two round information theoretic mpc with malicious
play

Two Round Information-Theoretic MPC with Malicious Security - PowerPoint PPT Presentation

Jan 19, 2024 •221 likes •925 views

Two Round Information-Theoretic MPC with Malicious Security Prabhanjan Ananth Arka Rai Choudhuri Aarushi Goel Abhishek Jain TPMPC 2019 Adversarial Model Adversarial Model Malicious Adversary Adversarial Model Malicious Adversary

  1. Two Round Information-Theoretic MPC with Malicious Security Prabhanjan Ananth Arka Rai Choudhuri Aarushi Goel Abhishek Jain TPMPC 2019

  2. Adversarial Model

  3. Adversarial Model Malicious Adversary

  4. Adversarial Model Malicious Adversary Corrupts < "/2 parties (Honest Majority)

  5. Honest Majority MPC

  6. Honest Majority MPC Information-Theoretic security is possible. [Ben-Or, Goldwasser, Widgerson’88] Typically UC secure Simulation proofs are typically straight-line Round complexity lower bounds for dishonest majority do not apply 4 rounds necessary for dishonest majority in the plain model [Garg- Mukherjee-Pandey-Polychroniadou16] Clean Constructions Use lightweight tools such as garbling and secret-sharing

  7. Honest Majority MPC Information-Theoretic security is possible. [Ben-Or, Goldwasser, Widgerson’88] Typically UC secure Simulation proofs are typically straight-line Round complexity lower bounds for dishonest majority do not apply 4 rounds necessary for dishonest majority in the plain model [Garg- Mukherjee-Pandey-Polychroniadou16] Clean Constructions Use lightweight tools such as garbling and secret-sharing

  8. Honest Majority MPC Information-Theoretic security is possible. [Ben-Or, Goldwasser, Widgerson’88] Typically UC secure Simulation proofs are typically straight-line Round complexity lower bounds for dishonest majority do not apply 4 rounds necessary for dishonest majority in the plain model [Garg- Mukherjee-Pandey-Polychroniadou16] Clean Constructions Use lightweight tools such as garbling and secret-sharing

  9. Honest Majority MPC Information-Theoretic security is possible. [Ben-Or, Goldwasser, Widgerson’88] Typically UC secure Simulation proofs are typically straight-line Round complexity lower bounds for dishonest majority do not apply 4 rounds necessary for dishonest majority in the plain model [Garg- Mukherjee-Pandey-Polychroniadou16] Clean Constructions Use lightweight tools such as garbling and secret-sharing

  10. Honest Majority MPC: Applications Useful for constructing efficient ZK-protocols.

  11. Honest Majority MPC: Applications (Courtesy: Sergey Gorbunov’s talk)

  12. History of IT-MPC Round Class of Corruption Adversary Complexity Functions Threshold [BGW’88] > # of P/Poly t<n/2 Malicious multiplications [BB’89, IK’00, constant NC 1 t<n/2 Malicious AIK’06] [IKP’10] 2 NC 1 t<n/3 Malicious Security with selective abort [GIS’18, ABT’18] 2 NC 1 t<n/2 Semi-honest

  13. Our Results Round Complexity Class of Functions Corruption Threshold Adversary 2 NC 1 t<n/2 Malicious Security with Abort over Broadcast + P2P Security with Selective Abort over P2P

  14. Our Results Round Complexity Class of Functions Corruption Threshold Adversary 2 NC 1 t<n/2 Malicious Security with Abort over Concurrent Work [ABT19] Broadcast + P2P Consider security with selective abort. Security with Selective Abort over P2P

  15. This Talk Round Complexity Class of Functions Corruption Threshold Adversary 2 NC 1 t<n/2 Malicious Security with Abort over Broadcast + P2P Security with Selective Abort over P2P

  16. Our Strategy Round 2 Round IT-MPC Compression Constant Round IT-MPC (Privacy with Knowledge of (Security with Abort) Outputs) Broadcast + P2P Broadcast + P2P Security Upgrade 2 Round IT-MPC (Security with Abort) Broadcast + P2P

  17. Security with Abort Party 2 ! Trusted Party Party 1 Party 3

  18. Security with Abort ! 2 ! 1 Party 2 % ! 3 Trusted Party Party 1 Party 3

  19. Security with Abort ! 2 ! 1 Party 2 % = '(! 1, ! 2, ! 3 ) ' ! 3 Trusted Party Party 1 Party 3

  20. Security with Abort ! 2 ! 1 Party 2 % = '(! 1, ! 2, ! 3 ) ' ! 3 %’ = % ,- ⊥ Trusted Party Party 1 Party 3

  21. Security with Abort ! 2 ! 1 %’ Party 2 % = '(! 1, ! 2, ! 3 ) ' ! 3 %’ = % ,- ⊥ Trusted Party Party 1 %’ Party 3

  22. Security with Abort Privacy ! 2 and ! 3 remain hidden $

  23. Security with Abort Privacy ! 2 and ! 3 remain hidden $ Output Correctness Honest Parties either output $ ! % , ! ' , ! ( or ⊥

  24. Privacy with Knowledge of Outputs Privacy ! 2 and ! 3 remain hidden $ Output Correctness Honest Parties either output $ ! % , ! ' , ! ( or ⊥

  25. First Step Round 2 Round IT-MPC Compression Constant Round IT-MPC (Privacy with Knowledge of (Security with Abort) Outputs) Broadcast + P2P Broadcast + P2P Security Upgrade 2 Round IT-MPC (Security with Abort) Broadcast + P2P

  26. Using Signed Outputs [IKP10] " 1 & = ! (" ) , " + , " , ) ! " 2 " 3

  27. Using Signed Outputs [IKP10] * = ! (# ( , # - , # . ) # 1 , &' ( , )' ( (&' (, 0 ( = 1234 (*, )' 1 )) !′ # - , &' - , )' - (&' -, 0 - = 1234 (*, )' - )) # . , &' . , )' . (&' ., 0 . = 1234 (*, )' . ))

  28. Security with abort: Using Signed Outputs ! " , $% " , &% " -./01'(', ( ) , $% ) ) ', ( ) , $% ) , ( " , $% " , (( + , $% + ) -./01'(', ( " , $% " ) 1 ’ -./01'(', ( + , $% + ) Party 2 Trusted Party

  29. Security with abort: Using Signed Outputs ! " , $% " , &% " ./01-'(', ( ) , $% ) ) ', ( ) , $% ) , ( " , $% " , (( + , $% + ) ./01-'(', ( " , $% " ) - ’ ./01-'(', ( + , $% + ) Party 2 Trusted Party Accept if all 3 verify

  30. Security with abort: Using Signed Outputs ! " , $% " , &% " ./01-'(', ( ) , $% ) ) Digital signatures require one-way functions ', ( ) , $% ) , ( " , $% " , (( + , $% + ) ./01-'(', ( " , $% " ) - ’ ./01-'(', ( + , $% + ) Party 2 Trusted Party Accept if all 3 verify

  31. Security with abort: Using Signed Outputs ! " , $% " , &% " ./01-'(', ( ) , $% ) ) Digital signatures require one-way functions ', ( ) , $% ) , ( " , $% " , (( + , $% + ) ./01-'(', ( " , $% " ) MACs are not sufficient - ’ ./01-'(', ( + , $% + ) Party 2 Trusted Party Accept if all 3 verify

  32. Security with abort: Using Signed Outputs ! " , $% " , &% " ./01-'(', ( ) , $% ) ) Digital signatures require one-way functions ', ( ) , $% ) , ( " , $% " , (( + , $% + ) ./01-'(', ( " , $% " ) MACs are not sufficient - ’ ./01-'(', ( + , $% + ) Party 2 Trusted Party How can we do it information theoretically? Accept if all 3 verify

  33. Our Tool: Multi-Key MAC ! " ! # ! $ %

  34. Our Tool: Multi-Key MAC + , + - + . ) ! = #. %&'( ), + , , + - , + .

  35. Our Tool: Multi-Key MAC ! ! ! ) ! = #. %&'( ), + , , + - , + .

  36. Our Tool: Multi-Key MAC !. #$%&'( (*, ,, - . ) , , !. #$%&'( (*, ,, - 0 ) , * !. #$%&'( (*, ,, - 1 ) , = !. 3&45 *, - . , - 0 , - 1

  37. Our Tool: Multi-Key MAC (Correctness) !. #$%&'( (*, ,, - . ) YES , , !. #$%&'( (*, ,, - 0 ) YES , * !. #$%&'( (*, ,, - 1 ) , = !. 3&45 *, - . , - 0 , - 1 YES

  38. Our Tool: Multi-Key MAC (Security) " . & ! , " # , " % & = (. *+,- !, " . , " # , " %

  39. Our Tool: Multi-Key MAC (Security) " . ! / , & ’ & " # ! , " # , " % (. 012+34 (!′, &′, " # ) & = (. *+,- !, " . , " # , " % NO

  40. Our Tool: Multi-Key MAC (Security) An adversary cannot output any valid " , message-signature pair other than the ! - , & ’ & one it received " # ! , " # , " % .. 012)34 (!′, &′, " # ) & = ()*+ !, " , , " # , " % NO

  41. Security with Abort: Using Multi-Key MAC # 1 , & ' ( = ! (# ' , # + , # , ) !′ # + , & + . = /. 1234 ((, & 1 , & 2 , & 3 ) # , , & ,

  42. Security with Abort: Using Multi-Key MAC ! " , $ " '. )*+,-%(%, &, $ " ) %, & - ’ Trusted Party Party 2

  43. Security with abort: Using Multi-Key MAC ( , , * , ( - , * - !, # !, # %′ Honest Party 3 Trusted Party Honest Party 2 IF !, # = %′((( ) * ) ), (( , , * , ), (( - , * - ))

  44. Security with abort: Using Multi-Key MAC 0 - , , - 0 / , , / (, + (, + '′ Honest Party 3 Trusted Party Honest Party 2 IF (, + = '′((0 3 , 3 ), (0 - , , - ), (0 / , , / )) !. #$%&'(((, +, , - ) !. #$%&'(((, +, , / ) YES YES

  45. Security with abort: Using Multi-Key MAC ! " , $ " ! ' , $ ' %, & %, & )′ Honest Party 3 Trusted Party Honest Party 2 IF %, & ≠ )′((! , $ , ), (! " , $ " ), (! ' , $ ' ))

  46. Security with abort: Using Multi-Key MAC ! " , $ " ! ' , $ ' %, & %, & .′ Honest Party 3 Trusted Party Honest Party 2 Honest Party 2 IF %, & ≠ .′((! 3 $ 3 ), (! " , $ " ), (! ' , $ ' )) (. *+,-.%(%, &, $ " ) (. *+,-.%(%, &, $ ' ) NO NO

  47. Recall: Our Strategy Round 2 Round IT-MPC Compression Constant Round IT-MPC (Privacy with Knowledge of (Security with Abort) Outputs) Broadcast + P2P Broadcast + P2P Security Using Multi-Key MAC Upgrade 2 Round IT-MPC (Security with Abort) Broadcast + P2P

  48. Second Step Round 2 Round IT-MPC Compression Constant Round IT-MPC (Privacy with Knowledge of (Security with Abort) Outputs) Broadcast + P2P Broadcast + P2P Security Using Multi-Key MAC Upgrade 2 Round IT-MPC (Security with Abort) Broadcast + P2P

Recommend

Two Round Information-Theoretic MPC with Malicious Security Prabhanjan Ananth Arka Rai

Two Round Information-Theoretic MPC with Malicious Security Prabhanjan Ananth Arka Rai

Two Round Information-Theoretic MPC with Malicious Security Prabhanjan Ananth Arka Rai Choudhuri Aarushi Goel Abhishek Jain EUROCRYPT 2019 Adversarial Model Adversarial Model Malicious Adversary Adversarial Model Malicious Adversary

1.11k views • 57 slides
Security in Malicious Environments: NSF Programs in Information-Theoretic Network Security Phil

Security in Malicious Environments: NSF Programs in Information-Theoretic Network Security Phil

Background Classical Tools Beyond Cryptography NSF Security in Malicious Environments: NSF Programs in Information-Theoretic Network Security Phil Regalia Program Director Directorate for Computer &amp; Information Science &amp; Engineering

552 views • 36 slides
INFORMATION-THEORETIC SECURITY INFORMATION-THEORETIC SECURITY Lecture 2 - Elements of Information

INFORMATION-THEORETIC SECURITY INFORMATION-THEORETIC SECURITY Lecture 2 - Elements of Information

INFORMATION-THEORETIC SECURITY INFORMATION-THEORETIC SECURITY Lecture 2 - Elements of Information Theory Matthieu Bloch December 3, 2019 1 TOOLS: TOOLS: CONCENTRATION INEQUALITIES CONCENTRATION INEQUALITIES Lemma (Markov's inequality) Let

340 views • 14 slides
INFORMATION-THEORETIC SECURITY INFORMATION-THEORETIC SECURITY Lecture 4 - Elements of Information

INFORMATION-THEORETIC SECURITY INFORMATION-THEORETIC SECURITY Lecture 4 - Elements of Information

INFORMATION-THEORETIC SECURITY INFORMATION-THEORETIC SECURITY Lecture 4 - Elements of Information Theory Matthieu Bloch December 5, 2019 1 SOURCE CODING SOURCE CODING One-shot source coding with side information Coding consists of encoder

237 views • 6 slides
INFORMATION-THEORETIC SECURITY INFORMATION-THEORETIC SECURITY Lecture 1 - Elements of Information

INFORMATION-THEORETIC SECURITY INFORMATION-THEORETIC SECURITY Lecture 1 - Elements of Information

INFORMATION-THEORETIC SECURITY INFORMATION-THEORETIC SECURITY Lecture 1 - Elements of Information Theory Matthieu Bloch December 2, 2019 1 CONTEXT AND OBJECTIVES CONTEXT AND OBJECTIVES Context Security is an increasingly problematic

480 views • 27 slides
XCPs Performance in the Presence of Malicious Flows Dina Katabi dk@mit.edu How does XCP

XCPs Performance in the Presence of Malicious Flows Dina Katabi dk@mit.edu How does XCP

XCPs Performance in the Presence of Malicious Flows Dina Katabi dk@mit.edu How does XCP Work? Round Trip Time Round Trip Time Throughput Throughput Feedback Feedback = Feedback + 0.5 packet/sec Congestion Header How does XCP Work?

548 views • 12 slides
Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu

Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu

Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu mihai@cs.wisc.edu 10 March 2005 What is Malicious Code? What is Malicious Code? Viruses, worms, trojans, Code that breaks your security policy.

1.16k views • 94 slides
Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu

Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu

Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu mihai@cs.wisc.edu 23 March 2006 What is Malicious Code? What is Malicious Code? Viruses, worms, trojans, Code that breaks your security policy.

707 views • 69 slides
Toy Example Toy Example Toy Example Toy Example Toy Example D 1 weak classifiers = vertical or

Toy Example Toy Example Toy Example Toy Example Toy Example D 1 weak classifiers = vertical or

Toy Example Toy Example Toy Example Toy Example Toy Example D 1 weak classifiers = vertical or horizontal half-planes Round 1 Round 1 Round 1 Round 1 Round 1 h 1 D 2 &quot; 1 =0.30 ! =0.42 1 Round 2 Round 2 Round 2 Round 2 Round

188 views • 5 slides
Information-Theoretic approaches to Information Flow Catuscia Palamidessi INRIA Saclay &amp;

Information-Theoretic approaches to Information Flow Catuscia Palamidessi INRIA Saclay &amp;

Information-Theoretic approaches to Information Flow Catuscia Palamidessi INRIA Saclay &amp; Ecole Polytechnique based on joint work with Mrio S. Alvim and Miguel E. Andrs Pnuelis memorial, 9 May 2010 1 The problem Control the

488 views • 19 slides
Loo ooking g into Ma o Malicious I Insider ers JPCERT/CC Koichiro Sparky Komiyama First

Loo ooking g into Ma o Malicious I Insider ers JPCERT/CC Koichiro Sparky Komiyama First

Loo ooking g into Ma o Malicious I Insider ers JPCERT/CC Koichiro Sparky Komiyama First Conference, Vienna Agenda Background Previous work Information leakage by malicious insider Our Research How to prevent 2 Insider

335 views • 30 slides
2015 Grant Round Information Session Agenda Introduction 2015 Grant Round Elements and

2015 Grant Round Information Session Agenda Introduction 2015 Grant Round Elements and

2015 Grant Round Information Session Agenda Introduction 2015 Grant Round Elements and Process What makes a good application/Tips for applying Questions Who We Are: Over Sixty Years of Community Philanthropy in the Geelong

614 views • 22 slides
2014 Grant Round Information Session Agenda Introduction 2014 Grant Round Changes/What

2014 Grant Round Information Session Agenda Introduction 2014 Grant Round Changes/What

2014 Grant Round Information Session Agenda Introduction 2014 Grant Round Changes/What Remains the same Tips for applying Questions Introduction: Who We Are Formed in 1954 as the Geelong and District Community Chest,

319 views • 20 slides
3. Information-Theoretic Foundations Founder: Claude Shannon, 1940s Gives bounds for:

3. Information-Theoretic Foundations Founder: Claude Shannon, 1940s Gives bounds for:

3. Information-Theoretic Foundations Founder: Claude Shannon, 1940s Gives bounds for: Ultimate data compression Ultimate transmission rate of communication Measure of symbol information: Degree of surprise / uncertainty

758 views • 13 slides
Information Theoretic Security S ennur Ulukus Department of ECE University of Maryland

Information Theoretic Security S ennur Ulukus Department of ECE University of Maryland

Information Theoretic Security S ennur Ulukus Department of ECE University of Maryland ulukus@umd.edu Joint work with Raef Bassily, Ersen Ekrem, Nan Liu, Shabnam Shafiee. 2012 European School of Information Theory April 2012

1.56k views • 129 slides
PE-Miner : Mining Structural Information to Detect Malicious Executables in Realtime M. Zubair

PE-Miner : Mining Structural Information to Detect Malicious Executables in Realtime M. Zubair

PE-Miner : Mining Structural Information to Detect Malicious Executables in Realtime M. Zubair Shafiq, S. Momina Tabish, Fauzan Mirza, Muddassar Farooq RAID,2009

881 views • 36 slides
Coded Modulation An Information-Theoretic Perspective Young-Han Kim http://young-han.kim

Coded Modulation An Information-Theoretic Perspective Young-Han Kim http://young-han.kim

Coded Modulation An Information-Theoretic Perspective Young-Han Kim http://young-han.kim Department of ECE UC San Diego Annual ACC Workshop Tel Aviv University January , Information theory of point-to-point communication

1.58k views • 121 slides
Information-theoretic Planck scale cutoff: Predictions for the CMB Achim Kempf With: A.

Information-theoretic Planck scale cutoff: Predictions for the CMB Achim Kempf With: A.

Information-theoretic Planck scale cutoff: Predictions for the CMB Achim Kempf With: A. Chatwin-Davies (CalTech), R. Martin (U. Cape Town) Departments of Applied Mathematics and Physics Institute for Quantum Computing, University of Waterloo

349 views • 33 slides
Malicious Software Countermeasures Summary ITS335: IT Security Sirindhorn International

Malicious Software Countermeasures Summary ITS335: IT Security Sirindhorn International

ITS335 Malicious Software Malicious Software Propagation Payload Malicious Software Countermeasures Summary ITS335: IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 25 October

673 views • 30 slides
On the Approximability of Information Theoretic Clustering Ferdiando Cicalese, U. Verona Eduardo

On the Approximability of Information Theoretic Clustering Ferdiando Cicalese, U. Verona Eduardo

1 H(X) 0,75 0,5 0,25 0 0,25 0,5 0,75 1 On the Approximability of Information Theoretic Clustering Ferdiando Cicalese, U. Verona Eduardo Laber, PUC-RIO Lucas Murtinho, PUC-RIO POSTER 165, Pacific Ballroom Impurity Measures Maps a

340 views • 15 slides
ORDER-THEORETIC INVARIANTS IN SET-THEORETIC TOPOLOGY By David Milovich A dissertation submitted

ORDER-THEORETIC INVARIANTS IN SET-THEORETIC TOPOLOGY By David Milovich A dissertation submitted

ORDER-THEORETIC INVARIANTS IN SET-THEORETIC TOPOLOGY By David Milovich A dissertation submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy (Mathematics) at the UNIVERSITY OF WISCONSIN MADISON 2009

2.02k views • 174 slides
Can quantum theory be characterized in terms of information-theoretic constraints? Chris Heunen

Can quantum theory be characterized in terms of information-theoretic constraints? Chris Heunen

Can quantum theory be characterized in terms of information-theoretic constraints? Chris Heunen Aleks Kissinger arXiv.org:1604.05948 1 / 33 Information, physics, quantum: the search for links Complexity, Entropy, and the Physics of

759 views • 41 slides
Finding Periodicities in Astronomical Light Curves using Information Theoretic Learning Pablo

Finding Periodicities in Astronomical Light Curves using Information Theoretic Learning Pablo

Finding Periodicities in Astronomical Light Curves using Information Theoretic Learning Pablo Huijse H. Department of Electrical Engineering Universidad de Chile Joint work with: Pavlos Protopapas, Harvard University Jose Pr ncipe,

454 views • 17 slides
An Information-Theoretic Approach to Detecting Changes in Multi-Dimensional Data Streams Auth

An Information-Theoretic Approach to Detecting Changes in Multi-Dimensional Data Streams Auth

An Information-Theoretic Approach to Detecting Changes in Multi-Dimensional Data Streams Auth thors: Presentatio ion: Dasu, T., Krishnan, S., Vincent Chu Venkatasubramanian, S., 22 November 2017 &amp; Yi, K. (2006). Content Introduction

513 views • 48 slides

More recommend