-Pinkas Secure Computation of Logarithms 4 / 21

  9. Monolithic vs. modular SMC Introduction monolithic modular, hybrid PPDM settings scalar product SMC and PPDM ⊲ Modular SMC logarithm Shares to shares phase 1 Toward practice phase 2 Building blocks The Lindell-Pinkas product ln x protocol The division problem Secure non-integer scaling of shared values Implementation and performance Conclusion minindex generic SMC specialized SMC ordinary computation P3DM ’08 Lindell-Pinkas Secure Computation of Logarithms 5 / 21

  10. Shares to shares: the key to modularity with security Introduction ?_1 PPDM settings SMC and PPDM ? Modular SMC ⊲ Shares to shares rand_1 Toward practice Building blocks inter_1 + rand_1 The Lindell-Pinkas ln x protocol ?_2 The division problem − rand_1 inter_1 + rand_1 inter_1 Secure non-integer scaling of shared values rand_2 inter_2 Implementation and performance inter_2 + rand_2 Conclusion ?_3 − rand_2 inter_2 + rand_2 P3DM ’08 Lindell-Pinkas Secure Computation of Logarithms 6 / 21

  11. Toward the Lindell-Pinkas theses in practice Yang, Wright, Kardes, Ryger, Feigenbaum, 2004, 2005, 2006: Introduction � PPDM settings Design and implementation of secure two-party SMC and PPDM Modular SMC Bayes-net structure discovery in arbitrarily Shares to shares ⊲ Toward practice partitioned data. Using ... Building blocks (Increasing available computing power.) The Lindell-Pinkas � ln x protocol The division problem Malkhi, Nissan, Pinkas, Sella, 2004: � Secure non-integer the Fairplay system implementing the Yao 1986 generic scaling of shared values scheme for secure two-pary computation. Implementation and performance A circuit-generation library suitable for use with Fairplay. � Conclusion A development methodology and a coordination framework � for modular multiparty protocols. Implementations of building-block modules ... � P3DM ’08 Lindell-Pinkas Secure Computation of Logarithms 7 / 21

  12. Toward the Lindell-Pinkas theses in practice Yang, Wright, Kardes, Ryger, Feigenbaum, 2004, 2005, 2006: Introduction � PPDM settings Design and implementation of secure two-party SMC and PPDM Modular SMC Bayes-net structure discovery in arbitrarily Shares to shares ⊲ Toward practice partitioned data. Using ... Building blocks (Increasing available computing power.) The Lindell-Pinkas � ln x protocol The division problem Malkhi, Nissan, Pinkas, Sella, 2004: � Secure non-integer the Fairplay system implementing the Yao 1986 generic scaling of shared values scheme for secure two-pary computation. Implementation and performance A circuit-generation library suitable for use with Fairplay. � Conclusion A development methodology and a coordination framework � for modular multiparty protocols. Implementations of building-block modules ... � P3DM ’08 Lindell-Pinkas Secure Computation of Logarithms 7 / 21

Recommend


More recommend