CNF-FSS and its Applications

Function Secret Sharing (FSS), introduced by Boyle, Gilboa and Ishai [BGI15], extends the classical notion of secret-sharing a value to secret sharing a function. Namely, for a secret function f (from a class F), FSS provides a sharing of f whereby succinct shares (“keys”) are distributed to a set of parties, so that later the parties can non-interactively compute an additive sharing of f(x), for any input x in the domain of f . Previous work on FSS concentrated mostly on the two-party case, where highly efficient schemes are obtained for some simple, yet extremely useful, classes F (in particular, FSS for the class of point functions, a task referred to as DPF – Distributed Point Functions [GI14,BGI15]). In this paper, we concentrate on the multi-party case, with p ≥ 3 parties and t-security (1 ≤ t < p). First, we introduce the notion of CNF-DPF (or, more generally, CNF-FSS), where the scheme uses the CNF version of secret sharing (rather than additive sharing) to share each value f(x). We then demonstrate the utility of CNF-DPF by providing several applications. Our main result shows how CNF-DPF can be used to achieve substantial asymptotic improvement in communication complexity when using it as a building block for constructing standard (t, p)-DPF protocols that tolerate t > 1 (semi-honest) corruptions. For example, we build a 2-out-of-5 secure (standard) DPF scheme of communication complexity O(N), where N is the domain size of f (compared with the current best-known of O(N) for (2, 5)-DPF). More generally, with p > dt parties, we give a (t, p)-DPF whose complexity grows as O(N) (rather than O( √ N) that follows from the (p − 1, p)-DPF scheme of [BGI15]). We also present a 1-out-of-3 secure CNF-DPF scheme, in which each party holds two of the three keys, with poly-logarithmic communication complexity. These results have immediate implications to scenarios where (multi-server) DPF was shown to be applicable. For example, we show how to use such a scheme to obtain asymptotic improvement (O(log N) versus O( √ N)) in communication complexity over the 3-party protocol of [BKKO20].

[1]  Ariel Hamlin,et al.  Two-server Distributed ORAM with Sublinear Computation and Constant Rounds , 2020, IACR Cryptol. ePrint Arch..

[2]  Abhi Shelat,et al.  Scaling ORAM for Secure Computation , 2017, IACR Cryptol. ePrint Arch..

[3]  Ueli Maurer,et al.  Secure multi-party computation made simple , 2002, Discret. Appl. Math..

[4]  Klim Efremenko,et al.  3-Query Locally Decodable Codes of Subexponential Length , 2008 .

[5]  Dan Boneh,et al.  Key Homomorphic PRFs and Their Applications , 2013, CRYPTO.

[6]  Mitsuru Ito,et al.  Secret sharing scheme realizing general access structure , 1989 .

[7]  Yuval Ishai,et al.  General constructions for information-theoretic private information retrieval , 2005, J. Comput. Syst. Sci..

[8]  Rafail Ostrovsky,et al.  DURASIFT: A Robust, Decentralized, Encrypted Database Supporting Private Searches with Complex Policy Controls , 2019, WPES@CCS.

[9]  Yehuda Lindell,et al.  High-Throughput Secure Three-Party Computation for Malicious Adversaries and an Honest Majority , 2017, IACR Cryptol. ePrint Arch..

[10]  Yuval Ishai,et al.  Breaking the Circuit Size Barrier for Secure Computation Under DDH , 2016, CRYPTO.

[11]  Jonathan Katz,et al.  Simple and Efficient Two-Server ORAM , 2018, IACR Cryptol. ePrint Arch..

[12]  Rafail Ostrovsky,et al.  Universal service-providers for database private information retrieval (extended abstract) , 1998, PODC '98.

[13]  Yuval Ishai,et al.  On Locally Decodable Codes, Self-correctable Codes, and t -Private PIR , 2007, APPROX-RANDOM.

[14]  Yuval Ishai,et al.  Compressing Cryptographic Resources , 1999, CRYPTO.

[15]  Oded Goldreich,et al.  The Foundations of Cryptography - Volume 2: Basic Applications , 2001 .

[16]  Rafail Ostrovsky,et al.  Efficient 3-Party Distributed ORAM , 2018, IACR Cryptol. ePrint Arch..

[17]  Dan Boneh,et al.  Riposte: An Anonymous Messaging System Handling Millions of Users , 2015, 2015 IEEE Symposium on Security and Privacy.

[18]  Jonathan Katz,et al.  Revisiting Square-Root ORAM: Efficient Random Access in Multi-party Computation , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[19]  Anat Paskin-Cherniavsky,et al.  Secure Computation with Minimal Interaction, Revisited , 2015, CRYPTO.

[20]  Rafail Ostrovsky,et al.  Private Large-Scale Databases with Distributed Searchable Symmetric Encryption , 2016, CT-RSA.

[21]  Rafail Ostrovsky,et al.  Distributed Oblivious RAM for Secure Two-Party Computation , 2013, TCC.

[22]  Yuval Ishai,et al.  Efficient Pseudorandom Correlation Generators: Silent OT Extension and More , 2019, IACR Cryptol. ePrint Arch..

[23]  Stanislaw Jarecki,et al.  3PC ORAM with Low Latency, Low Bandwidth, and Fast Batch Retrieval , 2018, IACR Cryptol. ePrint Arch..

[24]  Rafail Ostrovsky,et al.  Private Information Storage , 1996, IACR Cryptol. ePrint Arch..

[25]  Yehuda Lindell,et al.  High-Throughput Semi-Honest Secure Three-Party Computation with an Honest Majority , 2016, IACR Cryptol. ePrint Arch..

[26]  Ron Rothblum,et al.  Spooky Encryption and Its Applications , 2016, CRYPTO.

[27]  Yuval Ishai,et al.  Function Secret Sharing , 2015, EUROCRYPT.

[28]  Josh Benaloh,et al.  Generalized Secret Sharing and Monotone Functions , 1990, CRYPTO.

[29]  Yuval Ishai,et al.  Share Conversion, Pseudorandom Secret-Sharing and Applications to Secure Computation , 2005, TCC.

[30]  Dan Boneh,et al.  Express: Lowering the Cost of Metadata-hiding Communication with Cryptographic Privacy , 2021, USENIX Security Symposium.

[31]  Yuval Ishai,et al.  Distributed Point Functions and Their Applications , 2014, EUROCRYPT.

[32]  Yuval Ishai,et al.  Foundations of Homomorphic Secret Sharing , 2018, ITCS.

[33]  Eyal Kushilevitz,et al.  Sub-logarithmic Distributed Oblivious RAM with Small Block Size , 2019, IACR Cryptol. ePrint Arch..

[34]  Benny Pinkas,et al.  Blinder: MPC Based Scalable and Robust Anonymous Committed Broadcast , 2020, IACR Cryptol. ePrint Arch..

[35]  Yuval Ishai,et al.  Function Secret Sharing: Improvements and Extensions , 2016, CCS.