High-performance secure multi-party computation for data mining applications

Secure multi-party computation (MPC) is a technique well suited for privacy-preserving data mining. Even with the recent progress in two-party computation techniques such as fully homomorphic encryption, general MPC remains relevant as it has shown promising performance metrics in real-world benchmarks. Sharemind is a secure multi-party computation framework designed with real-life efficiency in mind. It has been applied in several practical scenarios, and from these experiments, new requirements have been identified. Firstly, large datasets require more efficient protocols for standard operations such as multiplication and comparison. Secondly, the confidential processing of financial data requires the use of more complex primitives, including a secure division operation. This paper describes new protocols in the Sharemind model for secure multiplication, share conversion, equality, bit shift, bit extraction, and division. All the protocols are implemented and benchmarked, showing that the current approach provides remarkable speed improvements over the previous work. This is verified using real-world benchmarks for both operations and algorithms.     

FLM-TOPSIS: The fuzzy linguistic multiset TOPSIS method and its application in linguistic decision making

Linguistic decision making is an important subject in decision making, many interesting and important linguistic decision making methods have been proposed, in which, alternatives-criteria decision matrix are uniformly used to express linguistic assessments of alternatives provided by decision makers with respect to criteria. Alternatives-criteria decision matrixes have some limitations when we use them to distinguish distinct, partial unknown or hesitant linguistic decision making or carry out linguistic decision making in the huge amounts of decision information and alternatives. In this paper, we propose alternatives-linguistic terms decision matrix to represent linguistic assessments of alternatives, analyze advantages of the decision matrix in representing linguistic assessments and distinguishing distinct, partial unknown or hesitant linguistic decision making. To simple and fast fuse alternatives-linguistic terms decision matrixes, we further provide linguistic multiset or fuzzy linguistic multiset to represent linguistic assessments in alternatives-linguistic terms decision matrixes, analyze the function properties of the fuzzy linguistic multiset. Motivated by fuzzy multiset and the TOPSIS method, we develop the fuzzy linguistic multiset TOPSIS method for linguistic decision making, the method is mainly consisted of transformation, aggregation and exploitation phases. In transformation phase, linguistic assessments of alternatives are transformed into fuzzy linguistic multisets by using alternatives-linguistic terms decision matrixes. In aggregation phase, we use Union, Intersection and Sum operations of multisets to obtain the positive and negative ideal solutions of linguistic decision making, which are different with the positive and negative ideal solutions of the traditional TOPSIS method, in addition, we provide a pseudo-distance between two fuzzy linguistic multisets to fast fuse linguistic assessments of alternatives. In exploitation phase, we define a new closeness degree of alternative by using pseudo-distances between the alternative and the positive and negative ideal solutions, which can be used to obtain the set of most satisfying alternatives. We also design an algorithm to carry out linguistic decision making based on the proposed method. In cases study, we use two practical examples to illustrate the practicality of the proposed method and compare it with the symbolic aggregation-based method, the hesitant fuzzy linguistic TOPSIS method, the hesitant fuzzy linguistic VIKOR method and the probabilistic linguistic term sets TOPSIS method, results indicate that alternatives-linguistic terms decision matrix and fuzzy linguistic multiset are alternative, useful and flexible tools for linguistic decision method and the fuzzy linguistic multiset TOPSIS method is suitable to deal with partial unknown or hesitant linguistic decision making.     

隐私保护整数点和区间关系判定问题

隐私保护地判断整数点和整数区间的属于关系是一类重要的安全多方计算问题,但该问题的现有解决方案存在效率不高、隐私泄露、甚至可能判断错误等缺陷,针对此类不足,构建解决该判定问题的一个安全双方计算协议。首先,分析已有的解决方案并指出不足之处;其次,定义了整数点和整数区间的一种新的0-1编码规则,在此基础上证明了整数点属于整数区间的一个充分必要条件;最后,以此充分必要条件为判定准则,基于Goldwasser-Micali加密体制构建了判断整数点是否属于整数区间的一个安全双方计算协议,并证明了协议的正确性和半诚实模型下的安全性。分析表明,与已有的解决方案相比,所提协议具有更好的隐私保护特性且不会输出错误结果,且在轮复杂度不变的情况下,其计算复杂度和通信复杂度降低了约一半。     

保护隐私的曼哈顿距离计算及其推广应用

安全多方计算是信息时代保护隐私和信息安全的一项关键技术.安全多方科学计算是安全多方计算十分重要的组成部分,目前已经有许多安全多方科学计算问题的解决方案,但还有更多的问题值得人们去研究.关于曼哈顿距离的安全多方计算问题目前研究的结果很少,构造曼哈顿距离的安全计算协议在密码学中有着重要的理论意义,作为基础协议能够广泛应用于其他安全多方计算协议的构造,比如保密计算两点间路径问题,保密判定点与区间以及点与点集的关系问题,以及向量相似度的保密计算都可以归约到曼哈顿距离的安全多方计算问题.本文应用加密选择技巧与一种新的编码方法相结合,以Paillier加密算法为基础,对于不同的情形(无全集限制或有全集限制)设计两数之差绝对值的高效保密计算协议.并以此为基础,设计出两种不同情形下保密计算曼哈顿距离的协议.本文证明了在半诚实模型下这些协议是安全的,并通过模拟实验来测试协议的具体执行时间,理论分析和仿真结果表明本文方案是简单易行的.最后,文中给出实例阐明本文协议在理论以及实际中的广泛应用.     

Secure computation of hidden Markov models and secure floating-point arithmetic in the malicious model

Hidden Markov model (HMM) is a popular statistical tool with a large number of applications in pattern recognition. In some of these applications, such as speaker recognition, the computation involves personal data that can identify individuals and must be protected. We thus treat the problem of designing privacy-preserving techniques for HMM and companion Gaussian mixture model computation suitable for use in speaker recognition and other applications. We provide secure solutions for both two-party and multi-party computation models and both semi-honest and malicious settings. In the two-party setting, the server does not have access in the clear to either the user-based HMM or user input (i.e., current observations) and thus the computation is based on threshold homomorphic encryption, while the multi-party setting uses threshold linear secret sharing as the underlying data protection mechanism. All solutions use floating-point arithmetic, which allows us to achieve high accuracy and provable security guarantees, while maintaining reasonable performance. A substantial part of this work is dedicated to building secure protocols for floating-point operations in the two-party setting, which are of independent interest.     

Determining the mode

The complexity of computing modes and of sorting multisets is considered. Previous lower bounds are improved and an algorithm is given to determine the mode of a multiset in a number of comparisons differing from the lower bound by only a ‘lower order term’.     

保护私有信息的集合交集协议

研究了安全多方计算中的保护私有信息的集合交集问题。在半诚实模型下,基于点积协议设计的两方集合交集协议,复杂度为O(ntp);设计的三方集合交集协议,复杂度为O(2ntp)。给出了协议的正确性理论证明,并对其安全性和复杂度进行了理论分析,性能优于现有协议。最后,给出了协议的推广应用以及不足。     

Modeling concurrency with partial orders

Concurrency has been expressed variously in terms of formal languages (typically via the shuffle operator), partial orders, and temporal logic,inter alia. In this paper we extract from these three approaches a single hybrid approach having a rich language that mixes algebra and logic and having a natural class of models of concurrent processes. The heart of the approach is a notion of partial string derived from the view of a string as a linearly ordered multiset by relaxing the linearity constraint, thereby permitting partially ordered multisets orpomsets. Just as sets of strings form languages, so do sets of pomsets form processes. We introduce a number of operations useful for specifying concurrent processes and demonstrate their utility on some basic examples. Although none of the operations is particularly oriented to nets it is nevertheless possible to use them to express processes constructed as a net of subprocesses, and more generally as a system consisting of components. The general benefits of the approach are that it is conceptually straightforward, involves fewer artificial constructs than many competing models of concurrency, yet is applicable to a considerably wider range of types of systems, including systems with buses and ethernets, analog systems, and real-time systems.Revision of Some Constructions for Order-Theoretic Models of Concurrency [Ref. 1].     

Cut-and-Choose双向不经意传输

不经意传输作为现代密码学的一个基本工具,在安全协议的研究中起着重要作用.近年来,许多功能性更强的不经意传输变种被提出,以适应不同的需求和环境.提出一个新的不经意传输变种,称为cut-and-choose双向不经意传输;基于同态加密给出该原语的一轮高效协议构造,且在半诚实模型下形式化证明该协议的安全性.将cut-and-choose双向不经意传输运用到基于cut-and-choose技术的安全协议(尤其是安全两方计算)中,可以更具模块化地描述协议高层框架,降低协议交互轮数.此外,作为信息安全领域的一个底层基本工具,该原语本身也具有独立的研究意义.     

公平理性委托计算协议

已存在的安全计算集合关系的协议大多基于公钥加密算法,因此很难再嵌入到带有属性关系的公钥加密或密文搜索中.针对该问题,本文给出了非加密方法安全计算集合包含关系和集合交集的2个协议.我们首先利用（n,n）秘密共享的思想分别将原来2个问题转化为集合相等问题.在此基础上,结合离散对数,构造了安全计算集合包含关系的协议1和集合交集的协议2.最后的分析显示：我们的方案没有使用任何公钥加密方法,在保持了较优通信复杂性的同时,便于作为一种子模块嵌入到带有集合操作关系的公钥加密体制或者密文搜索体制中,从而丰富这些方案的功能.     

Analyzing Security Protocols Using Time-Bounded Task-PIOAs

This paper presents the time-bounded task-PIOA modeling framework, an extension of the probabilistic input/output automata (PIOA) framework that can be used for modeling and verifying security protocols. Time-bounded task-PIOAs can describe probabilistic and nondeterministic behavior, as well as time-bounded computation. Together, these features support modeling of important aspects of security protocols, including secrecy requirements and limitations on the computational power of adversarial parties. They also support security protocol verification using methods that are compatible with less formal approaches used in the computational cryptography research community. We illustrate the use of our framework by outlining a proof of functional correctness and security properties for a well-known oblivious transfer protocol.

集合包含与几何包含的多方保密计算

多方保密计算是近几年国际密码学界研究的一个热点问题．研究了保密的集合包含与几何包含问题,提出集合包含问题的多方保密计算方案,在此基础上结合Montecarlo方法与cantor编码方法,提出了任意几何图形包含问题的近似多方保密计算方案．并利用模拟范例证明了方案的安全性．同已有的方案相比,提出的方案适用范围广、通信复杂性低;在解决已有方案可解决的同样问题时,某些情况下计算复杂性也比较低．     

Robust biometric-based three-party authenticated key establishment protocols

This paper proposes secure and efficient biometric-based three-party authenticated key establishment (B3AKE) protocols to minimize the computation costs of each participant and fit three-party communication. The proposed B3AKE protocols adopts a three-factor authentication mechanism which uses biometric, token, and passwords for users unlike the related protocols. In addition, the proposed B3AKE protocols are composed of four sub-protocols, which are registration, biometric-based three-party authenticated key transport, biometric-based three-party authenticated key agreement (B3AKA), and password update. In order to exploit the key block size, speed, and security jointly, the proposed B3AKA protocol is based on symmetric key cryptosystems and elliptic curve cryptography. As a result, the proposed B3AKE protocols not only are secure against well-known cryptographical attacks but also provide perfect forward secrecy. Furthermore, the number of rounds is smaller by one round than the related protocols and the asymmetric key encryption/decryption operations do not need to establish a session key and authenticate between two users and a server. Thus, the proposed B3AKE protocols are very useful in limited computation and communication resource environments to access remote information systems since it provides security, reliability, and efficiency.     

集合交集元素之和的保密计算

安全多方计算是国际密码学的研究热点之一，保密计算集合交集元素之和问题是安全多方计算比较新的问题之一.该问题在工商业、医疗健康等领域具有重要的理论意义和实用价值.现有解决方案是在有全集情况下设计的，在计算过程中会泄露交集的势且存在一定的误判.在半诚实模型下基于Paillier同态加密算法设计了3个协议，协议1计算共有标识符的数量（即用户标识符交集的势）以及与这些用户相关联的整数值之和，协议2和协议3是在不泄露交集势的情况下计算交集元素关联值之和.整个计算过程不泄露关于协议双方私人输入的任何更多信息.所提协议是在无全集情况下设计的，采用模拟范例证明了所设计协议的安全性，用实验验证协议的高效性.     

Symbolic computation of moments of sampling distributions

By means of the notion of umbrae indexed by multisets, a general method to express estimators and their products in terms of power sums is derived. A connection between the notion of multiset and integer partition leads immediately to a way to speed up procedures. Comparisons of computational times with known procedures show how this approach turns out to be more efficient in eliminating much unnecessary computation.     

Centralized key distribution protocol using the greatest common divisor method

Designing a key distribution protocol with minimal computation and storage complexity is a challenging issue in secure multimedia multicast. In most of the multimedia multicast applications, the group membership requires secured dynamic key generation and updation operations that usually consume much of the computation time. In this paper, we propose a new GCD (Greatest Common Divisor) based Key Distribution Protocol which focuses on two dimensions. The first dimension deals with the reduction of computation complexity which is achieved in our protocol by performing fewer multiplication operations during the key updation process. To optimize the number of multiplication operations, the existing Karatsuba divide and conquer approach for multiplication is used in this proposed work. The second dimension aims at reducing the amount of information stored in the Group Center and group members while performing the update operation in the key content. The proposed algorithm which focuses on these two dimensions has been implemented and tested using a Cluster tree based key management scheme and has been found to produce promising results. Comparative analysis to illustrate the performance of various key distribution protocols is shown in this paper and it has been observed that this proposed algorithm reduces the computation and storage complexity significantly.     

Comparing two sets without disclosing them

Secure multiparty computation has become a central research focus in the international cryptographic community. Secure comparing two sets is an important problem in secure multiparty computation. The research on privately determining whether two sets are equal has not been investigated. This study solves the problem by mapping these sets into natural numbers and then comparing correspond- ing numbers, We propose two secure multiparty computation protocols for comparing two sets. It is proved by well-accepted simulation paradigm that these solutions are private in semi-honest model. These solutions have important significance in constructing other secure multiparty computation protocols.     

一类双线性对的高效计算方案及在信息隐藏的应用

为了提高多媒体数据的基于身份加密的效率,构造计算安全的短签名与认证协议,建立一类双线性对的高效计算平台.构造一类具有确定嵌入次数的椭圆曲线,提出计算其有理点群阶的快速算法,时间复杂度比SEA,Satoh,SST 和 AGM等求阶算法更低.在此构造方案上,双线性对的计算无须借助复乘方法,总时间复杂度较低且实现容易,其结果可应用于信息隐藏领域.     

Bandwidth Efficient String Reconciliation Using Puzzles

Of considerable interest in recent years has been the problem of exchanging correlated data with minimum communication. We thus consider the problem of exchanging two similar strings held by different hosts. Our approach involves transforming a string into a multiset of substrings that are reconciled efficiently using known multiset reconciliation algorithms, and then put back together on a remote host using tools from graph theory. We present analyses, experiments, and results to show that the communication complexity of our approach for high-entropy data compares favorably to existing algorithms including rsync, a widely-used string reconciliation engine. We also quantify the trade-off between communication and the computation complexity of our approach