Secure Computation, I/O-Efficient Algorithms and Distributed Signatures

We consider a setting where a set of n players use a set of m servers to store a large, private data set. Later the players decide on functions they want to compute on the data without the servers needing to know which computation is done, while the computation should be secure against a malicious adversary corrupting a constant fraction of the players and servers. Using packed secret sharing, the data can be stored in a compact way but will only be accessible in a block-wise fashion. We explore the possibility of using I/O-efficient algorithms to nevertheless compute on the data as efficiently as if random access was possible. We show that for sorting, priority queues and data mining, this can indeed be done. We show actively secure protocols of complexity within a constant factor of the passively secure solution. As a technical contribution towards this goal, we develop techniques for generating values of form r, gr for random secret-shared r∈ℤq and gr in a group of order q. This costs a constant number of exponentiation per player per value generated, even if less than n/3 players are malicious. This can be used for efficient distributed computing of Schnorr signatures. We further develop the technique so we can sign secret data in a distributed fashion at essentially the same cost.

[1]  Michael T. Goodrich,et al.  Randomized Shellsort: a simple oblivious sorting algorithm , 2009, SODA '10.

[2]  Yehuda Lindell,et al.  Secure Multi-Party Computation without Agreement , 2005, Journal of Cryptology.

[3]  Matthias Fitzi,et al.  Optimally efficient multi-valued byzantine agreement , 2006, PODC '06.

[4]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[5]  Mihir Bellare Advances in Cryptology — CRYPTO 2000 , 2000, Lecture Notes in Computer Science.

[6]  Claus-Peter Schnorr,et al.  Efficient signature generation by smart cards , 2004, Journal of Cryptology.

[7]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[8]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[9]  Aggelos Kiayias,et al.  BiTR: Built-in Tamper Resilience , 2011, IACR Cryptol. ePrint Arch..

[10]  Ivan Damgård,et al.  Atomic Secure Multi-party Multiplication with Low Communication , 2007, EUROCRYPT.

[11]  Michael T. Goodrich,et al.  MapReduce Parallel Cuckoo Hashing and Oblivious RAM Simulations , 2010, ArXiv.

[12]  Moni Naor Advances in Cryptology - EUROCRYPT 2007, 26th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Barcelona, Spain, May 20-24, 2007, Proceedings , 2007, EUROCRYPT.

[13]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[14]  Matthew K. Franklin,et al.  Communication complexity of secure computation (extended abstract) , 1992, STOC '92.

[15]  Paul Feldman,et al.  A practical scheme for non-interactive verifiable secret sharing , 1987, 28th Annual Symposium on Foundations of Computer Science (sfcs 1987).

[16]  Alok Aggarwal,et al.  The input/output complexity of sorting and related problems , 1988, CACM.

[17]  Yehuda Lindell,et al.  Privacy Preserving Data Mining , 2000, Journal of Cryptology.

[18]  Martin Hirt,et al.  Perfectly-Secure MPC with Linear Communication Complexity , 2008, TCC.

[19]  Eike Kiltz,et al.  Unconditionally Secure Constant Round Multi-Party Computation for Equality, Comparison, Bits and Exponentiation , 2006, IACR Cryptol. ePrint Arch..

[20]  Tomas Toft Secure Datastructures based on Multiparty Computation , 2011, IACR Cryptol. ePrint Arch..

[21]  Vaughan R. Pratt Shellsort and Sorting Networks , 1972, Outstanding Dissertations in the Computer Sciences.

[22]  Catherine A. Meadows,et al.  Security of Ramp Schemes , 1985, CRYPTO.

[23]  Kenneth E. Batcher,et al.  Sorting networks and their applications , 1968, AFIPS Spring Joint Computing Conference.

[24]  Joan Feigenbaum,et al.  Advances in Cryptology-Crypto 91 , 1992 .

[25]  Rebecca N. Wright,et al.  Privacy-preserving distributed k-means clustering over arbitrarily partitioned data , 2005, KDD '05.