Modulo Reduction for Paillier Encryptions and Application to Secure Statistical Analysis

For the homomorphic Paillier cryptosystem we construct a protocol for secure modulo reduction, that on input of an encryption x with x of bit length lx and a public ‘modulus’ a of bit length la outputs an encryption $[[{x\bmod a}$]>. As a result, a protocol for computing an encrypted integer division x div a is obtained. Surprisingly, efficiency of the protocol is independent of lx: the broadcast complexity of the protocol varies between O(nkla) and $O(n^2k\ell_a)$, for n parties and security parameter k, and it is very efficient in case of small la (in practical cases la often is much smaller than lx). Our protocol allows for efficient multiparty computation of statistics such as the mean, the variance and the median, and it is therefore very applicable to surveys for the benefit of statistical analysis.

[1]  Markus Jakobsson,et al.  Mix and Match: Secure Function Evaluation via Ciphertexts , 2000, ASIACRYPT.

[2]  Rebecca N. Wright,et al.  Privacy-preserving distributed k-means clustering over arbitrarily partitioned data , 2005, KDD '05.

[3]  Alex Pentland,et al.  Face recognition using eigenfaces , 1991, Proceedings. 1991 IEEE Computer Society Conference on Computer Vision and Pattern Recognition.

[4]  R. Cramer,et al.  Multiparty Computation from Threshold Homomorphic Encryption , 2000 .

[5]  Matthew K. Franklin,et al.  Joint Encryption and Message-Efficient Secure Computation , 1993, CRYPTO.

[6]  Chris Clifton,et al.  Privacy-preserving k-means clustering over vertically partitioned data , 2003, KDD '03.

[7]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[8]  Stefan Katzenbeisser,et al.  Privacy-Preserving Face Recognition , 2009, Privacy Enhancing Technologies.

[9]  Kenneth E. Batcher,et al.  Sorting networks and their applications , 1968, AFIPS Spring Joint Computing Conference.

[10]  Matthew K. Franklin,et al.  The Design and Implementation of a Secure Auction Service , 1996, IEEE Trans. Software Eng..

[11]  Pim Tuyls,et al.  Practical Two-Party Computation Based on the Conditional Gate , 2004, ASIACRYPT.

[12]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[13]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[14]  Octavian Catrina,et al.  Multiparty Computation of Fixed-Point Multiplication and Reciprocal , 2009, 2009 20th International Workshop on Database and Expert Systems Application.

[15]  Helger Lipmaa,et al.  On Diophantine Complexity and Statistical Zero-Knowledge Arguments , 2003, ASIACRYPT.

[16]  Ivan Damgård,et al.  Efficient and Secure Comparison for On-Line Auctions , 2007, ACISP.

[17]  Jan Camenisch,et al.  Efficient Computation Modulo a Shared Secret with Application to the Generation of Shared Safe-Prime Products , 2002, CRYPTO.

[18]  Ronald Cramer,et al.  Modular Design of Secure yet Practical Cryptographic Protocols , 1997 .

[19]  Pim Tuyls,et al.  Efficient Binary Conversion for Paillier Encrypted Values , 2006, EUROCRYPT.

[20]  Yunghsiang Sam Han,et al.  Privacy-Preserving Multivariate Statistical Analysis: Linear Regression and Classification , 2004, SDM.

[21]  Aggelos Kiayias,et al.  Privacy-Preserving Information Markets for Computing Statistical Data , 2009, Financial Cryptography.

[22]  Bart Goethals,et al.  On Private Scalar Product Computation for Privacy-Preserving Data Mining , 2004, ICISC.

[23]  Mauro Barni,et al.  Efficient pointwise and blockwise encrypted operations , 2008, MM&Sec '08.

[24]  Moni Naor,et al.  Privacy preserving auctions and mechanism design , 1999, EC '99.

[25]  Jens Groth,et al.  Non-interactive Zero-Knowledge Arguments for Voting , 2005, ACNS.

[26]  Birgit Pfitzmann,et al.  Collision-Free Accumulators and Fail-Stop Signature Schemes Without Trees , 1997, EUROCRYPT.

[27]  M. Turk,et al.  Eigenfaces for Recognition , 1991, Journal of Cognitive Neuroscience.

[28]  Fabrice Boudot,et al.  Efficient Proofs that a Committed Number Lies in an Interval , 2000, EUROCRYPT.

[29]  Ivan Damgård,et al.  A Generalisation, a Simplification and Some Applications of Paillier's Probabilistic Public-Key System , 2001, Public Key Cryptography.

[30]  Tatsuaki Okamoto,et al.  Statistical Zero Knowledge Protocols to Prove Modular Polynomial Relations , 1997, CRYPTO.

[31]  Wenliang Du,et al.  Privacy-preserving cooperative statistical analysis , 2001, Seventeenth Annual Computer Security Applications Conference.

[32]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[33]  Eike Kiltz,et al.  Secure Computation of the Mean and Related Statistics , 2005, IACR Cryptol. ePrint Arch..

[34]  I. Damglurd Unconditionally secure constant-rounds multi-party computation for equality, comparison, bits and exponentiation , 2006 .

[35]  Zhifang Zhang,et al.  Statistical Multiparty Computation Based on Random Walks on Graphs , 2005, IACR Cryptol. ePrint Arch..

[36]  Juan A. Garay,et al.  Practical and Secure Solutions for Integer Comparison , 2007, Public Key Cryptography.