Secure Function Collection with Sublinear Storage

Consider a center possessing a trusted (tamper proof) device that wishes to securely compute a public function over private inputs that are contributed by some network nodes. In network scenarios that support direct communication of nodes with the center, the computation can be done by the nodes encrypting their inputs under the device's public key and sending the ciphertexts to the center which, in turn, feeds them to the trusted device that computes the function. In many modern networking scenarios, however, the center and the contributing nodes are not directly connected/connectable, in which case the discovery and collection of inputs can only be performed by an agent (or agents) released to the network by the center. This introduces a new set of issues for secure computation. In this work we consider an agent that is released, sweeps the network once and then returns to its origin. The direct solution, in this case, is for the agent to possess a certified public key of the trusted device and for the nodes to contribute their inputs as ciphertexts under this key; once the agent collects all inputs it reconnects with the center for function computation. The above single-sweep simple collection requires the agent to store a linear number of ciphertexts. The goal of this work is to formalize and solve the above problem for a general set of functions by an agent that employs sub-linear storage while maintaining input privacy (an important technical requirement akin of that of "Private Information Retrieval" protocols).

[1]  Jesper Buus Nielsen,et al.  On Protocol Security in the Cryptographic Model , 2003 .

[2]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[3]  Jacques Stern,et al.  Advances in Cryptology — EUROCRYPT ’99 , 1999, Lecture Notes in Computer Science.

[4]  David A. Mix Barrington,et al.  Bounded-width polynomial-size branching programs recognize exactly those languages in NC1 , 1986, STOC '86.

[5]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[6]  David Chaum,et al.  Multiparty Unconditionally Secure Protocols (Extended Abstract) , 1988, STOC.

[7]  Nigel P. Smart Advances in Cryptology - EUROCRYPT 2008, 27th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Istanbul, Turkey, April 13-17, 2008. Proceedings , 2008, EUROCRYPT.

[8]  Marcos A. Kiwi,et al.  Electronic jury voting protocols , 2002, Theor. Comput. Sci..

[9]  Jonathan Katz,et al.  Round-Efficient Secure Computation in Point-to-Point Networks , 2007, EUROCRYPT.

[10]  Silvio Micali,et al.  Algorithmic Tamper-Proof (ATP) Security: Theoretical Foundations for Security against Hardware Tampering , 2004, TCC.

[11]  Moni Naor,et al.  Communication preserving protocols for secure function evaluation , 2001, STOC '01.

[12]  Moni Naor Advances in Cryptology - EUROCRYPT 2007, 26th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Barcelona, Spain, May 20-24, 2007, Proceedings , 2007, EUROCRYPT.

[13]  Ronald Cramer,et al.  A secure and optimally efficient multi-authority election scheme , 1997, Eur. Trans. Telecommun..

[14]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[15]  Amir Pnueli,et al.  The ROBDD Size of Simple CNF Formulas , 2003, CHARME.

[16]  A. Razborov Communication Complexity , 2011 .

[17]  Helger Lipmaa,et al.  An Oblivious Transfer Protocol with Log-Squared Communication , 2005, ISC.

[18]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[19]  Moti Yung,et al.  Perfectly secure message transmission , 1993, JACM.

[20]  Serge Vaudenay,et al.  Advances in Cryptology - EUROCRYPT 2006 , 2006, Lecture Notes in Computer Science.

[21]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[22]  Ashutosh Kumar Singh,et al.  ROBDD complexity analysis for XOR/XNOR min-terms , 2008 .

[23]  Jonathan Katz,et al.  Universally Composable Multi-party Computation Using Tamper-Proof Hardware , 2007, EUROCRYPT.

[24]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[25]  Aggelos Kiayias,et al.  Non-interactive Zero-Sharing with Applications to Private Distributed Decision Making , 2003, Financial Cryptography.

[26]  Silvio Micali,et al.  Computationally Private Information Retrieval with Polylogarithmic Communication , 1999, EUROCRYPT.

[27]  Avi Wigderson,et al.  Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation (Extended Abstract) , 1988, STOC.

[28]  Anat Paskin-Cherniavsky,et al.  Evaluating Branching Programs on Encrypted Data , 2007, TCC.

[29]  Rafail Ostrovsky,et al.  Almost-Everywhere Secure Computation , 2008, EUROCRYPT.

[30]  Yehuda Lindell,et al.  Constructions of truly practical secure protocols using standardsmartcards , 2008, CCS.

[31]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[32]  Yuval Ishai,et al.  Private Circuits II: Keeping Secrets in Tamperable Circuits , 2006, EUROCRYPT.