Notes on non-interactive secure comparison in "image feature extraction in the encrypted domain with privacy-preserving SIFT"

Protocols for secure comparison are a fundamental building block of many privacy-preserving protocols such as privacy-preserving face recognition or privacy-preserving fingerprint authentication. So far, all existing secure comparison protocols that have been used in practical implementations require interaction. In recent work, Hsu et al. (IEEE Transactions on Image Processing 2012) propose protocols for privacy-preserving computation of the scale-invariant feature transform (SIFT) in the encrypted domain. Their fundamental building block is a new protocol for performing secure comparisons under additively homomorphic encryption that requires no interaction. In this paper we present potential for optimization and shortcomings of their secure comparison protocol. More specifically, we show that it 1) allows optimizations by shifting computation from the server to the user, 2) removes the gain that the user has in outsourcing computations to the server, and most importantly is 3) either computationally intractable for the server or insecure. As alternatives we propose to use either interactive comparison protocols or non-interactive somewhat or fully homomorphic encryption.

[1]  A. Yao,et al.  Fair exchange with a semi-trusted third party (extended abstract) , 1997, CCS '97.

[2]  Stefan Katzenbeisser,et al.  Privacy-Preserving Face Recognition , 2009, Privacy Enhancing Technologies.

[3]  Vincenzo Piuri,et al.  Privacy-preserving fingercode authentication , 2010, MM&Sec '10.

[4]  Craig Gentry,et al.  Fully Homomorphic Encryption over the Integers , 2010, EUROCRYPT.

[5]  Soo-Chang Pei,et al.  Image Feature Extraction in Encrypted Domain With Privacy-Preserving SIFT , 2012, IEEE Transactions on Image Processing.

[6]  Min Wu,et al.  Enabling search over encrypted multimedia databases , 2009, Electronic Imaging.

[7]  Vinod Vaikuntanathan,et al.  Efficient Fully Homomorphic Encryption from (Standard) LWE , 2011, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science.

[8]  Craig Gentry,et al.  Fully Homomorphic Encryption with Polylog Overhead , 2012, EUROCRYPT.

[9]  Nigel P. Smart,et al.  Improved Key Generation For Gentry's Fully Homomorphic Encryption Scheme , 2011, IACR Cryptol. ePrint Arch..

[10]  Soo-Chang Pei,et al.  Homomorphic encryption-based secure SIFT for privacy-preserving feature extraction , 2011, Electronic Imaging.

[11]  Vinod Vaikuntanathan,et al.  Can homomorphic encryption be practical? , 2011, CCSW '11.

[12]  Ahmad-Reza Sadeghi,et al.  Improved Garbled Circuit Building Blocks and Applications to Auctions and Computing Minima , 2009, IACR Cryptol. ePrint Arch..

[13]  Zekeriya Erkin,et al.  Privacy-preserving content-based recommender system , 2012, MM&Sec '12.

[14]  Marc Fischlin,et al.  A Cost-Effective Pay-Per-Multiplication Comparison Method for Millionaires , 2001, CT-RSA.

[15]  Joan Feigenbaum,et al.  Secure computation of surveys , 2004 .

[16]  Vincent Lepetit,et al.  BRIEF: Binary Robust Independent Elementary Features , 2010, ECCV.

[17]  Ivan Damgård,et al.  Secure Multiparty Computation Goes Live , 2009, Financial Cryptography.

[18]  Craig Gentry,et al.  Homomorphic Evaluation of the AES Circuit , 2012, IACR Cryptol. ePrint Arch..

[19]  Craig Gentry,et al.  (Leveled) fully homomorphic encryption without bootstrapping , 2012, ITCS '12.

[20]  Craig Gentry,et al.  Better Bootstrapping in Fully Homomorphic Encryption , 2012, Public Key Cryptography.

[21]  Ivan Damgård,et al.  A Generalisation, a Simplification and Some Applications of Paillier's Probabilistic Public-Key System , 2001, Public Key Cryptography.

[22]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[23]  Florian Kerschbaum,et al.  Automatically optimizing secure computation , 2011, CCS '11.

[24]  Vinod Vaikuntanathan,et al.  Fully Homomorphic Encryption from Ring-LWE and Security for Key Dependent Messages , 2011, CRYPTO.

[25]  Min Wu,et al.  Secure image retrieval through feature protection , 2009, 2009 IEEE International Conference on Acoustics, Speech and Signal Processing.

[26]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[27]  Ivan Damgård,et al.  Efficient and Secure Comparison for On-Line Auctions , 2007, ACISP.

[28]  Juan A. Garay,et al.  Practical and Secure Solutions for Integer Comparison , 2007, Public Key Cryptography.

[29]  Christopher Hunt,et al.  Notes on the OpenSURF Library , 2009 .

[30]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[31]  I. Damglurd Unconditionally secure constant-rounds multi-party computation for equality, comparison, bits and exponentiation , 2006 .

[32]  Dan Bogdanov,et al.  Sharemind: A Framework for Fast Privacy-Preserving Computations , 2008, ESORICS.

[33]  Ivan Damgård,et al.  Homomorphic encryption and secure comparison , 2008, Int. J. Appl. Cryptogr..

[34]  Pim Tuyls,et al.  Efficient Binary Conversion for Paillier Encrypted Values , 2006, EUROCRYPT.

[35]  Stefan Katzenbeisser,et al.  Processing encrypted floating point signals , 2011, MM&Sec '11.

[36]  Ronald L. Rivest,et al.  ON DATA BANKS AND PRIVACY HOMOMORPHISMS , 1978 .

[37]  G LoweDavid,et al.  Distinctive Image Features from Scale-Invariant Keypoints , 2004 .

[38]  Ivan Damgård,et al.  A correction to 'efficient and secure comparison for on-line auctions' , 2009, Int. J. Appl. Cryptogr..

[39]  Ahmad-Reza Sadeghi,et al.  Efficient Privacy-Preserving Face Recognition , 2009, ICISC.

[40]  Frederik Vercauteren,et al.  Fully Homomorphic Encryption with Relatively Small Key and Ciphertext Sizes , 2010, Public Key Cryptography.

[41]  Stefan Katzenbeisser,et al.  Protection and Retrieval of Encrypted Multimedia Content: When Cryptography Meets Signal Processing , 2007, EURASIP J. Inf. Secur..

[42]  Jean-Sébastien Coron,et al.  Public Key Compression and Modulus Switching for Fully Homomorphic Encryption over the Integers , 2012, EUROCRYPT.

[43]  Ian F. Blake,et al.  Strong Conditional Oblivious Transfer and Computing on Intervals , 2004, ASIACRYPT.

[44]  Dieter Schmalstieg,et al.  Real-Time Detection and Tracking for Augmented Reality on Mobile Phones , 2010, IEEE Transactions on Visualization and Computer Graphics.

[45]  Craig Gentry,et al.  Implementing Gentry's Fully-Homomorphic Encryption Scheme , 2011, EUROCRYPT.