Towards Efficient Private Distributed Computation on Unbounded Input Streams - (Extended Abstract)

In the problem of private "swarm" computing, n agents wish to securely and distributively perform a computation on common inputs, in such a way that even if the entire memory contents of some of them are exposed, no information is revealed about the state of the computation. Recently, Dolev, Garay, Gilboa and Kolesnikov [ICS 2011] considered this problem in the setting of information-theoretic security, showing how to perform such computations on input streams of unbounded length. The cost of their solution, however, is exponential in the size of the Finite State Automaton (FSA) computing the function. In this work we are interested in efficient (i.e., polynomial time) computation in the above model, at the expense of minimal additional assumptions. Relying on the existence of one-way functions, we show how to process unbounded inputs (but of course, polynomial in the security parameter) at a cost linear in m, the number of FSA states. In particular, our algorithms achieve the following: · In the case of (n,n)-reconstruction (i.e., in which all n agents participate in the reconstruction of the distributed computation) and at most n−1 agents are corrupted, the agent storage, the time required to process each input symbol, and the time complexity for reconstruction are all O(mn). · In the case of (n−t,n)-reconstruction (where only n−t agents take part in the reconstruction) and at most t agents are corrupted, the agents' storage and time required to process each input symbol are $O(m{n-1 \choose n-t})$. The complexity of reconstruction is O(mt). We achieve the above through a carefully orchestrated use of pseudo-random generators and secret-sharing, and in particular a novel share re-randomization technique which might be of independent interest.

[1]  Shlomi Dolev,et al.  Secret Sharing Krohn-Rhodes: Private and Perennial Distributed Computation , 2011, ICS.

[2]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[3]  Adi Shamir,et al.  RFID Authentication Efficient Proactive Information Security within Computational Security , 2009, Theory of Computing Systems.

[4]  Oded Goldreich,et al.  Foundations of Cryptography: Basic Tools , 2000 .

[5]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[6]  Yuval Ishai,et al.  Share Conversion, Pseudorandom Secret-Sharing and Applications to Secure Computation , 2005, TCC.

[7]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[8]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[9]  Oded Goldreich,et al.  Foundations of Cryptography: List of Figures , 2001 .

[10]  Moti Yung,et al.  Secret Swarm UnitReactive k-Secret Sharing , 2007, INDOCRYPT.

[11]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[12]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[13]  Kevin L. Moore,et al.  Flight demonstrations of unmanned aerial vehicle swarming concepts , 2006 .

[14]  Moti Yung,et al.  Secret swarm unit: Reactive k-secret sharing , 2012, Ad Hoc Networks.

[15]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[16]  Birgit Pfitzmann,et al.  Composition and integrity preservation of secure reactive systems , 2000, CCS.

[17]  Paul G. Spirakis,et al.  Information security for sensors by overwhelming random sequences and permutations , 2010, DIALM-POMC '10.

[18]  Shlomi Dolev,et al.  Swarming secrets , 2009, 2009 47th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[19]  Shlomi Dolev,et al.  Direction election in flocking swarms , 2010, DIALM-POMC '10.