Authenticated Garbling and Efficient Maliciously Secure Two-Party Computation

Wang, Xiao; Ranellucci, Samuel; Katz, Jonathan

doi:10.1145/3133956.3134053

Cited by 115 publications

(77 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…the functionality we realize is reactive), so we would need to authenticate outputs and verify inputs in each of these computations. While this can be done generically, such authentication comes "for free" in many common protocols for secure computation (e.g [8,37]…”

mentioning

confidence: 99%

Secure Computation with Differentially Private Access Patterns

Mazloom

Gordon

2018

Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security

View full text Add to dashboard Cite

We explore a new security model for secure computation on large datasets. We assume that two servers have been employed to compute on private data that was collected from many users, and, in order to improve the efficiency of their computation, we establish a new tradeoff with privacy. Specifically, instead of claiming that the servers learn nothing about the input values, we claim that what they do learn from the computation preserves the differential privacy of the input. Leveraging this relaxation of the security model allows us to build a protocol that leaks some information in the form of access patterns to memory, while also providing a formal bound on what is learned from the leakage.We then demonstrate that this leakage is useful in a broad class of computations. We show that computations such as histograms, PageRank and matrix factorization, which can be performed in common graph-parallel frameworks such as MapReduce or Pregel, benefit from our relaxation. We implement a protocol for securely executing graph-parallel computations, and evaluate the performance on the three examples just mentioned above. We demonstrate marked improvement over prior implementations for these computations.

show abstract

mentioning

confidence: 99%

Secure Computation with Differentially Private Access Patterns

Mazloom

Gordon

2018

Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security

View full text Add to dashboard Cite

show abstract

“…A more efficient solution based on garbled circuits with TinyOT has emerged in parallel with our paper [35,56]. Doing 1024 executions in parallel, it computes a single AES circuit in 6.7ms, which has the same order of magnitude as our solution.…”

Section: Complexity Of Actively Secure Integer Multiplication and Aesmentioning

confidence: 92%

Preprocessing Based Verification of Multiparty Protocols with Honest Majority

Laud

Pankova

Jagomägis

2017

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

This paper presents a generic "GMW-style" method for turning passively secure protocols into protocols secure against covert attacks, adding relatively cheap offline preprocessing and post-execution verification phases. Our construction performs best with a small number of parties, and its main benefit is the total cost of the online and the offline phases. In the preprocessing phase, each party generates and shares a sufficient amount of verified multiplication triples that will be later used to assist that party's proof. The execution phase, after which the computed result is already available to the parties, has only negligible overhead that comes from signatures on sent messages. In the postprocessing phase, the verifiers repeat the computation of the prover in secret-shared manner, checking that they obtain the same messages that the prover sent out during execution. The verification preserves the privacy guarantees of the original protocol. It is applicable to protocols doing computations over finite rings, even if the same protocol performs its computation over several distinct rings. We apply our verification method to the Sharemind platform for secure multiparty computations (SMC), evaluate its performance and compare it to other existing SMC platforms offering security against stronger than passive attackers.

show abstract

“…Based on the analysis from previous works [FKOS15,FLNW17,WRK17], if roughly 1 million triples are created at once then the buckets in the cut-and-choose stages can be of size B = 3, to guarantee security except with probability 2 −40 . The additional cut-and-choose parameter c can be as low as 3, so is insignificant as we initially need m = B 2 m + c triples to produce m final triples.…”

Section: A3 Parametersmentioning

confidence: 99%