Sub-linear, Secure Comparison with Two Non-colluding Parties

The classic problem in the field of secure computation is Yao's millionaires' problem; we consider two new protocols solving a variation of this: a number of parties, P1,...,Pn, securely hold two l- bit values, x and y - e.g. x and y could be encrypted or secret shared. They wish to obtain a bit stating whether x is greater than y using only secure arithmetic; this should be done without revealing any information, even the output should remain secret. The present setting is special in the sense that it is assumed that two specific parties, referred to as Alice and Bob, are non-colluding. Though this assumption is not satisfied in general, it clearly is for the main example of this work: two-party computation based on Paillier encryption. The first solution requires O(log(l)(κ + loglog(l))) secure arithmetic operations in O(log(l)) rounds, where κ is a correctness parameter. The second solution requires only a constant number of rounds, but increases complexity to O(√l(κ + log(l))) arithmetic operations. For the motivating setting, each arithmetic operation requires a constant number of Paillier encryptions to be exchanged between Alice and Bob. This implies that both solutions require only a sub-linear number of invocations (in the bit-length, l) of the cryptographic primitives. This does not imply sub-linear communication, though, as the size of each encryption transmitted is more than l bits.

[1]  Helger Lipmaa,et al.  On Diophantine Complexity and Statistical Zero-Knowledge Arguments , 2003, ASIACRYPT.

[2]  Louis C. Karpinski,et al.  Über die Verteilung der quadratischen Reste. , 2022 .

[3]  Rune Thorbek,et al.  Proactive Linear Integer Secret Sharing , 2009, IACR Cryptol. ePrint Arch..

[4]  Juan A. Garay,et al.  Practical and Secure Solutions for Integer Comparison , 2007, Public Key Cryptography.

[5]  Kazuo Ohta,et al.  Multiparty Computation for Interval, Equality, and Comparison Without Bit-Decomposition Protocol , 2007, Public Key Cryptography.

[6]  O. Perron,et al.  Bemerkungen über die Verteilung der quadratischen Reste , 1952 .

[7]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[8]  Joseph Bonneau,et al.  What's in a Name? , 2020, Financial Cryptography.

[9]  Fabrice Boudot,et al.  Efficient Proofs that a Committed Number Lies in an Interval , 2000, EUROCRYPT.

[10]  R. Cramer,et al.  Multiparty Computation from Threshold Homomorphic Encryption , 2000 .

[11]  Sven Laur,et al.  A New Protocol for Conditional Disclosure of Secrets and Its Applications , 2007, ACNS.

[12]  Andrew Chi-Chih Yao,et al.  How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[13]  Pim Tuyls,et al.  Efficient Binary Conversion for Paillier Encrypted Values , 2006, EUROCRYPT.

[14]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[15]  Tatsuaki Okamoto,et al.  Public Key Cryptography - PKC 2007, 10th International Conference on Practice and Theory in Public-Key Cryptography, Beijing, China, April 16-20, 2007, Proceedings , 2007, Public Key Cryptography.

[16]  Yehuda Lindell,et al.  Privacy Preserving Data Mining , 2000, Journal of Cryptology.

[17]  I. Damglurd Unconditionally secure constant-rounds multi-party computation for equality, comparison, bits and exponentiation , 2006 .

[18]  Rebecca N. Wright,et al.  Privacy-preserving distributed k-means clustering over arbitrarily partitioned data , 2005, KDD '05.

[19]  Bart Preneel,et al.  Advances in cryptology - EUROCRYPT 2000 : International Conference on the Theory and Application of Cryptographic Techniques, Bruges, Belgium, May 14-18, 2000 : proceedings , 2000 .

[20]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[21]  Ivan Damgård,et al.  Secure Multiparty Computation Goes Live , 2009, Financial Cryptography.

[22]  Marc Fischlin,et al.  A Cost-Effective Pay-Per-Multiplication Comparison Method for Millionaires , 2001, CT-RSA.

[23]  Ivan Damgård,et al.  Universally Composable Efficient Multiparty Computation from Threshold Homomorphic Encryption , 2003, CRYPTO.

[24]  Tomas Toft Solving Linear Programs Using Multiparty Computation , 2009, Financial Cryptography.

[25]  Jacques Stern,et al.  Advances in Cryptology — EUROCRYPT ’99 , 1999, Lecture Notes in Computer Science.

[26]  Moni Naor,et al.  A minimal model for secure computation (extended abstract) , 1994, STOC '94.

[27]  Ian F. Blake,et al.  Conditional Encrypted Mapping and Comparing Encrypted Numbers , 2006, Financial Cryptography.

[28]  Information Security and Privacy , 1996, Lecture Notes in Computer Science.

[29]  Serge Vaudenay,et al.  Advances in Cryptology - EUROCRYPT 2006 , 2006, Lecture Notes in Computer Science.

[30]  Dan Boneh,et al.  Advances in Cryptology - CRYPTO 2003 , 2003, Lecture Notes in Computer Science.

[31]  Ivan Damgård,et al.  Client/Server Tradeoffs for Online Elections , 2002, Public Key Cryptography.

[32]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[33]  Ivan Damgård,et al.  Efficient and Secure Comparison for On-Line Auctions , 2007, ACISP.

[34]  Moni Naor,et al.  Privacy preserving auctions and mechanism design , 1999, EC '99.

[35]  David Naccache,et al.  Topics in Cryptology — CT-RSA 2001 , 2001, Lecture Notes in Computer Science.

[36]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[37]  Arto Salomaa,et al.  Public-Key Cryptography , 1991, EATCS Monographs on Theoretical Computer Science.

[38]  Judit Bar-Ilan,et al.  Non-cryptographic fault-tolerant computing in constant number of rounds of interaction , 1989, PODC '89.

[39]  Chi Sung Laih,et al.  Advances in Cryptology - ASIACRYPT 2003 , 2003 .