Oblivious Linear Group Actions and Applications

In this paper we propose efficient two-party protocols for obliviously applying a (possibly random) linear group action to a data set. Our protocols capture various applications such as oblivious shuffles, circular shifts, matrix multiplications, to name just a few. A notable feature enjoyed by our protocols, is that they admit a round-optimal (more precisely, one-round) online computation phase, once an input-independent off-line computation phase has been completed. Our oblivious shuffle is the first to achieve a round-optimal online phase. The most efficient instantiations of our protocols are obtained in the so-called client-aided client-server setting, where the offline phase is run by a semi-honest input party (client) who will then distribute the generated correlated randomness to the computing parties (servers). When comparing the total running time to the previous best two-party oblivious shuffle protocol by Chase et al. (Asiacrypt 2020), our shuffle protocol in this client-aided setting is up to 105 times and 152 times faster, in the LAN and WAN setting, respectively. We additionally show how the Chase et al. protocol (which is a standard two-party protocol) can be modified to leverage the advantages of the client-aided setting, but show that, even doing so, our scheme is still two times faster in the online phase and 1.34 times faster in total on average. An additional feature of our protocols is that they allow to re-invoke a previously generated group action, or its inverse, in subsequent runs. This allows us to utilize randomize-then-reveal techniques, which are crucial for constructing efficient protocols in complex applications. As an application, we construct a new oblivious sorting protocol implementing radix sort. Our protocol is based on a similar approach to the three-party protocol by Chida et al. (IACR ePrint 2019/965), but using our oblivious shuffle as a building block as well as various optimizations, we obtain a two-party protocol (in the client-aided setting) with improved online running time and a reduced number of rounds. As other applications, we also obtain efficient protocols for oblivious selection, oblivious unit-vectorization, oblivious multiplexer, oblivious polynomial evaluation, arithmetic-to-boolean share conversions, and more.

[1]  Nigel P. Smart,et al.  TaaS: Commodity MPC via Triples-as-a-Service , 2019, IACR Cryptol. ePrint Arch..

[2]  Katsumi Takahashi,et al.  Oblivious Radix Sort: An Efficient Sorting Algorithm for Practical Secure Multi-party Computation , 2014, IACR Cryptol. ePrint Arch..

[3]  Ben Riva,et al.  Salus: a system for server-aided secure function evaluation , 2012, CCS.

[4]  Jonathan Katz,et al.  Private Set Intersection: Are Garbled Circuits Better than Custom Protocols? , 2012, NDSS.

[5]  Benny Pinkas,et al.  Efficient Circuit-based PSI via Cuckoo Hashing , 2018, IACR Cryptol. ePrint Arch..

[6]  Peter Rindal,et al.  ABY3: A Mixed Protocol Framework for Machine Learning , 2018, IACR Cryptol. ePrint Arch..

[7]  Avi Wigderson,et al.  Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation (Extended Abstract) , 1988, STOC.

[8]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[9]  Silvio Micali,et al.  A Completeness Theorem for Protocols with Honest Majority , 1987, STOC 1987.

[10]  Yuval Ishai,et al.  Function Secret Sharing , 2015, EUROCRYPT.

[11]  Satsuya Ohata,et al.  Communication-Efficient (Client-Aided) Secure Two-Party Protocols and Its Application , 2019, Financial Cryptography.

[12]  Benny Pinkas,et al.  Efficient Circuit-based PSI with Linear Communication , 2019, IACR Cryptol. ePrint Arch..

[13]  Wenliang Du,et al.  Bureaucratic protocols for secure two-party sorting, selection, and permuting , 2010, ASIACCS '10.

[14]  Bingsheng Zhang,et al.  Generic Constant-Round Oblivious Sorting Algorithm for MPC , 2011, ProvSec.

[15]  Riivo Talviste,et al.  Applying Secure Multi-party Computation in Practice , 2016 .

[16]  Peeter Laud,et al.  Secure Multiparty Sorting Protocols with Covert Privacy , 2016, NordSec.

[17]  Dan Bogdanov,et al.  A Practical Analysis of Oblivious Sorting Algorithms for Secure Multi-party Computation , 2014, NordSec.

[18]  Claudio Orlandi,et al.  Combining Private Set-Intersection with Secure Two-Party Computation , 2018, IACR Cryptol. ePrint Arch..

[19]  Michael K. Reiter,et al.  Third-Party Private DFA Evaluation on Encrypted Files in the Cloud , 2012, ESORICS.

[20]  Farinaz Koushanfar,et al.  Chameleon: A Hybrid Secure Computation Framework for Machine Learning Applications , 2018, IACR Cryptol. ePrint Arch..

[21]  Peeter Laud,et al.  A Private Lookup Protocol with Low Online Complexity for Secure Multiparty Computation , 2014, ICICS.

[22]  Payman Mohassel,et al.  How to Hide Circuits in MPC: An Efficient Framework for Private Function Evaluation , 2013, IACR Cryptol. ePrint Arch..

[23]  Koji Nuida,et al.  Constant-Round Client-Aided Secure Comparison Protocol , 2018, ESORICS.

[24]  Payman Mohassel,et al.  SecureML: A System for Scalable Privacy-Preserving Machine Learning , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[25]  Dan Bogdanov,et al.  Oblivious Sorting of Secret-Shared Data , 2013 .

[26]  Koji Chida,et al.  Efficient Bit-Decomposition and Modulus-Conversion Protocols with an Honest Majority , 2018, IACR Cryptol. ePrint Arch..

[27]  I. Damglurd Unconditionally secure constant-rounds multi-party computation for equality, comparison, bits and exponentiation , 2006 .

[28]  Michael Zohner,et al.  ABY - A Framework for Efficient Mixed-Protocol Secure Two-Party Computation , 2015, NDSS.

[29]  Riivo Talviste,et al.  From Oblivious AES to Efficient and Secure Database Join in the Multiparty Setting , 2013, ACNS.

[30]  Helmut Veith,et al.  Secure two-party computations in ANSI C , 2012, CCS.

[31]  Jared Saia,et al.  Secure Multi-party Shuffling , 2015, SIROCCO.

[32]  Jan Willemson,et al.  Round-Efficient Oblivious Database Manipulation , 2011, ISC.

[33]  Peter Rindal,et al.  Fast Database Joins for Secret Shared Data , 2019, IACR Cryptol. ePrint Arch..

[34]  Yuval Ishai,et al.  Secure Computation with Preprocessing via Function Secret Sharing , 2019, IACR Cryptol. ePrint Arch..

[35]  Mete Akgün,et al.  Privacy-preserving SVM on Outsourced Genomic Data via Secure Multi-party Computation , 2020, IWSPA@CODASPY.

[36]  Yuval Ishai,et al.  Function Secret Sharing for Mixed-Mode and Fixed-Point Secure Computation , 2020, IACR Cryptol. ePrint Arch..

[37]  Luca Antiga,et al.  Deep Learning With PyTorch , 2020, Machine Learning and Deep Learning in Real-Time Applications.

[38]  Melissa Chase,et al.  Secret Shared Shuffle , 2019, IACR Cryptol. ePrint Arch..

[39]  Carmit Hazay,et al.  Oblivious Polynomial Evaluation and Secure Set-Intersection from Algebraic PRFs , 2015, Journal of Cryptology.

[40]  Yihua Zhang,et al.  PICCO: a general-purpose compiler for private distributed computation , 2013, CCS.

[41]  Moni Naor,et al.  Oblivious Polynomial Evaluation , 2006, SIAM J. Comput..

[42]  Kazuo Ohta,et al.  Multiparty Computation for Interval, Equality, and Comparison Without Bit-Decomposition Protocol , 2007, Public Key Cryptography.

[43]  Katsumi Takahashi,et al.  Practically Efficient Multi-party Sorting Protocols from Comparison Sort Algorithms , 2012, ICISC.

[44]  Octavian Catrina,et al.  Improved Primitives for Secure Multiparty Integer Computation , 2010, SCN.

[45]  Benny Pinkas,et al.  An Efficient Secure Three-Party Sorting Protocol with an Honest Majority , 2019, IACR Cryptol. ePrint Arch..

[46]  Donald Beaver,et al.  Efficient Multiparty Protocols Using Circuit Randomization , 1991, CRYPTO.