A Practical Universal Circuit Construction and Secure Evaluation of Private Functions

We consider general secure function evaluation (SFE) of private functions(PF-SFE). Recall, privacy of functions is often most efficiently achieved by general SFE [18,19,10] of a Universal Circuit (UC). Our main contribution is a new simple and efficient UC construction. Our circuit UC k , universal for circuits of kgates, has size ~1.5 klog2kand depth ~klogk. It is up to 50% smaller than the best UC (of Valiant [16], of size ~19klogk) for circuits of size up to ≈ 5000 gates. Our improvement results in corresponding performance improvement of SFE of (small) private functions. Since, due to cost, only small circuits (i.e. < 5000 gates) are practical for PF-SFE, our construction appears to be the best fit for many practical PF-SFE. We implement PF-SFE based on our UC and Fairplay SFE system [11].

[1]  Benny Pinkas,et al.  Fairplay - Secure Two-Party Computation System (Awarded Best Student Paper!) , 2004 .

[2]  Joe Kilian,et al.  One-Round Secure Computation and Secure Autonomous Mobile Agents , 2000, ICALP.

[3]  Benny Pinkas,et al.  Cryptographic techniques for privacy-preserving data mining , 2002, SKDD.

[4]  Yehuda Lindell,et al.  A Proof of Yao's Protocol for Secure Two-Party Computation , 2004, Electron. Colloquium Comput. Complex..

[5]  Oded Goldreich,et al.  A randomized protocol for signing contracts , 1985, CACM.

[6]  Rakesh Agrawal,et al.  Privacy-preserving data mining , 2000, SIGMOD 2000.

[7]  Giovanni Di Crescenzo Private Selective Payment Protocols , 2000, Financial Cryptography.

[8]  Moni Naor,et al.  Privacy preserving auctions and mechanism design , 1999, EC '99.

[9]  Mikhail J. Atallah,et al.  Privacy-preserving credit checking , 2005, EC '05.

[10]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[11]  Robin Milner,et al.  On Observing Nondeterminism and Concurrency , 1980, ICALP.

[12]  Abraham Waksman,et al.  A Permutation Network , 1968, JACM.

[13]  Marc Fischlin,et al.  A Cost-Effective Pay-Per-Multiplication Comparison Method for Millionaires , 2001, CT-RSA.

[14]  Moti Yung,et al.  Non-interactive cryptocomputing for NC/sup 1/ , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[15]  David Naccache,et al.  Topics in Cryptology — CT-RSA 2001 , 2001, Lecture Notes in Computer Science.

[16]  Wang De-lin On electronic commerce , 2008 .

[17]  Mihir Bellare Advances in Cryptology — CRYPTO 2000 , 2000, Lecture Notes in Computer Science.

[18]  Chris Clifton,et al.  Privacy-preserving distributed mining of association rules on horizontally partitioned data , 2004, IEEE Transactions on Knowledge and Data Engineering.

[19]  Rafail Ostrovsky,et al.  Private Searching on Streaming Data , 2005, Journal of Cryptology.

[20]  Ian F. Blake,et al.  Conditional Encrypted Mapping and Comparing Encrypted Numbers , 2006, Financial Cryptography.

[21]  A. Yao How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[22]  Leslie G. Valiant,et al.  Universal circuits (Preliminary Report) , 1976, STOC '76.

[23]  Victor Shoup Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference, Santa Barbara, California, USA, August 14-18, 2005, Proceedings , 2005, CRYPTO.

[24]  Yehuda Lindell,et al.  Privacy Preserving Data Mining , 2000, Journal of Cryptology.