A Note on Secure Computation of the Moore-Penrose Pseudoinverse and Its Application to Secure Linear Algebra

This work deals with the communication complexity of secure multi-party protocols for linear algebra problems. In our model, complexity is measured in terms of the number of secure multiplications required and protocols terminate within a constant number of rounds of communication. Previous work by Cramer and Damgard proposes secure protocols for solving systems Ax = b of m linear equations in n variables over a finite field, with m ≤ n. The complexity of those protocols is n5. We show a new upper bound of m4 + n2m secure multiplications for this problem, which is clearly asymptotically smaller. Our main point, however, is that the advantage can be substantial in case m is much smaller than n. Indeed, if m = √n, for example, the complexity goes down from n5 to n2.5. Our secure protocols rely on some recent advances concerning the computation of the Moore-Penrose pseudo-inverse of matrices over fields of positive characteristic. These computations are based on the evaluation of a certain characteristic polynomial, in combination with variations on a well-known technique due to Mulmuley that helps to control the effects of non-zero characteristic. We also introduce a new method for secure polynomial evaluation that exploits properties of Chebychev polynomials, as well as a new secure protocol for computing the characteristic polynomial of a matrix based on Leverrier's lemma that exploits this new method.

[1]  Kazuo Ohta,et al.  Multiparty Computation for Interval, Equality, and Comparison Without Bit-Decomposition Protocol , 2007, Public Key Cryptography.

[2]  Joseph JáJá,et al.  An Introduction to Parallel Algorithms , 1992 .

[3]  K. Mulmuley A fast parallel algorithm to compute the rank of a matrix over an arbitrary field , 1987, Comb..

[4]  Fred T. Krogh,et al.  Efficient Algorithms for Polynomial Interpolation and Numerical Differentiation , 1970 .

[5]  Yuval Ishai,et al.  Randomizing polynomials: A new representation with applications to round-efficient secure computation , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[6]  Donald Beaver Minimal-Latency Secure Function Evaluation , 2000, EUROCRYPT.

[7]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[8]  Aggelos Kiayias,et al.  Self Protecting Pirates and Black-Box Traitor Tracing , 2001, CRYPTO.

[9]  Enav Weinreb,et al.  Communication Efficient Secure Linear Algebra , 2006, TCC.

[10]  Alexander Schrijver,et al.  Combinatorial optimization. Polyhedra and efficiency. , 2003 .

[11]  Moni Naor,et al.  A minimal model for secure computation (extended abstract) , 1994, STOC '94.

[12]  Yuval Ishai,et al.  Private simultaneous messages protocols with applications , 1997, Proceedings of the Fifth Israeli Symposium on Theory of Computing and Systems.

[13]  I. Damglurd Unconditionally secure constant-rounds multi-party computation for equality, comparison, bits and exponentiation , 2006 .

[14]  Moni Naor,et al.  A Minimal Model for Secure Computation , 2002 .

[15]  Eike Kiltz,et al.  Secure Linear Algebra Using Linearly Recurrent Sequences , 2007, Complexity of Boolean Functions.

[16]  Michael Ben-Or,et al.  Computing Algebraic Formulas Using a Constant Number of Registers , 1992, SIAM J. Comput..

[17]  Bart Preneel,et al.  Advances in cryptology - EUROCRYPT 2000 : International Conference on the Theory and Application of Cryptographic Techniques, Bruges, Belgium, May 14-18, 2000 : proceedings , 2000 .

[18]  Silvio Micali,et al.  The round complexity of secure protocols , 1990, STOC '90.

[19]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[20]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[21]  A. Yao,et al.  Fair exchange with a semi-trusted third party (extended abstract) , 1997, CCS '97.

[22]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[23]  Ivan Damgård,et al.  Secure Distributed Linear Algebra in a Constant Number of Rounds , 2001, CRYPTO.

[24]  Judit Bar-Ilan,et al.  Non-cryptographic fault-tolerant computing in constant number of rounds of interaction , 1989, PODC '89.

[25]  Laureano González-Vega,et al.  Generalizing Cramer's Rule: Solving Uniformly Linear Systems of Equations , 2005, SIAM J. Matrix Anal. Appl..