Optimizing Transport Layer for Secure Computation

We explore two central issues in the performance of Secure Two-Party Computation (2PC): (1) the transport layer in 2PC and (2) evaluation of 2PC implementations. Transport layer. Although significantly improved, the performance of 2PC is still prohibitive for practical systems. Contrary to the common belief that bandwidth is the remaining bottleneck for 2PC implementation, we show that the network is under-utilised due to the use of standard TCP sockets. Nevertheless, using other sockets is a nontrivial task: the developers of secure computation need to integrate them into the operating systems, which is challenging even for systems experts. To resolve this issue, and break the efficiency barrier of 2PC, we design and develop a framework, we call Transputation, which automates the integration of transport layer sockets into 2PC implementations. The goal of Transputation is to enable developers of 2PC protocols to easily identify and use the optimal transport layer protocol for the given computation task and network conditions. We integrated selected transport layer protocols into Transputation and evaluated the performance for a number of computational tasks. As a highlight, even a general purpose transport layer protocol, such as SABUL, improves the run-time of 2PC over TCP on EU-Australia connection for circuits with > 10 Boolean gates by a factor of 8. Evaluations of 2PC. Evaluations of 2PC implementations do not reflect performance in real networks since they are typically done on simulated environments and even more often on a single host. To address this issue, we setup a testbed platform for evaluation of 2PC implementations in real life settings on the Internet.

[1]  Kenji Ishida,et al.  Experimental Evaluation of TCP-STAR for Satellite Internet over WINDS , 2011, 2011 Tenth International Symposium on Autonomous Decentralized Systems.

[2]  Rafail Ostrovsky,et al.  High-Precision Secure Computation of Satellite Collision Probabilities , 2016, SCN.

[3]  Moni Naor,et al.  Efficient oblivious transfer protocols , 2001, SODA '01.

[4]  Yehuda Lindell,et al.  SCAPI: The Secure Computation Application Programming Interface , 2012, IACR Cryptol. ePrint Arch..

[5]  David Evans,et al.  Two Halves Make a Whole - Reducing Data Transfer in Garbled Circuits Using Half Gates , 2015, EUROCRYPT.

[6]  David E. Culler,et al.  PlanetLab: an overlay testbed for broad-coverage services , 2003, CCRV.

[7]  Emiliano De Cristofaro,et al.  Private discovery of common social contacts , 2011, International Journal of Information Security.

[8]  Dan Bogdanov,et al.  How the Estonian Tax and Customs Board Evaluated a Tax Fraud Detection System Based on Secure Multi-party Computation , 2015, Financial Cryptography.

[9]  Brett Hemenway,et al.  SoK: General Purpose Compilers for Secure Multi-Party Computation , 2019, 2019 IEEE Symposium on Security and Privacy (SP).

[10]  Martina Zitterbart,et al.  Experimental evaluation of BBR congestion control , 2017, 2017 IEEE 25th International Conference on Network Protocols (ICNP).

[11]  Donald Beaver,et al.  Correlated pseudorandomness and the complexity of private computations , 1996, STOC '96.

[12]  Silvio Micali,et al.  A Completeness Theorem for Protocols with Honest Majority , 1987, STOC 1987.

[13]  Robert L. Grossman,et al.  SABUL: A Transport Protocol for Grid Computing , 2003, Journal of Grid Computing.

[14]  Jan Camenisch,et al.  Fair Private Set Intersection with a Semi-trusted Arbiter , 2013, IACR Cryptol. ePrint Arch..

[15]  Yuval Ishai,et al.  Extending Oblivious Transfers Efficiently , 2003, CRYPTO.

[16]  Yehuda Lindell,et al.  From Keys to Databases - Real-World Applications of Secure Multi-Party Computation , 2018, IACR Cryptol. ePrint Arch..

[17]  Andrew Chi-Chih Yao,et al.  How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[18]  Jonathan Katz,et al.  Faster Secure Two-Party Computation Using Garbled Circuits , 2011, USENIX Security Symposium.

[19]  Benny Pinkas,et al.  Scalable Private Set Intersection Based on OT Extension , 2018, IACR Cryptol. ePrint Arch..

[20]  Shai Halevi Advanced Cryptography: Promise and Challenges , 2018, CCS.

[21]  David A. Maltz,et al.  Data center TCP (DCTCP) , 2010, SIGCOMM 2010.

[22]  R. Srikant,et al.  TCP-Illinois: A loss- and delay-based congestion control algorithm for high-speed networks , 2008, Perform. Evaluation.

[23]  Carlo Caini,et al.  TCP Hybla: a TCP enhancement for heterogeneous networks , 2004, Int. J. Satell. Commun. Netw..

[24]  Yehuda Lindell,et al.  An End-to-End System for Large Scale P2P MPC-as-a-Service and Low-Bandwidth MPC for Weak Participants , 2018, IACR Cryptol. ePrint Arch..

[25]  Injong Rhee,et al.  CUBIC: a new TCP-friendly high-speed TCP variant , 2008, OPSR.

[26]  Ivan Damgård,et al.  Secure Multiparty Computation Goes Live , 2009, Financial Cryptography.

[27]  Sherman S. M. Chow,et al.  Are you The One to Share? Secret Transfer with Access Structure , 2015, IACR Cryptol. ePrint Arch..

[28]  Jonathan Katz,et al.  On the Security of the Free-XOR Technique , 2012, IACR Cryptol. ePrint Arch..

[29]  Mihir Bellare,et al.  Efficient Garbling from a Fixed-Key Blockcipher , 2013, 2013 IEEE Symposium on Security and Privacy.

[30]  Haitao Wu,et al.  ICTCP: Incast Congestion Control for TCP in Data-Center Networks , 2013, IEEE/ACM Transactions on Networking.

[31]  John Nagle,et al.  Congestion control in IP/TCP internetworks , 1995, CCRV.

[32]  Yehuda Lindell,et al.  More efficient oblivious transfer and extensions for faster secure computation , 2013, CCS.

[33]  Van Jacobson,et al.  BBR: Congestion-Based Congestion Control , 2016, ACM Queue.

[34]  Mihir Bellare,et al.  Foundations of garbled circuits , 2012, CCS.

[35]  Mo Dong,et al.  PCC: Re-architecting Congestion Control for Consistent High Performance , 2014, NSDI.

[36]  Huaiyu Dai,et al.  A Survey on Low Latency Towards 5G: RAN, Core Network and Caching Solutions , 2017, IEEE Communications Surveys & Tutorials.

[37]  Michael Zohner,et al.  ABY - A Framework for Efficient Mixed-Protocol Secure Two-Party Computation , 2015, NDSS.

[38]  Robert L. Grossman,et al.  UDT: UDP-based data transfer for high-speed wide area networks , 2007, Comput. Networks.

[39]  Jonathan Katz,et al.  Private Set Intersection: Are Garbled Circuits Better than Custom Protocols? , 2012, NDSS.

[40]  Benny Pinkas,et al.  Secure Two-Party Computation is Practical , 2009, IACR Cryptol. ePrint Arch..

[41]  Michael Zohner,et al.  GMW vs. Yao? Efficient Secure Two-Party Computation with Low Depth Circuits , 2013, Financial Cryptography.

[42]  Moni Naor,et al.  Privacy preserving auctions and mechanism design , 1999, EC '99.

[43]  Benny Pinkas,et al.  Fairplay - Secure Two-Party Computation System , 2004, USENIX Security Symposium.

[44]  Mark Handley,et al.  Why the Internet only just works , 2006 .

[45]  Jan Willemson,et al.  Secure floating point arithmetic and private satellite collision analysis , 2015, International Journal of Information Security.

[46]  Silvio Micali,et al.  The Round Complexity of Secure Protocols (Extended Abstract) , 1990, STOC 1990.

[47]  Robert L. Grossman,et al.  UDTv4: Improvements in Performance and Usability , 2008, GridNets.

[48]  Jonathan Katz,et al.  Authenticated Garbling and Efficient Maliciously Secure Two-Party Computation , 2017, CCS.

[49]  Thomas Schneider,et al.  Constant Round Maliciously Secure 2PC with Function-independent Preprocessing using LEGO , 2017, NDSS.

[50]  Vladimir Kolesnikov,et al.  Improved Garbled Circuit: Free XOR Gates and Applications , 2008, ICALP.

[51]  Yehuda Lindell,et al.  Fast Garbling of Circuits Under Standard Assumptions , 2017, Journal of Cryptology.