A Domain-Specific Language for Low-Level Secure Multiparty Computation Protocols

Laud, Peeter; Randmets, Jaak

doi:10.1145/2810103.2813664

Cited by 17 publications

(16 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The characteristic vector of an element is a vector , where b x =1 and all other elements are equal to 0. The shared3p protocol set has a simple and efficient protocol for computing characteristic vectors, described in [ 27 ]. The protocol turns a private value into a private characteristic vector.…”

Section: Methodsmentioning

confidence: 99%

“…In our implementation, ⟦ z ′ ⟧ is shared over , hence taking the first 16 bits of it is a local operation, resulting in a value in . The characteristic vector protocol in [ 27 ] is easily adaptable to compute the characteristic vectors of elements of , and its result is a vector over with length 2 B . The computation of the characteristic vector requires communication of two elements of and one element of (in total , not per party).…”

Section: Methodsmentioning

confidence: 99%

See 1 more Smart Citation

Privacy-preserving record linkage in large databases using secure multiparty computation

Laud

Pankova

2018

BMC Med Genomics

Self Cite

View full text Add to dashboard Cite

BackgroundPractical applications for data analysis may require combining multiple databases belonging to different owners, such as health centers. The analysis should be performed without violating privacy of neither the centers themselves, nor the patients whose records these centers store. To avoid biased analysis results, it may be important to remove duplicate records among the centers, so that each patient’s data would be taken into account only once. This task is very closely related to privacy-preserving record linkage.MethodsThis paper presents a solution to privacy-preserving deduplication among records of several databases using secure multiparty computation. It is build upon one of the fastest practical secure multiparty computation platforms, called Sharemind.ResultsThe tests on ca 10 million records of simulated databases with 1000 health centers of 10000 records each show that the computation is feasible in practice. The expected running time of the experiment is ca. 30 min for computing servers connected over 100 Mbit/s WAN, the expected error of the results is 2−40, and no errors have been detected for the particular test set that we used for our benchmarks.ConclusionsThe solution is ready for practical use. It has well-defined security properties, implied by the properties of Sharemind platform. The solution assumes that exact matching of records is required, and a possible future research would be extending it to approximate matching.

show abstract

Section: Methodsmentioning

confidence: 99%

Section: Methodsmentioning

confidence: 99%

Privacy-preserving record linkage in large databases using secure multiparty computation

Laud

Pankova

2018

BMC Med Genomics

Self Cite

View full text Add to dashboard Cite

show abstract

“…This set covers integer, fix-and floating point operations, as well as shuffling the arrays. Almost all these protocols are generated from a clear description of how messages are computed and exchanged between parties [43], which is very similar to the circuits C ij defined in Sec. 3.…”

Section: Methodsmentioning

confidence: 99%

Preprocessing Based Verification of Multiparty Protocols with Honest Majority

Laud

Pankova

Jagomägis

2017

Proceedings on Privacy Enhancing Technologies

Self Cite

View full text Add to dashboard Cite

This paper presents a generic "GMW-style" method for turning passively secure protocols into protocols secure against covert attacks, adding relatively cheap offline preprocessing and post-execution verification phases. Our construction performs best with a small number of parties, and its main benefit is the total cost of the online and the offline phases. In the preprocessing phase, each party generates and shares a sufficient amount of verified multiplication triples that will be later used to assist that party's proof. The execution phase, after which the computed result is already available to the parties, has only negligible overhead that comes from signatures on sent messages. In the postprocessing phase, the verifiers repeat the computation of the prover in secret-shared manner, checking that they obtain the same messages that the prover sent out during execution. The verification preserves the privacy guarantees of the original protocol. It is applicable to protocols doing computations over finite rings, even if the same protocol performs its computation over several distinct rings. We apply our verification method to the Sharemind platform for secure multiparty computations (SMC), evaluate its performance and compare it to other existing SMC platforms offering security against stronger than passive attackers.

show abstract

“…Still, in this paper it only serves to syntactically restrict programs to a form-secret variables are only directly assigned to secret variables, or used as input to sop or declassify operations-compatible with our distributed semantic evaluation rules, where public values can be transparently used as secret ones, but the contrary is not true. 5 b) Leakage analysis: A security type system can serve as a preliminary security analysis. Indeed, if declassify statements are not used (the program has no leakage), it can enforce source-level security for all leakage relations that guarantee equality of public inputs, but says little about security in the presence of leakage.…”

Section: Source-level Security Verificationmentioning

confidence: 99%

Enforcing Ideal-World Leakage Bounds in Real-World Secret Sharing MPC Frameworks

Almeida

Barbosa

Barthe

et al. 2018

2018 IEEE 31st Computer Security Foundations Symposium (CSF)

View full text Add to dashboard Cite

We give a language-based security treatment of domain-specific languages and compilers for secure multi-party computation, a cryptographic paradigm that enables collaborative computation over encrypted data. Computations are specified in a core imperative language, as if they were intended to be executed by a trusted-third party, and formally verified against an information-flow policy modelling (an upper bound to) their leakage. This allows non-experts to assess the impact of performancedriven authorized disclosure of intermediate values. Specifications are then compiled to multi-party protocols. We formalize protocol security using (distributed) probabilistic information-flow and prove security-preserving compilation: protocols only leak what is allowed by the source policy. The proof exploits a natural but previously missing correspondence between simulation-based cryptographic proofs and (composable) probabilistic non-interference. Finally, we extend our framework to justify leakage cancelling, a domain-specific optimization that allows to first write an efficient specification that fails to meet the allowed leakage upper-bound, and then apply a probabilistic preprocessing that brings leakage to the acceptable range.

show abstract

A Domain-Specific Language for Low-Level Secure Multiparty Computation Protocols

Cited by 17 publications

References 35 publications

Privacy-preserving record linkage in large databases using secure multiparty computation

Privacy-preserving record linkage in large databases using secure multiparty computation

Preprocessing Based Verification of Multiparty Protocols with Honest Majority

Enforcing Ideal-World Leakage Bounds in Real-World Secret Sharing MPC Frameworks

Contact Info

Product

Resources

About