Abstract
Secure non-interactive simulation (SNIS), introduced in EUROCRYPT 2022, is the information-theoretic analog of pseudo-correlation generators. SNIS allows parties, starting with samples of a source correlated private randomness (correlation), to non-interactively and securely transform them into samples from a different correlation.
This work studies SNIS of binary symmetric or erasure correlations from any arbitrary source correlation. In this context, our work presents:
-
1.
The characterization of all sources that facilitate such SNIS,
-
2.
An upper and lower bound on their maximum achievable rate, and
-
3.
Exemplar SNIS instances where non-linear reductions achieve optimal efficiency; however, any linear reduction is insecure.
These results collectively yield the fascinating instances of computer-assisted search for secure computation protocols that identify ingenious protocols that are more efficient than all known constructions.
Our work generalizes the algebraization of the simulation-based definition of SNIS as an approximate eigenvector problem. The following technical contributions are the underpinnings of the results above.
-
1.
Characterization of Markov and adjoint Markov operators’ effect on the Fourier spectrum of reduction functions.
-
2.
A new concentration phenomenon in the Fourier spectrum of reduction functions.
-
3.
A statistical-to-perfect lemma with broad consequences for feasibility and rate characterization of SNIS.
Our technical analysis relies on Fourier analysis over large alphabets with arbitrary measure, the orthogonal Efron-Stein decomposition, and junta theorems. Our technical approach motivates the new problem of “security-preserving dimension reduction” in harmonic analysis, which may be of independent interest.
The research effort is supported in part by an NSF CRII Award CNS–1566499, NSF SMALL Awards CNS–1618822 and CNS–2055605, the IARPA HECTOR project, MITRE Innovation Program Academic Cybersecurity Research Awards (2019–2020, 2020–2021), a Ross-Lynn Research Scholars Grant, a Purdue Research Foundation (PRF) Award, and The Center for Science of Information, an NSF Science and Technology Center, Cooperative Agreement CCF–0939370.
The full version is accessible at https://eprint.iacr.org/2021/190.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The reduction functions \(f_n(\cdot )\) and \(g_n(\cdot )\) are randomized and use independent private randomness; however, for brevity, the randomness is being excluded from the formal representation. Strong sample-preserving derandomization results (i.e., the derandomized reductions use an identical number of source samples and produce an identical number of target samples) for SNIS [32] indicate the uselessness of independent private randomness.
- 2.
The conditional distribution \((A\vert B=b)\) is \(\nu \)-close to being independent of b if there is a distribution \(A^*\) such that the statistical distance between \(A^*\) and the conditional distribution \((A|B=b)\) is at most \(\nu \) for any .
- 3.
Observe that “linearity” of a reduction may depend on how the samples of the source are “named”. We prove our impossibility result in a strong sense. For any renaming of the samples, we show that linear constructions are constant insecure.
- 4.
We identified all reductions realizing this SNIS at an optimal rate. All the reductions were essentially equivalent to each other. However, we chose this particular reduction because it admits an elegant intuitive formulation.
- 5.
A homogeneous function is a linear combination of terms with an identical degree.
- 6.
A function whose Fourier spectrum is concentrated on low-degree multi-linear terms may depend on all the variables. So, without using any additional properties of low-degree Boolean functions, one cannot prune down the set of candidate functions. Therefore, their number may be exponential in the number of variables.
- 7.
Note that in general the operator \(\overline{\textsf{T}} \textsf{T} \) (or \(\textsf{T} \overline{\textsf{T}} \)) is not equal to the noise operator \(\textsf{T} _{\! \!\rho } \).
- 8.
It is possible that \(\delta \) depends on n.
- 9.
A function \(f:\{\pm 1\}^n\rightarrow \{\pm 1\}\) is k-homogeneous if all the terms in the multi-linear expansion of f have degree k.
- 10.
Spectrum of a distribution matrix M is defined in [1] as the multi-set of non-zero singular values of the matrix \(\varDelta _{M^{T}}^{-1/2}M \varDelta _{M}^{-1/2}\) where \(\varDelta _M\) represents a diagonal matrix with the vector \(\textbf{1}^{T}M\) along its diagonal.
References
Agarwal, P., Narayanan, V., Pathak, S., Prabhakaran, M., Prabhakaran, V.M., Rehan, M.A.: Secure Non-interactive reduction and spectral analysis of correlations. In: Dunkelman, O., Dziembowski, S. (eds.) EUROCRYPT 2022, Part III. LNCS, vol. 13277, pp. 797–827. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-07082-2_28
Agrawal, S., et al.: Cryptography from one-way communication: on completeness of finite channels. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020. LNCS, vol. 12493, pp. 653–685. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64840-4_22
Ahlswede, R., Gács, P.: Spreading of sets in product spaces and hypercontraction of the Markov operator. Ann. Probab. 925–939 (1976)
Anantharam, V., Gohari,A., Kamath, S., Nair, C.: On maximal correlation, hypercontractivity, and the data processing inequality studied by Erkip and Cover. arXiv preprint arXiv:1304.6133 (2013)
Beaver, D.: Efficient multiparty protocols using circuit randomization. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 420–432. Springer, Heidelberg (1992). https://doi.org/10.1007/3-540-46766-1_34
Beimel, A., Ishai, Y., Kumaresan, R., Kushilevitz, E.: On the cryptographic complexity of the worst functions. In: Lindell, Y. (ed.) TCC 2014. LNCS, vol. 8349, pp. 317–342. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54242-8_14
Beimel, A., Malkin, T.: A quantitative approach to reductions in secure computation. In: Naor, M. (ed.) TCC 2004. LNCS, vol. 2951, pp. 238–257. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24638-1_14
Ben-David, A., Nisan, N., Pinkas, B.: FairplayMP: a system for secure multi-party computation. In: Ning, P., Syverson, P.F., Jha, S. (eds.) ACM CCS 2008, pp. 257–266. ACM Press (2008). https://doi.org/10.1145/1455770.1455804
Bogdanov, A., Mossel, E.: On extracting common random bits from correlated sources. IEEE Trans. Inf. Theory 57(10), 6351–6355 (2011). https://doi.org/10.1109/TIT.2011.2134067
Boyle, E., Couteau, G., Gilboa, N., Ishai, Y., Kohl, L., Scholl, P.: Efficient pseudorandom correlation generators: silent OT extension and more. In: Boldyreva, A., Micciancio, D. (eds.) CRYPTO 2019, Part III. LNCS, vol. 11694, pp. 489–518. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-26954-8_16
Boyle, E., Couteau, G., Gilboa, N., Ishai, Y., Kohl, L., Scholl, P.: Efficient pseudorandom correlation generators from ring-LPN. In: Micciancio, D., Ristenpart, T. (eds.) CRYPTO 2020, Part II. LNCS, vol. 12171, pp. 387–416. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-56880-1_14
Canetti, R.: Security and composition of multiparty cryptographic protocols. J. Cryptol. 13(1), 143–202 (2000). https://doi.org/10.1007/s001459910006
Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. Cryptology ePrint Archive, Report 2000/067 (2000). https://eprint.iacr.org/2000/067
Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: 42nd FOCS, pp. 136–145. IEEE Computer Society Press (2001). https://doi.org/10.1109/SFCS.2001.959888
Carmer, B., Rosulek, M.: Linicrypt: a model for practical cryptography. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016, Part III. LNCS, vol. 9816, pp. 416–445. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-53015-3_15
Chan, S.O., Mossel, E., Neeman, J.: On extracting common random bits from correlated sources on large alphabets. IEEE Trans. Inf. Theory 60(3), 1630–1637 (2014). https://doi.org/10.1109/TIT.2014.2301155
Damgård, I., Pastro, V., Smart, N., Zakarias, S.: Multiparty computation from somewhat homomorphic encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 643–662. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_38
De, A., Mossel, E., Neeman, J.: Non interactive simulation of correlated distributions is decidable. In: Czumaj, A. (ed.) 29th SODA, pp. 2728–2746. ACM-SIAM (2018). https://doi.org/10.1137/1.9781611975031.174
Efron, B., Stein, C.: The jackknife estimate of variance. Ann. Stat. 586–596 (1981)
Friedgut, E.: Boolean functions with low average sensitivity depend on few coordinates. Combinatorica 18(1), 27–35 (1998). https://doi.org/10.1007/PL00009809
Gács, P., Körner, J.: Common information is far less than mutual information. Probl. Control Inf. Theory 2(2), 149–162 (1973)
Garg, S., Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Cryptography with one-way communication. In: Gennaro, R., Robshaw, M. (eds.) CRYPTO 2015, Part II. LNCS, vol. 9216, pp. 191–208. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48000-7_10
Gebelein, H.: Das statistische problem der korrelation als variations-und eigenwertproblem und sein zusammenhang mit der ausgleichsrechnung. ZAMM-J. Appl. Math. Mech./Zeitschrift für Angewandte Mathematik und Mechanik 21(6), 364–379 (1941)
Ghazi, B., Kamath, P., Raghavendra, P.: Dimension reduction for polynomials over gaussian space and applications. In: Servedio, R.A. (ed.) 33rd Computational Complexity Conference, CCC 2018, 22–24 June 2018, San Diego, CA, USA. LIPIcs, vol. 102 , pp. 28: 1–28: 37. Schloss Dagstuhl - Leibniz Center for u r Computer Science (2018). https://doi.org/10.4230/LIPIcs.CCC.2018.28
Ghazi, B., Kamath, P., Sudan, M.: Decidability of non-interactive simulation of joint distributions. In: Dinur, I. (ed.) 57th FOCS, pp. 545–554. IEEE Computer Society Press (2016). https://doi.org/10.1109/FOCS.2016.65
Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: Aho, A. (ed.) 19th ACM STOC, pp. 218–229. ACM Press (1987). https://doi.org/10.1145/28395.28420
Hirschfeld, H.O.: A connection between correlation and contingency. In: Mathematical Proceedings of the Cambridge Philosophical Society, vol. 31, pp. 520–524. Cambridge University Press (1935). https://doi.org/10.1017/S0305004100013517
Ishai, Y., Kushilevitz, E., Ostrovsky, R., Prabhakaran, M., Sahai, A., Wullschleger, J.: Constant-rate oblivious transfer from noisy channels. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 667–684. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-22792-9_38
Ishai, Y., Prabhakaran, M., Sahai, A.: Founding cryptography on oblivious transfer – efficiently. In: Wagner, D. (ed.) CRYPTO 2008. LNCS, vol. 5157, pp. 572–591. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-85174-5_32
Kamath, S., Anantharam, V.: Non-interactive simulation of joint distributions: the hirschfeld-gebelein-rényi maximal correlation and the hypercontractivity ribbon. In: 2012 50th Annual Allerton Conference on Communication, Control, and Computing (Allerton), pp. 1057–1064. IEEE (2012)
Kamath, S., Anantharam, V.: On non-interactive simulation of joint distributions. IEEE Trans. Inf. Theory 62(6), 3419–3435 (2016)
Khorasgani, H.A., Maji, H.K., Nguyen, H.H.: Secure non-interactive simulation: feasibility and rate. In: Dunkelman, O., Dziembowski, S. (eds.) EUROCRYPT 2022, Part III. LNCS, vol. 13277, pp. 767–796. Springer, Heidelberg (2022). https://doi.org/10.1007/978-3-031-07082-2_27
Kilian, J.: More general completeness theorems for secure two-party computation. In: 32nd ACM STOC, pp. 316–324. ACM Press (2000). https://doi.org/10.1145/335305.335342
Kindler, G.: Property testing PCP. PhD thesis, Tel-Aviv University (2002)
Kindler, G., Safra, S.: Noise-resistant Boolean functions are juntas. Preprint (2002)
Kraschewski, D., Maji, H.K., Prabhakaran, M., Sahai, A.: A full characterization of completeness for two-party randomized function evaluation. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 659–676. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-55220-5_36
MacWilliams, F.J., Sloane, N.J.A.: The Theory of Error Correcting Codes, vol. 16. Elsevier, Amsterdam (1977)
Maji, H.K., Prabhakaran, M., Rosulek, M.: Complexity of multi-party computation functionalities. In: Prabhakaran, M., Sahai, A. (eds.) Secure Multi-Party Computation. Cryptology and Information Security Series, vol. 10, pp. 249–283. IOS Press (2013). https://doi.org/10.3233/978-1-61499-169-4-249
Malkhi, D., Nisan, N., Pinkas, B., Sella, Y.: Fairplay - secure two-party computation system. In: Blaze, M. (ed.) USENIX Security 2004, pp. 287–302. USENIX Association (2004)
Mossel, E.: Gaussian bounds for noise correlation of functions and tight analysis of long codes. In: 49th FOCS, pp. 156–165. IEEE Computer Society Press (2008). https://doi.org/10.1109/FOCS.2008.44
Mossel, E.: Gaussian bounds for noise correlation of functions. Geom. Funct. Anal. 19(6), 1713–1756 (2010)
Mossel, E., O’Donnell, R.: Coin flipping from a cosmic source: on error correction of truly random bits. Random Struct. Algorithms 26(4), 418–436 (2005). https://doi.org/10.1002/rsa.20062
Mossel, E., O’Donnell, R., Regev, O., Steif, J.E., Sudakov, B.: Non-interactive correlation distillation, inhomogeneous Markov chains, and the reverse Bonami-Beckner inequality. Israel J. Math. 154(1), 299–336 (2006)
Narayanan, V., Prabhakaran, M., Prabhakaran, V.M.: Zero-communication reductions. In: Pass, R., Pietrzak, K. (eds.) TCC 2020, Part III. LNCS, vol. 12552, pp. 274–304. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64381-2_10
Nielsen, J.B., Nordholt, P.S., Orlandi, C., Burra, S.S.: A new approach to practical active-secure two-party computation. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 681–700. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_40
O’Donnell, R.: Analysis of Boolean Functions. Cambridge University Press, Cambridge (2014)
Rényi, A.: On measures of dependence. Acta Math. Hung. 10(3–4), 441–451 (1959). https://doi.org/10.1007/BF02024507
Witsenhausen, H.S.: On sequences of pairs of dependent random variables. SIAM J. Appl. Math. 28(1), 100–113 (1975). https://doi.org/10.1137/0128010
Wolf, S., Wullschleger, J.: Oblivious transfer is symmetric. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 222–232. Springer, Heidelberg (2006). https://doi.org/10.1007/11761679_14
Wyner, A.: The common information of two dependent random variables. IEEE Trans. Inf. Theory 21(2), 163–179 (1975). https://doi.org/10.1109/TIT.1975.1055346
Yang, K.: On the (im)possibility of non-interactive correlation distillation. In: Farach-Colton, M. (ed.) LATIN 2004. LNCS, vol. 2976, pp. 222–231. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24698-5_26
Yao, A.C.-C.: Protocols for secure computations (extended abstract). In: 23rd FOCS, pp. 160–164. IEEE Computer Society Press (1982). https://doi.org/10.1109/SFCS.1982.38
Yin, Z., Park, Y.: Hypercontractivity, maximal correlation and non-interactive simulation (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Khorasgani, H.A., Maji, H.K., Nguyen, H.H. (2022). Secure Non-interactive Simulation from Arbitrary Joint Distributions. In: Kiltz, E., Vaikuntanathan, V. (eds) Theory of Cryptography. TCC 2022. Lecture Notes in Computer Science, vol 13748. Springer, Cham. https://doi.org/10.1007/978-3-031-22365-5_14
Download citation
DOI: https://doi.org/10.1007/978-3-031-22365-5_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-22364-8
Online ISBN: 978-3-031-22365-5
eBook Packages: Computer ScienceComputer Science (R0)