1 / 40

SMC

SECURE MULTI-PARTY COMPUTATION (SMC) PROBLEMS AND THEIR APPLICATIONS. Tho Phan – Phu Le. SMC. SECURE MULTI-PARTY COMPUTATION. Tho Phan – Phu Le. SMC. 1. INTRODUCTION. Tho Phan – Phu Le. SMC. 1. INTRODUCTION.

osias
Télécharger la présentation

SMC

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SECURE MULTI-PARTY COMPUTATION (SMC) PROBLEMS AND THEIR APPLICATIONS ThoPhan – Phu Le SMC

  2. SECURE MULTI-PARTY COMPUTATION ThoPhan – Phu Le SMC

  3. 1. INTRODUCTION ThoPhan – Phu Le SMC

  4. 1. INTRODUCTION The growth of the Internet has triggered tremendous opportunities for cooperative computation, where people are jointly conducting computation tasks based on the private inputs they each supplies. These computations could occur between mutually untrusted parties, or even between competitors. ThoPhan – Phu Le SMC

  5. 1. INTRODUCTION Those problems include privacy preserving database query , privacy-preserving scientific computations, privacy-preserving intrusion detection, privacy-preserving statistical analysis, privacy-preserving geometric computations, and privacy preserving data mining ThoPhan – Phu Le SMC

  6. 1. INTRODUCTION For example, consider the following applications: Example 1: ThoPhan – Phu Le SMC

  7. 1. INTRODUCTION Example 2: competition ThoPhan – Phu Le SMC

  8. 1. INTRODUCTION Example 3: cooperatively work ThoPhan – Phu Le SMC

  9. 2. RELATED WORK ThoPhan – Phu Le SMC

  10. 2. RELATED WORK - The history of the multi-party computation problem is extensive since it was introduced by Yao and extended by Goldreich, Micali, and Wigderson, and by many others. - In the past, secure multi-party computation research has mostly been focusing on theoretical studies, and few applied problems have been studied. In the presentation, there are a few examples of secure multi-party computation problems, such as the Private Information Retrieval problem (PIR), privacy-preserving statistical database, and privacy preserving data mining ThoPhan – Phu Le SMC

  11. 2. RELATED WORK The PIR problem consists of a client and server; the client needs to get the i-thbit of a binary sequence from the server without letting the server know i; the server does not want the client to know the binary sequence either. A solution for this problem is not difficult; however an efficient solution, in particular a solution with small communication cost, is not easy. ThoPhan – Phu Le SMC

  12. 2. RELATED WORK The privacy-preserving data mining problem is another specific secure multiparty computation problem that has been discussed in the presentation. Recently, two different privacy preserving data mining problems were proposed by Lindell and Agrawal. ThoPhan – Phu Le SMC

  13. 3. FRAMEWORK ThoPhan – Phu Le SMC

  14. 3. FRAMEWORK We introduce a transformation framework that systematically transforms normal computations to secure multi-party computations. We start from describing two different models of computation (without the privacy requirements), and then we show how to transform them to models enhanced with privacy requirements, thus generating new SMC problems. The model after the transformation is the Secure Multi-party Computation (SMC) model. ThoPhan – Phu Le SMC

  15. 3. FRAMEWORK Next we want to transform both models to the Secure Multiparty Computation model, in which, the input from each participating party is considered as private, and nobody is willing to disclose its own inputs to the other parties. In certain specific cases, the computation results could also be private, namely some party should not learn the results. ThoPhan – Phu Le SMC

  16. 3. FRAMEWORK For the single-input computation model, since it only has one input, we cannot use the same transformation as we used for the multi-input computation model; we have to somehow transform the model to a multi-input computation model. ThoPhan – Phu Le SMC

  17. 3. FRAMEWORK Divide data set heterogeneous transformation homogeneous transformation ThoPhan – Phu Le SMC

  18. 3. FRAMEWORK Homogeneous transformation In the homogeneous transformation, D's data items are divided to two sets, but each single data item is not cut into two parts. For example, if D is a database of student records, the homogeneous transformation will put a subset of the records into one data set, and the rest of the records into another data set; however, each student's record is not cut into two parts. In other words, the two generated data sets maintain the same set of features. Figure 1(b) demonstrates such a transformation. ThoPhan – Phu Le SMC

  19. 3. FRAMEWORK Heterogeneous transformation In the heterogeneous transformation, each single data item is cut into two parts, with each part going to a separate data set. Taking the same example used above, if each student record contains a student's academic record and medical record, the heterogeneous transformation could put all students' academic records into one data set, and all students‘ medical records into another data set. In other words, the two generated data sets maintain di erentset of features. Figure 1(c) demonstrates such a transformation. ThoPhan – Phu Le SMC

  20. 3. FRAMEWORK ThoPhan – Phu Le SMC

  21. 4. SPECIFIC SMC PROBLEMS ThoPhan – Phu Le SMC

  22. 4. SPECIFIC SECURE MULTI-PARTY COMPUTATION PROBLEMS 4.1. Cooperative Scientific Computations 4.2. Database Query 4.3. Intrusion Detection 4.4. Data Mining 4.5. Geometric Computation 4.6. Statistical Analysis 4.7. Other Specific SMC Problems ThoPhan – Phu Le SMC

  23. 4.1. Cooperative Scientific Computations • Problem 1. (Linear Systems of Equations) • Alice: m equations M1x = b1 • Bob: n – m equations M2x = b2 • x an n-dimensional vector. • Find x satisfy. • Problem 2. (Linear Least Squares Problem) • Alice: m1 equations M1x = b1 • Bob: m2 equations M2x = b2 • x an n-dimensional vector; m1 + m2 > n. • Find x satisfy the equations as best as they can. ThoPhan – Phu Le SMC 23

  24. 4.1.Cooperative Scientific Computations • Problem 3. (Linear Programming) • Alice: m1 requirements M1x ≤ b1 • Bob: m2 requirements M2x ≤ b2 • x an n-dimensional vector • Find minimize (maximize) the value of a1 * x1 + … + an * xn. Known a1,…,an and x satisfy A and B requirements. • useful in industries such as transportation, energy, telecommunications, and manufacturing of many kinds • too valuable to disclose to anybody else, especially to competitor ThoPhan – Phu Le SMC 24

  25. 4.2. Database Query • Problem 4. (Database Query) • Alice: a string q • Bob has a database of strings T = {t1, … , tn} • Find a string ti “matches” q. • Requirement is that Bob cannot know q or response and Alice can only know result. ThoPhan – Phu Le SMC 25

  26. 4.3. Intrusion Detection • Problem 5. (Profile Matching) • Alice: profile database containing known hacker's behaviors • Bob: a hacker's behaviorsfrom a recent break-in. • Bob want to identify the hacker by matching. • Problem 6. Two major financial organizations wants to cooperate in preventing fraudulent intrusion into their computing system. To this end, they need to share data patterns relevant to fraudulent intrusion, but they do not want to share the data patterns since they are sensitive information. ThoPhan – Phu Le SMC 26

  27. 4.4. Data Mining • Problem 7. (Classification) • Alice has a private structured database D1, and Bob has another private structured database D2. Build a decision tree base on D1D2. • Problem 8. (Data Clustering) • Perform data clustering on D1 D2. • Problem 9. (Mining Association Rules) • Identify association rules in D1 D2. • Problem 10. (Data Generalization, Summarization and Characterization) • Generalize, summarize or characterize D1 D2. ThoPhan – Phu Le SMC 27

  28. 4.4. Data Mining • Country A's intelligence agents have observe the activities X = (x1, … , xn) • Country B's another one is Y = (y1, … , yn). • They want to find the correlation of X and Y. It will help them to understand the trend of the behaviors of the target, such as the behaviors of some suspected terrorism organization, the military movement of a dangerous country, etc. • They don’t fully trust each other. It is possible that B might use this information to attack A. ThoPhan – Phu Le SMC 28

  29. 4.5. Geometric Computation • Problem 11. (Intersection) • Alice: shape a; and Bob: shape b. • Are a and b intersect? • None know the relative position between a and b. • The example about the expansion of market share of two companies is a application. • Problem 12. (Point-Inclusion) • Alice: point A, and Bob: polygon P • whether the point is inside the polygon or not? • Nobody is allowed to learn the relative position between point and polygon. ThoPhan – Phu Le SMC 29

  30. 4.5. Geometric Computation • Useful in many scenarios • Example bomb target ThoPhan – Phu Le SMC 30

  31. 4.5. Geometric Computation • Problem 13. (Range Searching) • Alice has a private range (represented by either a hyper-rectangular shape or by spherical shape), and Bob has N private points. Find out the number of points in range. • Problem 14. (Closest Pair) • Alice has M private points in the plane, Bob has N private points in the plane. Find two points among these M + N points, such that their mutual distance is smallest. • Problem 15. (Convex Hulls) • Find the convex hulls for these M + N points. ThoPhan – Phu Le SMC 31

  32. 4.6. Statistical Analysis • Problem 16. (Correlation and Regression Analysis) • Alice: D1= {x1, … , xn}, Bob: D2= {y1, … , y2}. • Find the correlation coefficient between x and y: • the strength of a linear relationship between x and y • an equation that provides values of y for given value of x. • This problems has a lot of applications. • Ex: a school wants to investigate the relationship between people's intelligence quotient (IQ) score and their annual salary . The school has its students' IQ score, but does not have students' salary information. ThoPhan – Phu Le SMC 32

  33. 4.7. Other Specific SMC Problems • Selection problem (select median, select the kth smallest element) • Sorting problem • Shortest path problem • Privacy-Preserving polynomial interpolation. Alice has n pairs, Bob has m pairs. Find P(x) = y. ThoPhan – Phu Le SMC 33

  34. 5. OUTLINE OF SOME APPROACHES ThoPhan – Phu Le SMC

  35. 5. OUTLINE OF SOME APPROACHES • While each SMC problem in a specific domain need a specific solution, there are certain general approaches which might solve the new SMC problems. • Based on many cryptographic tools including zero-knowledge proof, oblivious transfer, 1-out-of-n oblivious transfer, oblivious evaluation of polynomials, secret sharing , threshold cryptography, Yao's Millionaire Protocol. • In normal case, using trust third party ThoPhan – Phu Le SMC 35

  36. 5. OUTLINE OF SOME APPROACHES • Problem 1. Alice has matrix M1 and vector b1; Bob has M2 and b2. • Solve (M1+M2)x=b1+b2. • It’s equivalent P(M1+M2)QQ-1x=P(b1+b2). If Bob know M’ = P(M1+M2)Q and b’= P(b1+b2), he can solve M’=b’. Then x=Q. • Alice generates two random matrix n x n P and Q being invertible. • Using 1-out-of-N Oblivious Transfer protocol, Bob is able to know M’ = P(M1+M2)Q và b’= P(b1+b2). • After solve M’=b’, Bob send to Alice to solve x. • Alice send to Bob the result. ThoPhan – Phu Le SMC 36

  37. 5. OUTLINE OF SOME APPROACHES • The circuit evaluation is not practical. It depend on the size of the input and the complexity of computation. • Reduce the problem • To solve the Intersection problem (Problem 11), we reduced the problem to three sub-problems: • 1) evaluation of a linear function problem 2) comparison problem. Using the oblivious polynomial evaluation protocol and Yao's millionaire protocol to solve. • 3) evaluation of a boolean expression problem. could be solved the circuit evaluation protocol. ThoPhan – Phu Le SMC 37

  38. Refferrence [1]. Du, Wenliang, and Mikhail J. Atallah. (2001) Secure multi-party computation problems and their applications: a review and open problems [2]. Y. Lindell and B. Pinkas. Privacy preserving data mining. In Advances in Cryptology - Crypto2000, Lecture Notes in Computer Science, volume 1880, 2000. [3]. RakeshAgrawal and RamakrishnanSrikant. Privacy-preserving data mining. In Proceedings of the 2000 ACM SIGMOD on Management of data, pages 439 {450,Dallas, TX USA, May 15 - 18 2000. ThoPhan – Phu Le SMC

  39. Q&A ThoPhan – Phu Le SMC

  40. Thanks for watching ThoPhan – Phu Le SMC

More Related