ABSTRACT
Garbled circuits offer a powerful primitive for computation on a user's personal data while keeping that data private. Despite recent improvements, constructing and evaluating circuits of any useful size remains expensive on the limited hardware resources of a smartphone, the primary computational device available to most users around the world. In this work, we develop a new technique for securely outsourcing the generation of garbled circuits to a Cloud provider. By outsourcing the circuit generation, we are able to eliminate the most costly operations from the mobile device, including oblivious transfers. Our proofs of security show that this technique provides the best security guarantees of any existing garbled circuit outsourcing protocol. We also experimentally demonstrate that our new protocol, on average, decreases execution time by 75% and reduces network costs by 60% compared to previous outsourcing protocols. In so doing, we demonstrate that the use of garbled circuits on mobile devices can be made nearly as practical as it is becoming for server-class machines.
- M. J. Atallah and K. B. Frikken. Securely outsourcing linear algebra computations. In Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS), 2010. Google ScholarDigital Library
- Y. Aumann. Security Against Covert Adversaries: Efficient Protocols for Realistic Adversaries. Journal of Cryptology, 18(3):554--343, 2010. Google ScholarDigital Library
- D. Beaver. Server-assisted cryptography. In Proceedings of the workshop on New security paradigms (NSPW), 1998. Google ScholarDigital Library
- M. Bellare, V. T. Hoang, S. Keelveedhi, and P. Rogaway. Efficient garbling from a fixed-key blockcipher. In Proceedings of the IEEE Symposium on Security and Privacy, 2013. Google ScholarDigital Library
- J. Brickell and V. Shmatikov. Privacy-preserving graph algorithms in the semi-honest model. In Proceedings of the international conference on Theory and Application of Cryptology and Information Security, 2005. Google ScholarDigital Library
- H. Carter, C. Amrutkar, I. Dacosta, and P. Traynor. For your phone only: custom protocols for efficient secure function evaluation on mobile devices. Journal of Security and Communication Networks (SCN), 7(7):1165--1176, 2014.Google Scholar
- H. Carter, C. Lever, and P. Traynor. Whitewash: Outsourcing garbled circuit generation for mobile devices. Cryptology ePrint Archive, Report 2014/224, 2014. http://eprint.iacr.org/. Google Scholar
- H. Carter, B. Mood, P. Traynor, and K. Butler. Secure Outsourced Garbled Circuit Evaluation for Mobile Devices. In Proceedings of the USENIX Security Symposium, 2013. Google ScholarDigital Library
- comScore. comScore Reports February 2013 U.S. Smartphone Subscriber Market Share. http://www.comscore.com/Insights/Press_Releases/2013/4/comScore_Reports_February_2013_U.S._Smartphone_Subscriber_Market_Share, 2013.Google Scholar
- I. Damgård, M. Geisler, and J. B. Nielsen. From passive to covert security at low cost. In Proceedings of the 7th international conference on Theory of Cryptography, 2010. Google ScholarDigital Library
- I. Damgard, V. Pastro, N. Smart, and S. Zakarias. Multiparty computation from somewhat homomorphic encryption. In Proceedings of the Annual International Cryptology Conference on Advances in Cryptology, 2012.Google ScholarDigital Library
- C. Gentry, S. Halevi, and N. P. Smart. Homomorphic evaluation of the AES circuit. In Advances in Cryptology - CRYPTO, 2012.Google ScholarDigital Library
- S. D. Gordon, J. Katz, V. Kolesnikov, A.-l. B. Labs, F. Krell, and M. Raykova. Secure Two-Party Computation in Sublinear (Amortized) Time. In Proceedings of the ACM conference on Computer and communications security (CCS), 2012. Google ScholarDigital Library
- M. Green, S. Hohenberger, and B. Waters. Outsourcing the Decryption of ABE Ciphertexts. In Proceedings of the USENIX Security Symposium, 2011. Google ScholarDigital Library
- C. Hazay and Y. Lindell. Efficient Protocols for Set Intersection and Pattern Matching with Security Against Malicious and Covert Adversaries. Journal of Cryptology, 23(3):422--456, 2008.Google ScholarDigital Library
- Y. Huang, D. Evans, J. Katz, and L. Malka. Faster Secure Two-Party Computation Using Garbled Circuits. In Proceedings of the USENIX Security Symposium, 2011. Google ScholarDigital Library
- Y. Huang, J. Katz, and D. Evans. Quid-pro-quo-tocols: Strengthening semi-honest protocols with dual execution. In Proceedings of the IEEE Symposium on Security and Privacy, 2012. Google ScholarDigital Library
- Y. Huang, J. Katz, and D. Evans. Efficient secure two-party computation using symmetric cut-and-choose. In Advances in Cryptology--CRYPTO, 2013.Google ScholarCross Ref
- N. Hustead, S. Myers, abhi shelat, and P. Grubbs. GPU and CPU parallelization of honest-but-curious secure two-party computation. In Proceedings of the Annual Computer Security Applications Conference (ACSAC), 2013. Google ScholarDigital Library
- A. Iliev and S. W. Smith. Small, Stupid, and Scalable: Secure Computing with Faerieplay. In The ACM Workshop on Scalable Trusted Computing, 2010. Google ScholarDigital Library
- S. Jha, L. Kruger, and V. Shmatikov. Towards practical privacy for genomic computation. In Proceedings of the IEEE Symposium on Security and Privacy, 2008. Google ScholarDigital Library
- S. Kamara, P. Mohassel, and M. Raykova. Outsourcing multi-party computation. Cryptology ePrint Archive, Report 2011/272, 2011. http://eprint.iacr.org/.Google Scholar
- S. Kamara, P. Mohassel, and B. Riva. Salus: A system for server-aided secure function evaluation. In Proceedings of the ACM conference on Computer and communications security (CCS), 2012. Google ScholarDigital Library
- F. Kerschbaum. Collusion-resistant outsourcing of private set intersection. In Proceedings of the ACM Symposium on Applied Computing, 2012. Google ScholarDigital Library
- M. Kiraz and B. Schoenmakers. A Protocol Issue for The Malicious Case of Yao's Garbled Circuit Construction. In Proceedings of the Symposium on Information Theory in the Benelux, 2006.Google Scholar
- M. S. Kiraz. Secure and Fair Two-Party Computation. PhD thesis, Technische Universiteit Eindhoven, 2008.Google Scholar
- B. Kreuter, a. shelat, B. Mood, and K. Butler. PCF: A portable circuit format for scalable two-party secure computation. In Proceedings of the USENIX Security Symposium, 2013. Google ScholarDigital Library
- B. Kreuter, a. shelat, and C. Shen. Billion-Gate Secure Computation with Malicious Adversaries. In Proceedings of the USENIX Security Symposium, 2012. Google ScholarDigital Library
- L. Kruger, S. Jha, E.-J. Goh, and D. Boneh. Secure Function Evaluation with Ordered Binary Decision Diagrams. In Proceedings of the ACM conference on Computer and communications security (CCS), 2006. Google ScholarDigital Library
- Y. Lindell. Fast cut-and-choose based protocols for malicious and covert adversaries. In Advances in Cryptology--CRYPTO, 2013.Google ScholarCross Ref
- Y. Lindell and B. Pinkas. Privacy preserving data mining. In Proceedings of the Annual International Cryptology Conference on Advances in Cryptology, 2000. Google ScholarDigital Library
- Y. Lindell and B. Pinkas. An efficient protocol for secure two-party computation in the presence of malicious adversaries. In Proceedings of the annual international conference on Advances in Cryptology, 2007. Google ScholarDigital Library
- Y. Lindell and B. Pinkas. Secure two-party computation via cut-and-choose oblivious transfer. In Proceedings of the conference on Theory of cryptography, 2011. Google ScholarDigital Library
- L. Malka. Vmcrypt: modular software architecture for scalable secure computation. In Proceedings of the 18th ACM conference on Computer and communications security, 2011. Google ScholarDigital Library
- D. Malkhi, N. Nisan, B. Pinkas, and Y. Sella. Fairplay--a secure two-party computation system. In Proceedings of the USENIX Security Symposium, 2004. Google ScholarDigital Library
- A. Miyaji and M. S. Rahman. Privacy-preserving data mining in presence of covert adversaries. In Proceedings of the international conference on Advanced data mining and applications: Part I, 2010. Google ScholarDigital Library
- P. Mohassel and M. Franklin. Efficiency tradeoffs for malicious two-party computation. In Proceedings of the Public Key Cryptography conference, 2006. Google ScholarDigital Library
- B. Mood, L. Letaw, and K. Butler. Memory-efficient garbled circuit generation for mobile devices. In Proceedings of the IFCA International Conference on Financial Cryptography and Data Security (FC), 2012.Google ScholarCross Ref
- N. Nipane, I. Dacosta, and P. Traynor. "Mix-In-Place" anonymous networking using secure function evaluation. In Proceedings of the Annual Computer Security Applications Conference (ACSAC), 2011. Google ScholarDigital Library
- a. shelat and C.-H. Shen. Two-output secure computation with malicious adversaries. In Proceedings of the Annual international conference on Theory and applications of cryptographic techniques, 2011. Google ScholarDigital Library
- a. shelat and C.-H. Shen. Fast two-party secure computation with minimal assumptions. In Proceedings of the ACM conference on Computer and communications security (CCS), 2013. Google ScholarDigital Library
- D. Talbot. Security in the ether. http://www.technologyreview.com/featuredstory/416804/security-in-the-ether/,2009.Google Scholar
- A. C. Yao. Protocols for secure computations. In Proceedings of the Annual Symposium on Foundations of Computer Science, 1982. Google ScholarDigital Library
Recommendations
Efficient Fair Secure Two-Party Computation
APSCC '12: Proceedings of the 2012 IEEE Asia-Pacific Services Computing Conference)Yao first introduced a constant-round protocol for secure two-party computation (2PC) withstanding semi-honest adversaries by using a tool called """"garbled circuit"""". Later, many protocols based on garbled circuit approach have been presented, most ...
Protocols for Multiparty Coin Toss with a Dishonest Majority
Coin-tossing protocols are protocols that generate a random bit with uniform distribution, although some corrupted parties might try to bias the output. These protocols are used as a building block in many cryptographic protocols. Cleve (Proc. of the ...
Almost-Optimally Fair Multiparty Coin-Tossing with Nearly Three-Quarters Malicious
Proceedings, Part I, of the 14th International Conference on Theory of Cryptography - Volume 9985An $$\alpha $$α-fair coin-tossing protocol allows a set of mutually distrustful parties to generate a uniform bit, such that no efficient adversary can bias the output bit by more than $$\alpha $$α. Cleve [STOC 1986] has shown that if half of the ...
Comments