Communication Complexity and Secure Function Evaluation

We suggest two new methodologies for the design of efficient secure protocols, that differ with respect to their underlying computational models. In one methodology we utilize the communication complexity tree (or branching for f and transform it into a secure protocol. In other words, "any function f that can be computed using communication complexity c can be can be computed securely using communication complexity that is polynomial in c and a security parameter". The second methodology uses the circuit computing f, enhanced with look-up tables as its underlying computational model. It is possible to simulate any RAM machine in this model with polylogarithmic blowup. Hence it is possible to start with a computation of f on a RAM machine and transform it into a secure protocol. We show many applications of these new methodologies resulting in protocols efficient either in communication or in computation. In particular, we exemplify a protocol for the "millionaires problem", where two participants want to compare their values but reveal no other information. Our protocol is more efficient than previously known ones in either communication or computation.

[1]  Mendel Rosenblum,et al.  The design and implementation of a log-structured file system , 1991, SOSP '91.

[2]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[3]  Yuval Ishai,et al.  Private simultaneous messages protocols with applications , 1997, Proceedings of the Fifth Israeli Symposium on Theory of Computing and Systems.

[4]  Moni Naor,et al.  Efficient oblivious transfer protocols , 2001, SODA '01.

[5]  Avi Wigderson,et al.  Monotone circuits for connectivity require super-logarithmic depth , 1990, STOC '88.

[6]  E. Szemerédi,et al.  O(n LOG n) SORTING NETWORK. , 1983 .

[7]  Michael J. Fischer,et al.  Relations Among Complexity Measures , 1979, JACM.

[8]  Peter van Emde Boas,et al.  Machine Models and Simulation , 1990, Handbook of Theoretical Computer Science, Volume A: Algorithms and Complexity.

[9]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[10]  Yuval Ishai,et al.  Priced Oblivious Transfer: How to Sell Digital Goods , 2001, EUROCRYPT.

[11]  Aggelos Kiayias,et al.  Secure Games with Polynomial Expressions , 2001, ICALP.

[12]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[13]  Silvio Micali,et al.  Computationally Private Information Retrieval with Polylogarithmic Communication , 1999, EUROCRYPT.

[14]  Judit Bar-Ilan,et al.  Non-cryptographic fault-tolerant computing in constant number of rounds of interaction , 1989, PODC '89.

[15]  Joe Kilian,et al.  A general completeness theorem for two party games , 1991, STOC '91.

[16]  Carsten Lund,et al.  Proof verification and hardness of approximation problems , 1992, Proceedings., 33rd Annual Symposium on Foundations of Computer Science.

[17]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[18]  Rajeev Motwani,et al.  On syntactic versus computational views of approximability , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[19]  P. Boas Machine models and simulations , 1991 .

[20]  Avi Wigderson,et al.  Monotone Circuits for Connectivity Require Super-Logarithmic Depth , 1990, SIAM J. Discret. Math..

[21]  Martin Tompa,et al.  Communication-Space Tradeoffs for Unrestricted Protocols , 1994, SIAM J. Comput..

[22]  Rafail Ostrovsky,et al.  Private Information Storage , 1996, IACR Cryptol. ePrint Arch..

[23]  Martin Fürer The power of randomness for communication complexity , 1987, STOC '87.

[24]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[25]  Donald Beaver,et al.  Correlated pseudorandomness and the complexity of private computations , 1996, STOC '96.

[26]  Joe Kilian,et al.  Improved Efficient Arguments (Preliminary Version) , 1995, CRYPTO.

[27]  M. Sudan,et al.  Robust Characterizations of Polynomials and Their Applications to Program Testing , 1993 .

[28]  Moni Naor,et al.  Digital signets: self-enforcing protection of digital information (preliminary version) , 1996, STOC '96.

[29]  A. Yao,et al.  Fair exchange with a semi-trusted third party (extended abstract) , 1997, CCS '97.

[30]  Dana Ron,et al.  Property testing and its connection to learning and approximation , 1998, JACM.

[31]  Joan Feigenbaum,et al.  Security with Low Communication Overhead , 1990, CRYPTO.

[32]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[33]  Ivan Damgård,et al.  Linear zero-knowledge—a note on efficient zero-knowledge proofs and arguments , 1997, STOC '97.

[34]  Oded Goldreich,et al.  Towards a theory of software protection and simulation by oblivious RAMs , 1987, STOC.

[35]  Yuval Ishai,et al.  Randomizing polynomials: A new representation with applications to round-efficient secure computation , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[36]  Eyal Kushilevitz,et al.  Privacy and communication complexity , 1989, 30th Annual Symposium on Foundations of Computer Science.

[37]  R. Cramer,et al.  Linear Zero-Knowledgde. A Note on Efficient Zero-Knowledge Proofs and Arguments , 1996 .

[38]  Moni Naor,et al.  Privacy preserving auctions and mechanism design , 1999, EC '99.

[39]  Moni Naor,et al.  Oblivious transfer and polynomial evaluation , 1999, STOC '99.

[40]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[41]  Joe Kilian,et al.  Founding crytpography on oblivious transfer , 1988, STOC '88.

[42]  Eli Upfal,et al.  Computing with Noisy Information , 1994, SIAM J. Comput..

[43]  Manuel Blum,et al.  Self-testing/correcting with applications to numerical problems , 1990, STOC '90.

[44]  Carsten Lund,et al.  Proof verification and the hardness of approximation problems , 1998, JACM.

[45]  Richard E. Overill,et al.  Foundations of Cryptography: Basic Tools , 2002, J. Log. Comput..