Labeled PSI from Homomorphic Encryption with Reduced Computation and Communication

Cong, Kelong; Moreno, Radames Cruz; Gama, Mariana Botelho da; Dai, Wei; Iliashenko, Ilia; Laine, Kim; Rosenberg, Michael L.

doi:10.1145/3460120.3484760

Cited by 39 publications

(27 citation statements)

References 42 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Although significant progress in the theory and practice of FHE has been made towards improving efficiency in recent years, FHE-based approaches are believed to have a key bottleneck to achieving practical performance and the cryptographic protocol is still regarded as theoretical. However, theoretical breakthroughs in the HE literature and a strong effort of the FHE community 31 have enabled massive progress and offered excellent potential for secure computation in a wide range of real-world applications such as machine learning 24,27,28,32 , biomedical analysis [33][34][35] , private set intersection 36 , and private information retrieval 37 .…”

Section: Discussionmentioning

confidence: 99%

Secure human action recognition by encrypted neural network inference

et al. 2022

View full text Add to dashboard Cite

Advanced computer vision technology can provide near real-time home monitoring to support “aging in place” by detecting falls and symptoms related to seizures and stroke. Affordable webcams, together with cloud computing services (to run machine learning algorithms), can potentially bring significant social benefits. However, it has not been deployed in practice because of privacy concerns. In this paper, we propose a strategy that uses homomorphic encryption to resolve this dilemma, which guarantees information confidentiality while retaining action detection. Our protocol for secure inference can distinguish falls from activities of daily living with 86.21% sensitivity and 99.14% specificity, with an average inference latency of 1.2 seconds and 2.4 seconds on real-world test datasets using small and large neural nets, respectively. We show that our method enables a 613x speedup over the latency-optimized LoLa and achieves an average of 3.1x throughput increase in secure inference compared to the throughput-optimized nGraph-HE2.

show abstract

Section: Discussionmentioning

confidence: 99%

Secure human action recognition by encrypted neural network inference

et al. 2022

View full text Add to dashboard Cite

show abstract

“…We note that (apart from the above described problem concerning run-time leakage) the problem of share reconstruction with privacy can be viewed as (one-server) private information retrieval by keywords [17] satisfying a strong notion of database privacy, where the client (here party P 0 ) is not allowed to learn anything about the number and content of the database held by the server (here party P 1 ), except for the queried entry. This can be viewed as a special case of labelled private-set intersection [15,18] and can be instantiated by relying on somewhat homomorphic encryption. (Note here that the database for share reconstruction is very small on expectation, and thus even using expensive ciphertext multiplication for the final reconstruction would in typical applications not have a significant impact on the overall run time.…”

Section: Lemma 3 (Corollary Ofmentioning

confidence: 99%

On Homomorphic Secret Sharing from Polynomial-Modulus LWE

Attema

Capitão

Kohl

2023

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Homomorphic secret sharing (HSS) is a form of secret sharing that supports the local evaluation of functions on the shares, with applications to multi-server private information retrieval, secure computation, and more.Insisting on additive reconstruction, all known instantiations of HSS from "Learning with Error (LWE)"-type assumptions either have to rely on LWE with superpolynomial modulus, come with non-negligible error probability, and/or have to perform expensive ciphertext multiplications, resulting in bad concrete efficiency.In this work, we present a new 2-party local share conversion procedure, which allows to locally convert noise encoded shares to non-noise plaintext shares such that the parties can detect whenever a (potential) error occurs and in that case resort to an alternative conversion procedure.Building on this technique, we present the first HSS for branching programs from (Ring-)LWE with polynomial input share size which can make use of the efficient multiplication procedure of Boyle et al. (Eurocrypt 2019) and has no correctness error. Our construction comes at the cost of a -on expectation -slightly increased output share size (which is insignificant compared to the input share size) and a more involved reconstruction procedure.More concretely, we show that in the setting of 2-server private information retrieval we can choose ciphertext sizes of only a quarter of the size of the scheme of Boyle et al. at essentially no extra cost.

show abstract

“…-The MNO and health authority engage in a protocol for Private Set Intersection (PSI) with associated data (e.g., [15,20]). In such a protocol, the health authority and the MNO input their list of phone numbers.…”

Section: Remark 1 (Agreeing On Database Indices)mentioning

confidence: 99%

“…Still, this may be an issue in some scenarios. While the PSI-based solution has some overhead compared to the plain one, the performance evaluation in [20] shows that a protocol execution with 2 22 MNO items and 4096 health authority items takes about 1.4 seconds online (excluding a precomputable offline phase taking 467 seconds) with a total communication of 8.3 MB -a minor increase when looking at the overall protocol. While PSI-SUM protocols [47,54,57] could be used to calculate the final heatmap without revealing which identifiers are present in the MNO's set, their additional overhead is not worth the minor privacy gain, considering that for the type of identifier we are using (phone numbers), one can often already publicly check if a phone number is associated with a mobile network operator 2 .…”

Section: Remark 1 (Agreeing On Database Indices)mentioning

confidence: 99%

Privately Connecting Mobility to Infectious Diseases via Applied Cryptography

Bampoulidis

Bruni

Helminger

et al. 2022

PoPETs

View full text Add to dashboard Cite

Recent work has shown that cell phone mobility data has the unique potential to create accurate models for human mobility and consequently the spread of infected diseases [74]. While prior studies have exclusively relied on a mobile network operator’s subscribers’ aggregated data in modelling disease dynamics, it may be preferable to contemplate aggregated mobility data of infected individuals only. Clearly, naively linking mobile phone data with health records would violate privacy by either allowing to track mobility patterns of infected individuals, leak information on who is infected, or both. This work aims to develop a solution that reports the aggregated mobile phone location data of infected individuals while still maintaining compliance with privacy expectations. To achieve privacy, we use homomorphic encryption, validation techniques derived from zero-knowledge proofs, and differential privacy. Our protocol’s open-source implementation can process eight million subscribers in 70 minutes.

show abstract

Labeled PSI from Homomorphic Encryption with Reduced Computation and Communication

Cited by 39 publications

References 42 publications

Secure human action recognition by encrypted neural network inference

Secure human action recognition by encrypted neural network inference

On Homomorphic Secret Sharing from Polynomial-Modulus LWE

Privately Connecting Mobility to Infectious Diseases via Applied Cryptography

Contact Info

Product

Resources

About