1 / 13

Secure Computation and the Combinatorics of Hidden Diversity

Secure Computation and the Combinatorics of Hidden Diversity. Juan Garay ( AT&T Research) David Johnson (AT&T Research) Aggelos Kiayias (U. Athens) Moti Yung (Google). Prover. Verifier. Resource-based Corruptions. Adversaries corrupt parties. …for FREE!.

dscofield
Download Presentation

Secure Computation and the Combinatorics of Hidden Diversity

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure Computation and theCombinatorics of Hidden Diversity Juan Garay (AT&T Research) David Johnson (AT&T Research) Aggelos Kiayias (U. Athens) Moti Yung (Google)

  2. Prover Verifier Resource-based Corruptions • Adversaries corrupt parties... …for FREE! Hidden Diversity and Secure Multiparty Computation

  3. Resource-based Corruptions (cont’d) Our new questions: • How much does corruption cost? • Different parties may require different “resources” to get corrupted • Can “anonymity” be used to raise those costs? Hidden Diversity and Secure Multiparty Computation

  4. A focal point : Corruption diversity How to model corruption diversity? • Given that corruptions happen in different ways and based on different parameters, they can require a different amount of resources

  5. Resource-based corruptions Budget b (with “tokens”) Adversary’s Goal : s5 s2 s1 s3 s4

  6. Hidden Diversity and Indistinguishability s5 s2 s1 s4 s3 ? Adversary will need to waste more resources for subverting the system! Suppose different parties require different resources for corruption but externally appear the same

  7. A Combinatorial Game • GIVEN: Set B1, B2, …, Bnof buckets, with bucket Bi having non-negative integer size si, and a target fraction α, 0 < α < 1. • GOAL: Fill αnof the buckets using as few balls as possible, where a bucket of size siis filled if it receives si balls. Hidden Diversity and Secure Multiparty Computation

  8. Balls and Buckets (cont’d) n = 5, α = ½,αn= 3 Hidden Diversity and Secure Multiparty Computation

  9. Balls and Buckets (cont’d) Only Feedback from Placing a Ball: “Bucket Now Full” or “Bucket Not Yet Full” How many balls? Hidden Diversity and Secure Multiparty Computation

  10. In this work • Framework for realization of above abstraction • Computational corruptions • Sufficient conditions for abstraction • Information-Effort-Preserving (IEP) functions • Hardness Indistinguishability • Exact Hardness Hidden Diversity and Secure Multiparty Computation

  11. Candidate Functions • Random oracle • Exponentiation • f : Zq → S; q: λ-bit prime number; S: (generic) multiplicative group • Multiplication • fmult :Pλx Pλ → N Hidden Diversity and Secure Multiparty Computation

  12. In this work • Framework for realization of above abstraction • Computational corruptions • Sufficient conditions for abstraction • Information-Effort-Preserving (IEP) functions • Hardness Indistinguishability • Exact Hardness • Much is to be gained : MPC • Security: unboundedadditional adversarial effort • Efficiency: force corruption threshold to drop from 1/2 to 1/3, and run information-theoretic MPC protocol Hidden Diversity and Secure Multiparty Computation

  13. Thanks!

More Related