How to Hide Circuits in MPC: An Efficient Framework for Private Function Evaluation

We revisit the problem of general-purpose private function evaluation (PFE) wherein a single party P 1 holds a circuit \(\mathcal{C}\), while each P i for 1 ≤ i ≤ n holds a private input x i , and the goal is for a subset (or all) of the parties to learn \(\mathcal{C}(x_1, \ldots, x_n)\) but nothing else. We put forth a general framework for designing PFE where the task of hiding the circuit and securely evaluating its gates are addressed independently: First, we reduce the task of hiding the circuit topology to oblivious evaluation of a mapping that encodes the topology of the circuit, which we refer to as oblivious extended permutation (OEP) since the mapping is a generalization of the permutation mapping. Second, we design a subprotocol for private evaluation of a single gate (PFE for one gate), which we refer to as private gate evaluation (PGE). Finally, we show how to naturally combine the two components to obtain efficient and secure PFE.

[1]  Vladimir Kolesnikov,et al.  A Practical Universal Circuit Construction and Secure Evaluation of Private Functions , 2008, Financial Cryptography.

[2]  Carmit Hazay,et al.  Text Search Protocols with Simulation Based Security , 2010, Public Key Cryptography.

[3]  Jonathan Katz,et al.  Private Set Intersection: Are Garbled Circuits Better than Custom Protocols? , 2012, NDSS.

[4]  Yuval Ishai,et al.  Extending Oblivious Transfers Efficiently , 2003, CRYPTO.

[5]  Donald Beaver,et al.  Precomputing Oblivious Transfer , 1995, CRYPTO.

[6]  Benny Pinkas,et al.  Secure Two-Party Computation is Practical , 2009, IACR Cryptol. ePrint Arch..

[7]  Jonathan Katz,et al.  Faster Secure Two-Party Computation Using Garbled Circuits , 2011, USENIX Security Symposium.

[8]  Matthew K. Franklin,et al.  Multi-party Indirect Indexing and Applications , 2007, ASIACRYPT.

[9]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[10]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[11]  Benny Pinkas,et al.  Fairplay - Secure Two-Party Computation System , 2004, USENIX Security Symposium.

[12]  Ran Raz Elusive functions and lower bounds for arithmetic circuits , 2008, STOC '08.

[13]  Thomas Schneider,et al.  Practical Secure Function Evaluation , 2008, Informatiktage.

[14]  A. Yao,et al.  Fair exchange with a semi-trusted third party (extended abstract) , 1997, CCS '97.

[15]  Leslie G. Valiant,et al.  Universal circuits (Preliminary Report) , 1976, STOC '76.

[16]  Vitaly Shmatikov,et al.  Privacy-preserving remote diagnostics , 2007, CCS '07.

[17]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[18]  Brent Waters,et al.  A Framework for Efficient and Composable Oblivious Transfer , 2008, CRYPTO.

[19]  Wenliang Du,et al.  A study of several specific secure two-party computation problems , 2001 .

[20]  Abhi Shelat,et al.  Billion-Gate Secure Computation with Malicious Adversaries , 2012, USENIX Security Symposium.

[21]  Anat Paskin-Cherniavsky,et al.  Evaluating Branching Programs on Encrypted Data , 2007, TCC.

[22]  Amir Yehudayoff,et al.  Arithmetic Circuits: A survey of recent results and open questions , 2010, Found. Trends Theor. Comput. Sci..

[23]  Ahmad-Reza Sadeghi,et al.  Secure Evaluation of Private Linear Branching Programs with Medical Applications , 2009, ESORICS.

[24]  Martín Abadi,et al.  Secure circuit evaluation , 1990, Journal of Cryptology.

[25]  Yehuda Lindell,et al.  A Proof of Security of Yao’s Protocol for Two-Party Computation , 2009, Journal of Cryptology.

[26]  Wenliang Du,et al.  Bureaucratic protocols for secure two-party sorting, selection, and permuting , 2010, ASIACCS '10.

[27]  Moni Naor,et al.  Efficient oblivious transfer protocols , 2001, SODA '01.

[28]  Yuval Ishai,et al.  Semantic Security under Related-Key Attacks and Applications , 2011, ICS.

[29]  Ahmad-Reza Sadeghi,et al.  Generalized Universal Circuits for Secure Evaluation of Private Functions with Application to Data Classification , 2009, IACR Cryptol. ePrint Arch..

[30]  Vladimir Kolesnikov,et al.  Improved Garbled Circuit: Free XOR Gates and Applications , 2008, ICALP.

[31]  Jonathan Katz,et al.  Secure Multi-Party Computation of Boolean Circuits with Applications to Privacy in On-Line Marketplaces , 2012, CT-RSA.

[32]  Abraham Waksman,et al.  A Permutation Network , 1968, JACM.

[33]  Helger Lipmaa,et al.  An Oblivious Transfer Protocol with Log-Squared Communication , 2005, ISC.

[34]  Ivan Damgård,et al.  Multiparty Computation from Threshold Homomorphic Encryption , 2000, EUROCRYPT.

[35]  Ahmad-Reza Sadeghi,et al.  Practical Secure Evaluation of Semi-Private Functions , 2009, IACR Cryptol. ePrint Arch..

[36]  Jonathan Katz,et al.  Constant-Round Private Function Evaluation with Linear Complexity , 2011, ASIACRYPT.

[37]  Yehuda Lindell,et al.  An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries , 2007, Journal of Cryptology.

[38]  Claudio Orlandi,et al.  A New Approach to Practical Active-Secure Two-Party Computation , 2012, IACR Cryptol. ePrint Arch..