Secure Evaluation of Private Linear Branching Programs with Medical Applications

Barni, Mauro; Failla, Pierluigi; Kolesnikov, Vladimir; Lazzeretti, Riccardo; Sadeghi, Ahmad-Reza; Schneider, Thomas

doi:10.1007/978-3-642-04444-1_26

Cited by 94 publications

(111 citation statements)

References 29 publications

Supporting

Mentioning

109

Contrasting

Unclassified

Order By: Relevance

“…1 We begin by showing a protocol in the semi-honest setting; this illustrates our core techniques and represents what we consider to be our main contribution. (Semi-honest security was the focus of all prior work on PFE [33,6,8,9,11,12,13,19,5,32,30,3].) Zero-knowledge proofs can be used in the standard way [15] to obtain security against malicious parties, still in constant rounds and with linear complexity; however, the resulting protocol is unlikely in practice to out-perform secure computation of universal circuits using efficient protocols for the malicious setting (e.g., [23]).…”

Section: Contributions Of Our Workmentioning

confidence: 99%

“…Here we treat the more difficult case where everything about the circuit (except an upper bound on its size and the number of inputs/outputs) is hidden. Another direction has been to consider PFE for limited classes of functions: e.g., functions defined by low-depth circuits [33,4], branching programs [19,3], or polynomials [9,27]. Here we handle functions defined by arbitrary (polynomial-size) circuits.…”

Section: Other Related Workmentioning

confidence: 99%

“…See Section 2.1 for further discussion.) PFE is useful when the function being computed must remain private, say because the function is classified, because revealing the function would lead to security vulnerabilities, or because the implementation of the function (e.g., the circuit C f itself) is proprietary even if the function f is known [33,6,8,9,11,12,13,19,5,32,30,3].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Constant-Round Private Function Evaluation with Linear Complexity

Katz

Malka

2011

Lecture Notes in Computer Science

View full text Add to dashboard Cite

We consider the problem of private function evaluation (PFE) in the two-party setting. Here, informally, one party holds an input x while the other holds a circuit describing a function f ; the goal is for one (or both) of the parties to learn f (x) while revealing nothing more to either party. In contrast to the usual setting of secure computation -where the function being computed is known to both parties -PFE is useful in settings where the function (i.e., algorithm) itself must remain secret, e.g., because it is proprietary or classified.It is known that PFE can be reduced to standard secure computation by having the parties evaluate a universal circuit, and this is the approach taken in most prior work. Using a universal circuit, however, introduces additional overhead and results in a more complex implementation. We show here a completely new technique for PFE that avoids universal circuits, and results in constant-round protocols with communication/computational complexity linear in the size of the circuit computing f . This gives the first constant-round protocol for PFE with linear complexity (without using fully homomorphic encryption), even restricted to semi-honest adversaries.

show abstract

Section: Contributions Of Our Workmentioning

confidence: 99%

Section: Other Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Constant-Round Private Function Evaluation with Linear Complexity

Katz

Malka

2011

Lecture Notes in Computer Science

View full text Add to dashboard Cite

show abstract

“…For example, several solutions have been proposed that use SMC to enhance privacy in auctions [12], data clustering [13], [14] or filtering [15]. Recently, there is also an increased interest in combining SMC with methods of signal processing in order to be able to privately analyze signals; examples are the analysis of medical signals [16] or the evaluation of biometrics on encrypted data [2]. All these systems currently rely on a fixed-point representation of the signals.…”

Section: Secure Multiparty Computation (Smc) Several Constructions Fmentioning

confidence: 99%

Secure computations on non-integer values

Franz

Deiseroth

Hamacher

et al. 2010

2010 IEEE International Workshop on Information Forensics and Security

View full text Add to dashboard Cite

In this paper we present for the first time a framework that allows secure two-party computations on approximations of real valued signals. In our solution, we use a quantized logarithmic representation of the signal samples, which enables to represent both very small and very large numbers with bounded relative error. We show that numbers represented in this way can be encrypted using standard homomorphic encryption schemes; furthermore we give protocols that allow to perform all arithmetic operations on such encrypted values. Finally we demonstrate the practicality of our framework by applying it to the problem of filtering encrypted signals.

show abstract

“…A number of previous work [1,2,4,12,14,15,16,17,22,24] have considered the design and implementation of more efficient general-and special-purpose private function evaluation. A major motivation behind these solutions (and PFE in general) is to hide the function being computed since it is proprietary, private or contains sensitive information.…”

Section: Introductionmentioning

confidence: 99%

Actively Secure Private Function Evaluation

Mohassel

Sadeghian

Smart

2014

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Abstract. We propose the first general framework for designing actively secure private function evaluation (PFE), not based on universal circuits. Our framework is naturally divided into pre-processing and online stages and can be instantiated using any generic actively secure multiparty computation (MPC) protocol. Our framework helps address the main open questions about efficiency of actively secure PFE. On the theoretical side, our framework yields the first actively secure PFE with linear complexity in the circuit size. On the practical side, we obtain the first actively secure PFE for arithmetic circuits with O(g · log g) complexity where g is the circuit size. The best previous construction (of practical interest) is based on an arithmetic universal circuit and has complexity O(g 5 ).We also introduce the first linear Zero-Knowledge proof of correctness of "extended permutation" of ciphertexts (a generalization of ZK proof of correct shuffles) which maybe of independent interest.

show abstract

Secure Evaluation of Private Linear Branching Programs with Medical Applications

Cited by 94 publications

References 29 publications

Constant-Round Private Function Evaluation with Linear Complexity

Constant-Round Private Function Evaluation with Linear Complexity

Secure computations on non-integer values

Actively Secure Private Function Evaluation

Contact Info

Product

Resources

About