Skip to main content
SpringerLink
Log in

A Privacy Enhancing Scheme for Mobile Devices Based Secure Multi-party Computation System

  • Conference paper
  • First Online:
Information Security and Cryptology (Inscrypt 2019)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12020))

Included in the following conference series:

  • 1040 Accesses

Abstract

Mobile devices, such as smart phones, have recently become the typical computing platforms for many users. Consequently, in practice more and more multi-party computation systems are deployed on users’ mobile devices, resulting in various applications such as mobile outsourcing computing and mobile cooperative computing. However, as the mobile platforms may have inherent flaws, the connection of mobile devices and multi-party computation systems usually arouse new security risks. We point out that an application in one party’s mobile device can be a powerful privileged attacker to the multi-party computation system. Previous studies have mainly focused on avoiding the privacy leaks of one or several malicious parties or eavesdroppers on the Internet. This paper presents a privacy enhancing scheme for a kind of secure multi-party computation systems. The scheme can resist the privileged attackers from the party’s mobile device. Our scheme transforms the original computation process and puts the critical calculation process into trusted execution environment. We provide three components to build a privacy-enhanced multi-party computation system with our scheme. Our scheme is implemented to an actual secure multi-party computation system to demonstrate its validity and acceptable performance overhead.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Yao, A.C.: Protocols for secure computations. In: 23rd Annual Symposium on Foundations of Computer Science, SFCS’08, pp. 160–164. IEEE (1982)

    Google Scholar 

  2. Aggarwal, C.C., Philip, S.Y.: A general survey of privacy-preserving data mining models and algorithms. In: Aggarwal, C.C., Yu, P.S. (eds.) Privacy-Preserving Data Mining, pp. 11–52. Springer, Boston (2008). https://doi.org/10.1007/978-0-387-70992-5_2

    Chapter  Google Scholar 

  3. Kamm, L.: Privacy-preserving statistical analysis using secure multi-party computation. Ph.D. dissertation (2015)

    Google Scholar 

  4. Botta, A., De Donato, W., Persico, V., Pescapé, A.: Integration of cloud computing and internet of things: a survey. Future Gener. Comput. Syst. 56, 684–700 (2016)

    Article  Google Scholar 

  5. Dinh, H.T., Lee, C., Niyato, D., Wang, P.: A survey of mobile cloud computing: architecture, applications, and approaches. Wirel. Commun. Mob. Comput. 13(18), 1587–1611 (2013)

    Article  Google Scholar 

  6. Seibel, J., LaFlamme, K., Koschara, F., Schumak, R., Debate, J.: Trusted execution environment, US Patent Application 15/007,547, 27 2017 July

    Google Scholar 

  7. Cao, N., Wang, C., Li, M., Ren, K., Lou, W.: Privacy-preserving multi-keyword ranked search over encrypted cloud data. IEEE Trans. Parallel Distrib. Syst. 25(1), 222–233 (2014)

    Article  Google Scholar 

  8. Machiry, A., et al.: Boomerang: exploiting the semantic gap in trusted execution environments. In: Proceedings of the 2017 Network and Distributed System Security Symposium (NDSS) (2017)

    Google Scholar 

  9. Winter, J.: Trusted computing building blocks for embedded Linux-based arm Trustzone platforms. In: Proceedings of the 3rd ACM Workshop on Scalable Trusted Computing, pp. 21–30. ACM (2008)

    Google Scholar 

  10. Rosenberg, D.: Qsee trustzone kernel integer over flow vulnerability. In: Black Hat Conference, p. 26 (2014)

    Google Scholar 

  11. Goldreich, O.: Secure multi-party computation. Manuscript. Preliminary version, vol. 78 (1998)

    Google Scholar 

  12. Du, W., Atallah, M.J.: Secure multi-party computation problems and their applications: a review and open problems. In: Proceedings of the 2001 Workshop on New Security Paradigms, NSPW 2001, pp. 13–22. ACM, New York (2001). http://doi.acm.org/10.1145/508171.508174

  13. Ostrovsky, R., Yung, M.: How to withstand mobile virus attacks (extended abstract). In: Proceedings of the Tenth Annual ACM Symposium on Principles of Distributed Computing, PODC 1991, pp. 51–59. ACM, New York (1991). http://doi.acm.org/10.1145/112600.112605

  14. Li, H., Sun, L., Zhu, H., Lu, X., Cheng, X.: Achieving privacy preservation in WiFi fingerprint-based localization. In: 2014 Proceedings IEEE INFOCOM, pp. 2337–2345. IEEE (2014)

    Google Scholar 

  15. Zhou, C.V., Leckie, C., Karunasekera, S.: A survey of coordinated attacks and collaborative intrusion detection. Comput. Secur. 29(1), 124–140 (2010)

    Article  Google Scholar 

  16. Bogetoft, P., et al.: Secure multiparty computation goes live. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 325–343. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03549-4_20

    Chapter  Google Scholar 

  17. Hirt, M., Maurer, U.: Player simulation and general adversary structures in perfect multiparty computation. J. Cryptol. 13(1), 31–60 (2000). https://doi.org/10.1007/s001459910003

    Article  MathSciNet  MATH  Google Scholar 

  18. Davi, L., Dmitrienko, A., Sadeghi, A.-R., Winandy, M.: Privilege escalation attacks on android. In: Burmester, M., Tsudik, G., Magliveras, S., Ilić, I. (eds.) ISC 2010. LNCS, vol. 6531, pp. 346–360. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-18178-8_30

    Chapter  Google Scholar 

  19. Wißfeld, M.: ArtHook: Callee-side method hook injection on the new android runtime art. Ph.D. dissertation, Saarland University (2015)

    Google Scholar 

  20. Gouveia, J.M.E.P.: Fault injectionin android applications. Master’s thesis, Universidade do Porto (2018). https://repositorio-aberto.up.pt/bitstream/10216/114158/2/277710.pdf

  21. Rastogi, V., Chen, Y., Jiang, X.: Catch me if you can: evaluating android anti-malware against transformation attacks. IEEE Trans. Inf. Forensics Secur. 9(1), 99–108 (2014)

    Article  Google Scholar 

  22. Coogan, K., Lu, G., Debray, S.: Deobfuscation of virtualization-obfuscated software: a semantics-based approach. In: Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, pp. 275–284. ACM, New York (2011). http://doi.acm.org/10.1145/2046707.2046739

  23. Gupta, R., Halambi, S.A., Rimoni, Y.: Secure behavior analysis over trusted execution environment, US Patent 9,756,066, 5 September 2017

    Google Scholar 

  24. Covey, C.R., Harvey, R.B., Redman, M.D., Tkacik, T.E.: Computing device with entry authentication into trusted execution environment and method therefor, US Patent 8,117,642, 14 February 2012

    Google Scholar 

  25. Jang, J.S., Kong, S., Kim, M., Kim, D., Kang, B.B.: SeCReT: secure channel between rich execution environment and trusted execution environment. In: NDSS (2015)

    Google Scholar 

  26. Tremlet, C.: Embedded secure element for authentication, storage and transaction within a mobile terminal, US Patent 9,436,940, 6 September 2016

    Google Scholar 

  27. Roland, M.: Applying recent secure element relay attack scenarios to the real world: Google wallet relay attack, arXiv preprint arXiv:1209.0875 (2012)

  28. Mellqvist, A.: Portable electronic devices, systems, methods and computer program products for accessing remote secure elements, US Patent Application 12/487,045, 17 June 2010

    Google Scholar 

  29. Little, M., Ko, C.: Detecting coordinated attacks in tactical wireless networks using cooperative signature-based detectors. In: IEEE Military Communications Conference, MILCOM 2005, pp. 176–182. IEEE (2005)

    Google Scholar 

  30. OpenAFS. Improving password and authentication security (2000). http://docs.openafs.org/AdminGuide/HDRWQ515.html

  31. Apple. iOS security iOS 12 (2018). https://www.apple.com/business/site/docs/iOS_Security_Guide.pdf

  32. Merkle, R.C.: Secure communications over insecure channels. Commun. ACM 21(4), 294–299 (1978)

    Article  Google Scholar 

  33. Eastlake 3rd, D., Jones, P.: US Secure Hash Algorithm 1 (SHA1). Technical report (2001)

    Google Scholar 

  34. N.-F. Standard: Announcing the advanced encryption standard (AES). Federal Information Processing Standards Publication, vol. 197, pp. 1–51 (2001)

    Google Scholar 

  35. Cohen, W.W.: Enron email dataset, May 2015. http://www.cs.cmu.edu/~./enron/

Download references

Acknowledgement

The authors would like to thank the anonymous reviewers. This work is supported by National Key R&D Program of China (No. 2017YFB0802404), and partially supported by the National Natural Science Foundation of China (No. 61802396).

Author information

Authors and Affiliations

  1. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, China

    Xueyi Yang, Na Lv, Tianyu Chen, Cunqing Ma & Limin Liu

  2. Data Assurance and Communications Security Research Center, Chinese Academy of Sciences, Beijing, China

    Xueyi Yang, Na Lv, Tianyu Chen, Cunqing Ma & Limin Liu

  3. School of Cyber Security, University of Chinese Academy of Sciences, Beijing, China

    Xueyi Yang

Authors
  1. Xueyi Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Na Lv
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tianyu Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Cunqing Ma
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Limin Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Na Lv .

Editor information

Editors and Affiliations

  1. College of Computer Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing, China

    Zhe Liu

  2. Computer Science Department, Columbia University, New York, NY, USA

    Moti Yung

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Yang, X., Lv, N., Chen, T., Ma, C., Liu, L. (2020). A Privacy Enhancing Scheme for Mobile Devices Based Secure Multi-party Computation System. In: Liu, Z., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2019. Lecture Notes in Computer Science(), vol 12020. Springer, Cham. https://doi.org/10.1007/978-3-030-42921-8_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-42921-8_17

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-42920-1

  • Online ISBN: 978-3-030-42921-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation