Blind Polynomial Evaluation and Data Trading

Data trading is an emerging business, in which data sellers provide buyers with, for example, their private datasets and get paid from buyers. In many scenarios, sellers prefer to sell pieces of data, such as statistical results derived from the dataset, rather than the entire dataset. Meanwhile, buyers wish to hide the results they retrieve. Since it is not preferable to rely on a trusted third party (TTP), we are wondering, in the absence of TTP, whether there exists a practical mechanism satisfying the following requirements: the seller Sarah receives the payment if and only if she obliviously returns the buyer Bob the correct evaluation result of a function delegated by Bob on her dataset, and Bob can only derive the result for which he pays. Despite a lot of attention data trading has received, a desirable mechanism for this scenario is still missing. This is due to the fact that general solutions are inefficient when the size of datasets is considerable or the evaluated function is complicated, and that existing efficient cryptographic techniques cannot fully capture the features of our scenario or can only address very limited computing tasks. In this paper, we propose the first desirable mechanism that is practical and supports a wide variety of computing tasks — evaluation of arbitrary functions that can be represented as polynomials. We introduce a new cryptographic notion called blind polynomial evaluation and instantiate it with an explicit protocol. We further combine this notion with the blockchain paradigm to provide a practical framework that can satisfy the requirements mentioned above.

[1]  Ivan Damgård,et al.  A generalization of Paillier’s public-key system with applications to electronic voting , 2010, International Journal of Information Security.

[2]  Stefan Dziembowski,et al.  FairSwap: How To Fairly Exchange Digital Goods , 2018, IACR Cryptol. ePrint Arch..

[3]  Daniel Davis Wood,et al.  ETHEREUM: A SECURE DECENTRALISED GENERALISED TRANSACTION LEDGER , 2014 .

[4]  Moni Naor,et al.  Oblivious Polynomial Evaluation , 2006, SIAM J. Comput..

[5]  Andrew Chi-Chih Yao,et al.  How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[6]  Satoshi Nakamoto Bitcoin : A Peer-to-Peer Electronic Cash System , 2009 .

[7]  Jacques Stern,et al.  Short Proofs of Knowledge for Factoring , 2000, Public Key Cryptography.

[8]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[9]  Amos Fiat,et al.  How to Prove Yourself: Practical Solutions to Identification and Signature Problems , 1986, CRYPTO.

[10]  Fabien Laguillaumie,et al.  Encryption Switching Protocols Revisited: Switching Modulo p , 2017, CRYPTO.

[11]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[12]  Siu-Ming Yiu,et al.  An Improvement of Multi-Exponentiation with Encrypted Bases Argument: Smaller and Faster , 2020, IACR Cryptol. ePrint Arch..

[13]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[14]  Vinod Vaikuntanathan,et al.  Improvements to Secure Computation with Penalties , 2016, CCS.

[15]  Marcin Andrychowicz,et al.  Secure Multiparty Computations on Bitcoin , 2014, 2014 IEEE Symposium on Security and Privacy.

[16]  Guiling Wang,et al.  Dragoon: Private Decentralized HITs Made Practical , 2020, IACR Cryptol. ePrint Arch..

[17]  Tamir Tassa,et al.  Oblivious evaluation of multivariate polynomials , 2013, J. Math. Cryptol..

[18]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[19]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[20]  Hanlin Liu,et al.  Valiant's Universal Circuits Revisited: an Overall Improvement and a Lower Bound , 2019, IACR Cryptol. ePrint Arch..

[21]  Guillermo Navarro-Arribas,et al.  A Fair Protocol for Data Trading Based on Bitcoin Transactions , 2017, IACR Cryptol. ePrint Arch..

[22]  David Pointcheval,et al.  Secure Distributed Computation on Private Inputs , 2015, FPS.

[23]  Iddo Bentov,et al.  How to Use Bitcoin to Design Fair Protocols , 2014, CRYPTO.

[24]  Sasu Tarkoma,et al.  Agora: A Privacy-aware Data Marketplace , 2020, 2020 IEEE 40th International Conference on Distributed Computing Systems (ICDCS).

[25]  Richard Cleve,et al.  Limits on the security of coin flips when half the processors are faulty , 1986, STOC '86.

[26]  David Pointcheval,et al.  Encryption Switching Protocols , 2015, CRYPTO.

[27]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.

[28]  Leslie G. Valiant,et al.  Universal circuits (Preliminary Report) , 1976, STOC '76.

[29]  Yuan Lu,et al.  ZebraLancer: Private and Anonymous Crowdsourcing System atop Open Blockchain , 2018, 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS).

[30]  Sebastian Faust,et al.  OptiSwap: Fast Optimistic Fair Exchange , 2020, IACR Cryptol. ePrint Arch..