Secure Evaluation of Private Linear Branching Programs with Medical Applications

Diagnostic and classification algorithms play an important role in data analysis, with applications in areas such as health care, fault diagnostics, or benchmarking. Branching programs (BP) is a popular representation model for describing the underlying classification/diagnostics algorithms. Typical application scenarios involve a client who provides data and a service provider (server) whose diagnostic program is run on client's data. Both parties need to keep their inputs private. We present new, more efficient privacy-protecting protocols for remote evaluation of such classification/diagnostic programs. In addition to efficiency improvements, we generalize previous solutions - we securely evaluate private linear branching programs (LBP), a useful generalization of BP that we introduce. We show practicality of our solutions: we apply our protocols to the privacy-preserving classification of medical ElectroCardioGram (ECG) signals and present implementation results. Finally, we discover and fix a subtle security weakness of the most recent remote diagnostic proposal, which allowed malicious clients to learn partial information about the program.

[1]  Moni Naor,et al.  Efficient oblivious transfer protocols , 2001, SODA '01.

[2]  Donald E. Porter,et al.  Improved error reporting for software that uses black-box components , 2007, PLDI '07.

[3]  A. Partin,et al.  A neurocomputational model for prostate carcinoma detection , 2003, Cancer.

[4]  Jean-Paul M. G. Linnartz,et al.  Watermark estimation through detector analysis , 1998, Proceedings 1998 International Conference on Image Processing. ICIP98 (Cat. No.98CB36269).

[5]  Anat Paskin-Cherniavsky,et al.  Evaluating Branching Programs on Encrypted Data , 2007, TCC.

[6]  Arantza Illarramendi,et al.  Real-time classification of ECGs on a PDA , 2005, IEEE Transactions on Information Technology in Biomedicine.

[7]  Thomas Schneider,et al.  Practical Secure Function Evaluation , 2008, Informatiktage.

[8]  Mauro Barni,et al.  Oblivious Neural Network Computing via Homomorphic Encryption , 2007, EURASIP J. Inf. Secur..

[9]  Ahmad-Reza Sadeghi,et al.  Practical Secure Evaluation of Semi-Private Functions , 2009, IACR Cryptol. ePrint Arch..

[10]  Benny Pinkas,et al.  Fairplay - Secure Two-Party Computation System (Awarded Best Student Paper!) , 2004 .

[11]  D. Ge,et al.  Cardiac arrhythmia classification using autoregressive modeling , 2002, Biomedical engineering online.

[12]  Jeffrey M. Hausdorff,et al.  Time series modeling of heart rate dynamics , 1993, Proceedings of Computers in Cardiology Conference.

[13]  A. Yao,et al.  Fair exchange with a semi-trusted third party (extended abstract) , 1997, CCS '97.

[14]  Joe Kilian,et al.  Founding crytpography on oblivious transfer , 1988, STOC '88.

[15]  Vitaly Shmatikov,et al.  Efficient Two-Party Secure Computation on Committed Inputs , 2007, EUROCRYPT.

[16]  Somesh Jha,et al.  Secure function evaluation with ordered binary decision diagrams , 2006, CCS '06.

[17]  Vladimir Kolesnikov,et al.  A Practical Universal Circuit Construction and Secure Evaluation of Private Functions , 2008, Financial Cryptography.

[18]  Helger Lipmaa Private Branching Programs: On Communication-Efficient Cryptocomputing , 2008, IACR Cryptol. ePrint Arch..

[19]  Ahmad-Reza Sadeghi,et al.  Generalized Universal Circuits for Secure Evaluation of Private Functions with Application to Data Classification , 2009, IACR Cryptol. ePrint Arch..

[20]  Helger Lipmaa,et al.  Verifiable Homomorphic Oblivious Transfer and Private Equality Test , 2003, ASIACRYPT.

[21]  Oded Goldreich,et al.  Foundations of Cryptography: Volume 2, Basic Applications , 2004 .

[22]  Yuval Ishai,et al.  Priced Oblivious Transfer: How to Sell Digital Goods , 2001, EUROCRYPT.

[23]  Yuval Ishai,et al.  Founding Cryptography on Oblivious Transfer - Efficiently , 2008, CRYPTO.

[24]  Moti Yung,et al.  Non-interactive cryptocomputing for NC/sup 1/ , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[25]  Benny Pinkas,et al.  Cryptographic techniques for privacy-preserving data mining , 2002, SKDD.

[26]  Yehuda Lindell,et al.  A Proof of Yao's Protocol for Secure Two-Party Computation , 2004, Electron. Colloquium Comput. Complex..

[27]  Jonathan D. Cryer,et al.  Time Series Analysis , 1986 .

[28]  Ivan Damgård,et al.  A Generalisation, a Simplification and Some Applications of Paillier's Probabilistic Public-Key System , 2001, Public Key Cryptography.

[29]  Yuval Ishai,et al.  Extending Oblivious Transfers Efficiently , 2003, CRYPTO.

[30]  G. McLachlan Discriminant Analysis and Statistical Pattern Recognition , 1992 .

[31]  H Tunstall-Pedoe,et al.  An investigation of the relationship between antioxidant vitamin intake and coronary heart disease in men and women using discriminant analysis. , 1995, Journal of clinical epidemiology.

[32]  Vitaly Shmatikov,et al.  Privacy-preserving remote diagnostics , 2007, CCS '07.

[33]  Vitaly Shmatikov,et al.  Privacy-Preserving Classifier Learning , 2009, Financial Cryptography.

[34]  Padraig Cunningham,et al.  Generating Estimates of Classification Confidence for a Case-Based Spam Filter , 2005, ICCBR.

[35]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[36]  Pim Tuyls,et al.  Efficient Binary Conversion for Paillier Encrypted Values , 2006, EUROCRYPT.

[37]  Ian F. Blake,et al.  Strong Conditional Oblivious Transfer and Computing on Intervals , 2004, ASIACRYPT.

[38]  U. RajendraAcharya Advances in cardiac signal processing , 2007 .

[39]  Vladimir Kolesnikov,et al.  Improved Garbled Circuit: Free XOR Gates and Applications , 2008, ICALP.

[40]  Mauro Barni,et al.  Enhancing Privacy in Remote Data Classification , 2008, SEC.

[41]  Daniel R. L. Brown Certicom Proposal to Revise SEC 1 : Elliptic Curve Cryptography , Version 1 . 0 Prepared by , 2005 .

[42]  Oded Goldreich,et al.  The Foundations of Cryptography - Volume 2: Basic Applications , 2001 .

[43]  Jeffrey M. Hausdorff,et al.  Physionet: Components of a New Research Resource for Complex Physiologic Signals". Circu-lation Vol , 2000 .

[44]  Mauro Barni,et al.  Efficient pointwise and blockwise encrypted operations , 2008, MM&Sec '08.

[45]  Pierre Flor-Henry,et al.  Quantitative EEG and source localization in fibromyalgia , 2008 .

[46]  F. Pérez-González,et al.  Blind newton sensitivity attack , 2006 .

[47]  Chi-Jen Lu,et al.  Oblivious polynomial evaluation and oblivious neural learning , 2001, Theor. Comput. Sci..