To see the other types of publications on this topic, follow the link: Garbled Circuit Protocol.
Journal articles on the topic 'Garbled Circuit Protocol'
Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles
Consult the top 37 journal articles for your research on the topic 'Garbled Circuit Protocol.'
Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.
You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.
Browse journal articles on a wide variety of disciplines and organise your bibliography correctly.
1
Ding, Hangchao, Han Jiang, and Qiuliang Xu. "Postquantum Cut-and-Choose Oblivious Transfer Protocol Based on LWE." Security and Communication Networks 2021 (September 8, 2021): 1–15. http://dx.doi.org/10.1155/2021/9974604.
Full textAbstract:
We propose postquantum universal composable (UC) cut-and-choose oblivious transfer (CCOT) protocol under the malicious adversary model. In secure two-party computation, we construct s copies’ garbled circuits, including half check circuit and half evaluation circuit. The sender can transfer the key to the receiver by CCOT protocol. Compared to PVW-OT [6] framework, we invoke WQ-OT [35] framework with reusability of common random string ( crs ) and better security. Relying on LWE’s assumption and the property of the Rounding function, we construct an UC-CCOT protocol, which can resist quantum attack in secure two-party computation.
2
Yang, Yaxi, Xiaojian Liang, Xiangfu Song, et al. "Maliciously Secure Circuit Private Set Intersection via SPDZ-Compatible Oblivious PRF." Proceedings on Privacy Enhancing Technologies 2025, no. 2 (2025): 680–96. https://doi.org/10.56553/popets-2025-0082.
Full textAbstract:
Circuit Private Set Intersection (Circuit-PSI) allows two parties to compute a function f on items in the intersection of their input sets without revealing items in the intersection set. It is a well-known variant of PSI and has numerous practical applications. However, existing Circuit-PSI protocols only provide security against semi-honest adversaries. A straightforward approach to constructing a maliciously secure Circuit-PSI is to extend a pure garbled-circuit-based PSI (NDSS'12) to a maliciously secure circuit-PSI, but it will not be concretely efficient. Another is converting state-of-the-art semi-honest Circuit-PSI protocols (EUROCRYPT'21; PoPETS'22) to be secure in the malicious setting. However, it will come across the consistency issue (EUROCRYPT'11) since parties can not guarantee the inputs of the function f stay unchanged as obtained from the last step. This paper tackles the previously mentioned issue by presenting the first maliciously secure Circuit-PSI protocol. Our key innovation, the Distributed Dual-key Oblivious Pseudorandom Function (DDOPRF), enables the oblivious evaluation of secret-shared inputs using dual keys within the SPDZ MPC framework. Notably, this construction seamlessly ensures fairness within the Circuit-PSI. Compared to the state-of-the-art semi-honest Circuit-PSI protocol (PoPETS'22), experimental results demonstrate that our malicious Circuit-PSI protocol not only reduces around 5x communication costs but also enhances efficiency, particularly for modest input sets (<= 2^{14}) in the case of the WAN setting with high latency and limited bandwidth.
3
Fang, Xin, Stratis Ioannidis, and Miriam Leeser. "SIFO: Secure Computational Infrastructure Using FPGA Overlays." International Journal of Reconfigurable Computing 2019 (December 6, 2019): 1–18. http://dx.doi.org/10.1155/2019/1439763.
Full textAbstract:
Secure Function Evaluation (SFE) has received recent attention due to the massive collection and mining of personal data, but remains impractical due to its large computational cost. Garbled Circuits (GC) is a protocol for implementing SFE which can evaluate any function that can be expressed as a Boolean circuit and obtain the result while keeping each party’s input private. Recent advances have led to a surge of garbled circuit implementations in software for a variety of different tasks. However, these implementations are inefficient, and therefore GC is not widely used, especially for large problems. This research investigates, implements, and evaluates secure computation generation using a heterogeneous computing platform featuring FPGAs. We have designed and implemented SIFO: secure computational infrastructure using FPGA overlays. Unlike traditional FPGA design, a coarse-grained overlay architecture is adopted which supports mapping SFE problems that are too large to map to a single FPGA. Host tools provided include SFE problem generator, parser, and automatic host code generation. Our design allows repurposing an FPGA to evaluate different SFE tasks without the need for reprogramming and fully explores the parallelism for any GC problem. Our system demonstrates an order of magnitude speedup compared with an existing software platform.
4
Sancho, Jorge, José García, and Álvaro Alesanco. "Oblivious Inspection: On the Confrontation between System Security and Data Privacy at Domain Boundaries." Security and Communication Networks 2020 (September 22, 2020): 1–9. http://dx.doi.org/10.1155/2020/8856379.
Full textAbstract:
In this work, we introduce the system boundary security vs. privacy dilemma, where border devices (e.g., firewall devices) require unencrypted data inspection to prevent data exfiltration or unauthorized data accesses, but unencrypted data inspection violates data privacy. To shortcut this problem, we present Oblivious Inspection, a novel approach based on garbled circuits to perform a stateful application-aware inspection of encrypted network traffic in a privacy-preserving way. We also showcase an inspection algorithm for Fast Healthcare Interoperability Resources (FHIR) standard compliant packets along with its performance results. The results point out the importance of the inspection function being aligned with the underlying garbled circuit protocol. In this line, mandatory encryption algorithms for TLS 1.3 have been analysed observing that packets encrypted using Chacha20 can be filtered up to 17 and 25 times faster compared with AES128-GCM and AES256-GCM, respectively. All together, this approach penalizes performance to align system security and data privacy, but it could be appropriate for those scenarios where this performance degradation can be justified by the sensibility of the involved data such as healthcare scenarios.
5
Sancho, Jorge, José García, and Álvaro Alesanco. "Oblivious Inspection: On the Confrontation between System Security and Data Privacy at Domain Boundaries." Security and Communication Networks 2020 (June 7, 2020): 8856379. https://doi.org/10.1155/2020/8856379.
Full textAbstract:
In this work, we introduce the system boundary security vs. privacy dilemma, where border devices (e.g., firewall devices) require unencrypted data inspection to prevent data exfiltration or unauthorized data accesses, but unencrypted data inspection violates data privacy. To shortcut this problem, we present Oblivious Inspection, a novel approach based on garbled circuits to perform a stateful application-aware inspection of encrypted network traffic in a privacy-preserving way. We also showcase an inspection algorithm for Fast Healthcare Interoperability Resources (FHIR) standard compliant packets along with its performance results. The results point out the importance of the inspection function being aligned with the underlying garbled circuit protocol. In this line, mandatory encryption algorithms for TLS 1.3 have been analysed observing that packets encrypted using Chacha20 can be filtered up to 17 and 25 times faster compared with AES128-GCM and AES256-GCM, respectively. All together, this approach penalizes performance to align system security and data privacy, but it could be appropriate for those scenarios where this performance degradation can be justified by the sensibility of the involved data such as healthcare scenarios.
6
Xin Liu, Xin Liu, Xiaomeng Liu Xin Liu, Dan Luo Xiaomeng Liu, Gang Xu Dan Luo, and Xiu-Bo Chen Gang Xu. "Confidentially Compare Rational Numbers under the Malicious Model." 網際網路技術學刊 25, no. 3 (2024): 355–63. http://dx.doi.org/10.53106/160792642024052503002.
Full textAbstract:
<p>Secure multi-party computation is a hotspot in the cryptography field, and it is also a significant means to realize privacy computation. The Millionaires&rsquo; problem is the most fundamental problem among them, which is the basic module of secure multi-party computation protocols. Although there are many solutions to this problem, there are few anti-malicious adversarial protocols besides protocols based on Yao&rsquo;s garbled circuit. Only a few solutions have low efficiency, and there is no protocol for rational numbers comparison under the malicious model, which restricts the solution of many secure multi-party computation problems. In this paper, the possible malicious behaviors are analyzed in the existing Millionaires&rsquo; problem protocols. These behaviors are discovered and taken precautions against through the triangle area formula, zero-knowledge proof, and cut-and-choose method, so the protocol of comparing confidentially rational numbers is proposed under the malicious model. And this paper adopts the real/ideal model paradigm to prove the security of the malicious model protocol. Efficiency analysis indicates that the proposed protocol is more effective than existing protocols. The protocol of rational numbers comparison under the malicious model is more suitable for the practical applications of secure multi-party computation, which has important theoretical and practical significance.</p> <p>&nbsp;</p>
7
Mohassel, Payman, Mike Rosulek, and Ni Trieu. "Practical Privacy-Preserving K-means Clustering." Proceedings on Privacy Enhancing Technologies 2020, no. 4 (2020): 414–33. http://dx.doi.org/10.2478/popets-2020-0080.
Full textAbstract:
AbstractClustering is a common technique for data analysis, which aims to partition data into similar groups. When the data comes from different sources, it is highly desirable to maintain the privacy of each database. In this work, we study a popular clustering algorithm (K-means) and adapt it to the privacypreserving context.Specifically, to construct our privacy-preserving clustering algorithm, we first propose an efficient batched Euclidean squared distance computation protocol in the amortizing setting, when one needs to compute the distance from the same point to other points. Furthermore, we construct a customized garbled circuit for computing the minimum value among shared values.We believe these new constructions may be of independent interest. We implement and evaluate our protocols to demonstrate their practicality and show that they are able to train datasets that are much larger and faster than in the previous work. The numerical results also show that the proposed protocol achieve almost the same accuracy compared to a K-means plain-text clustering algorithm.
8
Li, Mengxing, Quan Feng, Jian Zhao, Mei Yang, Lijun Kang, and Lili Wu. "Minutiae Matching with Privacy Protection Based on the Combination of Garbled Circuit and Homomorphic Encryption." Scientific World Journal 2014 (2014): 1–13. http://dx.doi.org/10.1155/2014/525387.
Full textAbstract:
Biometrics plays an important role in authentication applications since they are strongly linked to holders. With an increasing growth of e-commerce and e-government, one can expect that biometric-based authentication systems are possibly deployed over the open networks in the near future. However, due to its openness, the Internet poses a great challenge to the security and privacy of biometric authentication. Biometric data cannot be revoked, so it is of paramount importance that biometric data should be handled in a secure way. In this paper we present a scheme achieving privacy-preserving fingerprint authentication between two parties, in which fingerprint minutiae matching algorithm is completed in the encrypted domain. To improve the efficiency, we exploit homomorphic encryption as well as garbled circuits to design the protocol. Our goal is to provide protection for the security of template in storage and data privacy of two parties in transaction. The experimental results show that the proposed authentication protocol runs efficiently. Therefore, the protocol can run over open networks and help to alleviate the concerns on security and privacy of biometric applications over the open networks.
9
Tueno, Anselme, Florian Kerschbaum, and Stefan Katzenbeisser. "Private Evaluation of Decision Trees using Sublinear Cost." Proceedings on Privacy Enhancing Technologies 2019, no. 1 (2019): 266–86. http://dx.doi.org/10.2478/popets-2019-0015.
Full textAbstract:
Abstract Decision trees are widespread machine learning models used for data classification and have many applications in areas such as healthcare, remote diagnostics, spam filtering, etc. In this paper, we address the problem of privately evaluating a decision tree on private data. In this scenario, the server holds a private decision tree model and the client wants to classify its private attribute vector using the server’s private model. The goal is to obtain the classification while preserving the privacy of both – the decision tree and the client input. After the computation, only the classification result is revealed to the client, while nothing is revealed to the server. Many existing protocols require a constant number of rounds. However, some of these protocols perform as many comparisons as there are decision nodes in the entire tree and others transform the whole plaintext decision tree into an oblivious program, resulting in higher communication costs. The main idea of our novel solution is to represent the tree as an array. Then we execute only d – the depth of the tree – comparisons. Each comparison is performed using a small garbled circuit, which output secret-shares of the index of the next node. We get the inputs to the comparison by obliviously indexing the tree and the attribute vector. We implement oblivious array indexing using either garbled circuits, Oblivious Transfer or Oblivious RAM (ORAM). Using ORAM, this results in the first protocol with sub-linear cost in the size of the tree. We implemented and evaluated our solution using the different array indexing procedures mentioned above. As a result, we are not only able to provide the first protocol with sublinear cost for large trees, but also reduce the communication cost for the large real-world data set “Spambase” from 18 MB to 1[triangleright]2 MB and the computation time from 17 seconds to less than 1 second in a LAN setting, compared to the best related work.
10
Kiss, Ágnes, Jian Liu, Thomas Schneider, N. Asokan, and Benny Pinkas. "Private Set Intersection for Unequal Set Sizes with Mobile Applications." Proceedings on Privacy Enhancing Technologies 2017, no. 4 (2017): 177–97. http://dx.doi.org/10.1515/popets-2017-0044.
Full textAbstract:
Abstract Private set intersection (PSI) is a cryptographic technique that is applicable to many privacy-sensitive scenarios. For decades, researchers have been focusing on improving its efficiency in both communication and computation. However, most of the existing solutions are inefficient for an unequal number of inputs, which is common in conventional client-server settings. In this paper, we analyze and optimize the efficiency of existing PSI protocols to support precomputation so that they can efficiently deal with such input sets. We transform four existing PSI protocols into the precomputation form such that in the setup phase the communication is linear only in the size of the larger input set, while in the online phase the communication is linear in the size of the smaller input set. We implement all four protocols and run experiments between two PCs and between a PC and a smartphone and give a systematic comparison of their performance. Our experiments show that a protocol based on securely evaluating a garbled AES circuit achieves the fastest setup time by several orders of magnitudes, and the fastest online time in the PC setting where AES-NI acceleration is available. In the mobile setting, the fastest online time is achieved by a protocol based on the Diffie-Hellman assumption.
11
Riazi, M. Sadegh, Ebrahim M. Songhori, Ahmad-Reza Sadeghi, Thomas Schneider, and Farinaz Koushanfar. "Toward Practical Secure Stable Matching." Proceedings on Privacy Enhancing Technologies 2017, no. 1 (2017): 62–78. http://dx.doi.org/10.1515/popets-2017-0005.
Full textAbstract:
Abstract The Stable Matching (SM) algorithm has been deployed in many real-world scenarios including the National Residency Matching Program (NRMP) and financial applications such as matching of suppliers and consumers in capital markets. Since these applications typically involve highly sensitive information such as the underlying preference lists, their current implementations rely on trusted third parties. This paper introduces the first provably secure and scalable implementation of SM based on Yao’s garbled circuit protocol and Oblivious RAM (ORAM). Our scheme can securely compute a stable match for 8k pairs four orders of magnitude faster than the previously best known method. We achieve this by introducing a compact and efficient sub-linear size circuit. We even further decrease the computation cost by three orders of magnitude by proposing a novel technique to avoid unnecessary iterations in the SM algorithm. We evaluate our implementation for several problem sizes and plan to publish it as open-source.
12
Kim, Yong-Ki, Hyeong-Jin Kim, Hyunjo Lee, and Jae-Woo Chang. "Privacy-preserving parallel kNN classification algorithm using index-based filtering in cloud computing." PLOS ONE 17, no. 5 (2022): e0267908. http://dx.doi.org/10.1371/journal.pone.0267908.
Full textAbstract:
With the development of cloud computing, interest in database outsourcing has recently increased. In cloud computing, it is necessary to protect the sensitive information of data owners and authorized users. For this, data mining techniques over encrypted data have been studied to protect the original database, user queries and data access patterns. The typical data mining technique is kNN classification which is widely used for data analysis and artificial intelligence. However, existing works do not provide a sufficient level of efficiency for a large amount of encrypted data. To solve this problem, in this paper, we propose a privacy-preserving parallel kNN classification algorithm. To reduce the computation cost for encryption, we propose an improved secure protocol by using an encrypted random value pool. To reduce the query processing time, we not only design a parallel algorithm, but also adopt a garbled circuit. In addition, the security analysis of the proposed algorithm is performed to prove its data protection, query protection, and access pattern protection. Through our performance evaluation, the proposed algorithm shows about 2∼25 times better performance compared with existing algorithms.
13
Huang, Junxin, Yuchuan Luo, Ming Xu, Bowen Hu, and Jian Long. "pShare: Privacy-Preserving Ride-Sharing System with Minimum-Detouring Route." Applied Sciences 12, no. 2 (2022): 842. http://dx.doi.org/10.3390/app12020842.
Full textAbstract:
Online ride-hailing (ORH) services allow people to enjoy on-demand transportation services through their mobile devices in a short responding time. Despite the great convenience, users need to submit their location information to the ORH service provider, which may incur unexpected privacy problems. In this paper, we mainly study the privacy and utility of the ride-sharing system, which enables multiple riders to share one driver. To solve the privacy problem and reduce the ride-sharing detouring waste, we propose a privacy-preserving ride-sharing system named pShare. To hide users’ precise locations from the service provider, we apply a zone-based travel time estimation approach to privately compute over sensitive data while cloaking each rider’s location in a zone area. To compute the matching results along with the least-detouring route, the service provider first computes the shortest path for each eligible rider combination, then compares the additional traveling time (ATT) of all combinations, and finally selects the combination with minimum ATT. We designed a secure comparing protocol by utilizing the garbled circuit, which enables the ORH server to execute the protocol with a crypto server without privacy leakage. Moreover, we apply the data packing technique, by which multiple data can be packed as one to reduce the communication and computation overhead. Through the theoretical analysis and evaluation results, we prove that pShare is a practical ride-sharing scheme that can find out the sharing riders with minimum ATT in acceptable accuracy while protecting users’ privacy.
14
Zhang, Liang Feng, and Reihaneh Safavi-Naini. "Privacy-preserving verifiable delegation of polynomial and matrix functions." Journal of Mathematical Cryptology 14, no. 1 (2020): 153–71. http://dx.doi.org/10.1515/jmc-2018-0039.
Full textAbstract:
AbstractOutsourcing computation has gained significant popularity in recent years due to the development of cloud computing and mobile services. In a basic outsourcing model, a client delegates computation of a function f on an input x to a server. There are two main security requirements in this setting: guaranteeing the server performs the computation correctly, and protecting the client’s input (and hence the function value) from the server. The verifiable computation model of Gennaro, Gentry and Parno achieves the above requirements, but the resulting schemes lack efficiency. This is due to the use of computationally expensive primitives such as fully homomorphic encryption (FHE) and garbled circuits, and the need to represent f as a Boolean circuit. Also, the security model does not allow verification queries, which implies the server cannot learn if the client accepts the computation result. This is a weak security model that does not match many real life scenarios. In this paper, we construct efficient (i.e., without using FHE, garbled circuits and Boolean circuit representations) verifiable computation schemes that provide privacy for the client’s input, and prove their security in a strong model that allows verification queries. We first propose a transformation that provides input privacy for a number of existing schemes for verifiable delegation of multivariate polynomial f over a finite field. Our transformation is based on noisy encoding of x and keeps x semantically secure under the noisy curve reconstruction (CR) assumption. We then propose a construction for verifiable delegation of matrix-vector multiplication, where the delegated function f is a matrix and the input to the function is a vector. The scheme uses PRFs with amortized closed-form efficiency and achieves high efficiency. We outline applications of our results to outsourced two-party protocols.
15
Salako, Ademola Oluwaseun, Temilade Oluwatoyin Adesokan-Imran, Olufisayo Juliana Tiwo, Olufunke Cynthia Metibemu, Ogechukwu Scholastica Onyenaucheya, and Oluwaseun Oladeji Olaniyi. "Securing Confidentiality in Distributed Ledger Systems with Secure Multi-party Computation for Financial Data Protection." Journal of Engineering Research and Reports 27, no. 3 (2025): 352–73. https://doi.org/10.9734/jerr/2025/v27i31439.
Full textAbstract:
This study addresses confidentiality challenges in financial Distributed Ledger Systems (DLS) using Secure Multi-Party Computation (SMPC). By analyzing real-world datasets, it evaluates privacy risks, protocol efficiency, and system resilience. Findings highlight SMPC’s role in enhancing security while balancing computational efficiency. Using the Elliptic AML Bitcoin Transactions dataset, anomaly detection (Isolation Forest) identifies financial confidentiality vulnerabilities, revealing that anomalous transactions exhibit a 336.1% increase in volume and a 15.5% rise in frequency, suggesting heightened risks. A comparative analysis of SMPC protocols utilizing the MP-SPDZ benchmark dataset and one-way ANOVA confirms that Yao’s Garbled Circuits is the most computationally efficient (180.50 ms execution time), whereas Shamir’s Secret Sharing offers superior security (0.73 high-probability security). Kaplan-Meier survival analysis of Verizon DBIR 2024 establishes that SMPC extends financial system longevity (36.11 months vs. 21.91 months for traditional encryption). Recommendations include integrating scalable SMPC models, standardizing regulatory frameworks, optimizing algorithmic efficiency, and enhancing anomaly detection in financial DLS.
16
Yu, Mingfei, Dewmini Sudara Marakkalage, and Giovanni De Micheli. "Garbled Circuits Reimagined: Logic Synthesis Unleashes Efficient Secure Computation." Cryptography 7, no. 4 (2023): 61. http://dx.doi.org/10.3390/cryptography7040061.
Full textAbstract:
Garbled circuit (GC) is one of the few promising protocols to realize general-purpose secure computation. The target computation is represented by a Boolean circuit that is subsequently transformed into a network of encrypted tables for execution. The need for distributing GCs among parties, however, requires excessive data communication, called garbling cost, which bottlenecks system performance. Due to the zero garbling cost of XOR operations, existing works reduce garbling cost by representing the target computation as the XOR-AND graph (XAG) with minimal structural multiplicative complexity (MC). Starting with a thorough study of the cipher-text efficiency of different types of logic primitives, for the first time, we propose XOR-OneHot graph (X1G) as a suitable logic representation for the generation of low-cost GCs. Our contribution includes (a) an exact algorithm to synthesize garbling-cost-optimal X1G implementations for small-scale functions and (b) a set of logic optimization algorithms customized for X1Gs, which together form a robust optimization flow that delivers high-quality X1Gs for practical functions. The effectiveness of the proposals is evidenced by comprehensive evaluations: compared with the state of the art, 7.34%, 26.14%, 13.51%, and 4.34% reductions in garbling costs are achieved on average for the involved benchmark suites, respectively, with reasonable runtime overheads.
17
Gascón, Adrià, Phillipp Schoppmann, Borja Balle, et al. "Privacy-Preserving Distributed Linear Regression on High-Dimensional Data." Proceedings on Privacy Enhancing Technologies 2017, no. 4 (2017): 345–64. http://dx.doi.org/10.1515/popets-2017-0053.
Full textAbstract:
Abstract We propose privacy-preserving protocols for computing linear regression models, in the setting where the training dataset is vertically distributed among several parties. Our main contribution is a hybrid multi-party computation protocol that combines Yao’s garbled circuits with tailored protocols for computing inner products. Like many machine learning tasks, building a linear regression model involves solving a system of linear equations. We conduct a comprehensive evaluation and comparison of different techniques for securely performing this task, including a new Conjugate Gradient Descent (CGD) algorithm. This algorithm is suitable for secure computation because it uses an efficient fixed-point representation of real numbers while maintaining accuracy and convergence rates comparable to what can be obtained with a classical solution using floating point numbers. Our technique improves on Nikolaenko et al.’s method for privacy-preserving ridge regression (S&P 2013), and can be used as a building block in other analyses. We implement a complete system and demonstrate that our approach is highly scalable, solving data analysis problems with one million records and one hundred features in less than one hour of total running time.
18
Almashaqbeh, Ghada, Fabrice Benhamouda, Seungwook Han, et al. "Gage MPC: Bypassing Residual Function Leakage for Non-Interactive MPC." Proceedings on Privacy Enhancing Technologies 2021, no. 4 (2021): 528–48. http://dx.doi.org/10.2478/popets-2021-0083.
Full textAbstract:
Abstract Existing models for non-interactive MPC cannot provide full privacy for inputs, because they inherently leak the residual function (i.e., the output of the function on the honest parties’ input together with all possible values of the adversarial inputs). For example, in any non-interactive sealed-bid auction, the last bidder can figure out what was the highest previous bid. We present a new MPC model which avoids this privacy leak. To achieve this, we utilize a blockchain in a novel way, incorporating smart contracts and arbitrary parties that can be incentivized to perform computation (“bounty hunters,” akin to miners). Security is maintained under a monetary assumption about the parties: an honest party can temporarily supply a recoverable collateral of value higher than the computational cost an adversary can expend. We thus construct non-interactive MPC protocols with strong security guarantees (full security, no residual leakage) in the short term. Over time, as the adversary can invest more and more computational resources, the security guarantee decays. Thus, our model, which we call Gage MPC, is suitable for secure computation with limited-time secrecy, such as auctions. A key ingredient in our protocols is a primitive we call “Gage Time Capsules” (GaTC): a time capsule that allows a party to commit to a value that others are able to reveal but only at a designated computational cost. A GaTC allows a party to commit to a value together with a monetary collateral. If the original party properly opens the GaTC, it can recover the collateral. Otherwise, the collateral is used to incentivize bounty hunters to open the GaTC. This primitive is used to ensure completion of Gage MPC protocols on the desired inputs. As a requisite tool (of independent interest), we present a generalization of garbled circuit that are more robust: they can tolerate exposure of extra input labels. This is in contrast to Yao’s garbled circuits, whose secrecy breaks down if even a single extra label is exposed. Finally, we present a proof-of-concept implementation of a special case of our construction, yielding an auction functionality over an Ethereum-like blockchain.
19
Cheng, Nan, Naman Gupta, Aikaterini Mitrokotsa, Hiraku Morita, and Kazunari Tozawa. "Constant-Round Private Decision Tree Evaluation for Secret Shared Data." Proceedings on Privacy Enhancing Technologies 2024, no. 1 (2024): 397–412. http://dx.doi.org/10.56553/popets-2024-0023.
Full textAbstract:
Decision tree evaluation is extensively used in machine learning to construct accurate classification models. Often in the cloud-assisted communication paradigm cloud servers execute remote evaluations of classification models using clients' data. In this setting, the need for private decision tree evaluation (PDTE) has emerged to guarantee no leakage of information for the client's input nor the service provider's trained model i.e., decision tree. In this paper, we propose a private decision tree evaluation protocol based on the three-party replicated secret sharing (RSS) scheme. This enables us to securely classify inputs without any leakage of the provided input or the trained decision tree model. Our protocol only requires constant rounds of communication among servers, which is useful in a network with longer delays.Ma et al. (NDSS 2021) presented a lightweight PDTE protocol with sublinear communication cost with linear round complexity in the size of the input data. This protocol works well in the low latency network such as LAN while its total execution time is unfavourably increased in the WAN setting. In contrast, Tsuchida et al. (ProvSec 2020) constructed a constant round PDTE protocol at the cost of communication complexity, which works well in the WAN setting. Although their construction still requires 25 rounds, it showed a possible direction on how to make constant round PDTE protocols. Ji et al. (IEEE Transactions on Dependable and Secure Computing) presented a simplified PDTE with constant rounds using the function secret sharing (FSS) at the cost of communication complexity. Our proposed protocol only requires five rounds among the employed three servers executing secret sharing schemes, which is comparable to previously proposed protocols that are based on garbled circuits and homomorphic encryption. To further demonstrate the efficiency of our protocol, we evaluated it using real-world classification datasets. The evaluation results indicate that our protocol provides better concrete performance in the WAN setting that has a large network delay.
20
Li, Ye, Zoe L. Jiang, Xuan Wang, Junbin Fang, En Zhang, and Xianmin Wang. "Securely Outsourcing ID3 Decision Tree in Cloud Computing." Wireless Communications and Mobile Computing 2018 (October 4, 2018): 1–10. http://dx.doi.org/10.1155/2018/2385150.
Full textAbstract:
With the wide application of Internet of Things (IoT), a huge number of data are collected from IoT networks and are required to be processed, such as data mining. Although it is popular to outsource storage and computation to cloud, it may invade privacy of participants’ information. Cryptography-based privacy-preserving data mining has been proposed to protect the privacy of participating parties’ data for this process. However, it is still an open problem to handle with multiparticipant’s ciphertext computation and analysis. And these algorithms rely on the semihonest security model which requires all parties to follow the protocol rules. In this paper, we address the challenge of outsourcing ID3 decision tree algorithm in the malicious model. Particularly, to securely store and compute private data, the two-participant symmetric homomorphic encryption supporting addition and multiplication is proposed. To keep from malicious behaviors of cloud computing server, the secure garbled circuits are adopted to propose the privacy-preserving weight average protocol. Security and performance are analyzed.
21
Liu, Kun, and Chunming Tang. "Privacy-preserving Naive Bayes classification based on secure two-party computation." AIMS Mathematics 8, no. 12 (2023): 28517–39. http://dx.doi.org/10.3934/math.20231459.
Full textAbstract:
<abstract><p>With the proliferation of data and machine learning techniques, there is a growing need to develop methods that enable collaborative training and prediction of sensitive data while preserving privacy. This paper proposes a new protocol for privacy-preserving Naive Bayes classification using secure two-party computation (STPC). The key idea is to split the training data between two non-colluding servers using STPC to train the model without leaking information. The servers secretly share their data and the intermediate computations using cryptographic techniques like Beaver's multiplication triples and Yao's garbled circuits. We implement and evaluate our protocols on the MNIST dataset, demonstrating that they achieve the same accuracy as plaintext computation with reasonable overhead. A formal security analysis in the semi-honest model shows that the scheme protects the privacy of the training data. Our work advances privacy-preserving machine learning by enabling secure outsourced Naive Bayes classification with applications such as fraud detection, medical diagnosis, and predictive analytics on confidential data from multiple entities. The modular design allows embedding different secure matrix multiplication techniques, making the framework adaptable. This line of research paves the way for practical and secure data mining in a distributed manner, upholding stringent privacy regulations.</p></abstract>
22
Saleem, Hamza, Amir Ziashahabi, Muhammad Naveed, and Salman Avestimehr. "Hawk: Accurate and Fast Privacy-Preserving Machine Learning Using Secure Lookup Table Computation." Proceedings on Privacy Enhancing Technologies 2024, no. 3 (2024): 42–58. http://dx.doi.org/10.56553/popets-2024-0066.
Full textAbstract:
Training machine learning models on data from multiple entities without direct data sharing can unlock applications otherwise hindered by business, legal, or ethical constraints. In this work, we design and implement new privacy-preserving machine learning protocols for logistic regression and neural network models. We adopt a two-server model where data owners secret-share their data between two servers that train and evaluate the model on the joint data. A significant source of inefficiency and inaccuracy in existing methods arises from using Yao’s garbled circuits to compute non-linear activation functions. We propose new methods for computing non-linear functions based on secret-shared lookup tables, offering both computational efficiency and improved accuracy. Beyond introducing leakage-free techniques, we initiate the exploration of relaxed security measures for privacy-preserving machine learning. Instead of claiming that the servers gain no knowledge during the computation, we contend that while some information is revealed about access patterns to lookup tables, it maintains epsilon-dX-privacy. Leveraging this relaxation significantly reduces the computational resources needed for training. We present new cryptographic protocols tailored to this relaxed security paradigm and define and analyze the leakage. Our evaluations show that our logistic regression protocol is up to 9x faster, and the neural network training is up to 688x faster than SecureML. Notably, our neural network achieves an accuracy of 96.6% on MNIST in 15 epochs, outperforming prior benchmarks that capped at 93.4% using the same architecture.
23
Kim, Hyeong-Jin, Hyunjo Lee, Yong-Ki Kim, and Jae-Woo Chang. "Privacy-preserving kNN query processing algorithms via secure two-party computation over encrypted database in cloud computing." Journal of Supercomputing 78, no. 7 (2022): 9245–84. http://dx.doi.org/10.1007/s11227-021-04286-2.
Full textAbstract:
AbstractSince studies on privacy-preserving database outsourcing have been spotlighted in a cloud computing, databases need to be encrypted before being outsourced to the cloud. Therefore, a couple of privacy-preserving kNN query processing algorithms have been proposed over the encrypted database. However, the existing algorithms are either insecure or inefficient. Therefore, in this paper we propose a privacy-preserving kNN query processing algorithm via secure two-party computation on the encrypted database. Our algorithm preserves both data privacy and query privacy while hiding data access patterns. For this, we propose efficient and secure protocols based on Yao’s garbled circuit. To achieve a high degree of efficiency in query processing, we also propose a parallel kNN query processing algorithm using encrypted random value pool. Through our performance analysis, we verify that our proposed algorithms outperform the existing ones in terms of a query processing cost.
24
Deuber, Dominic, Christoph Egger, Katharina Fech, et al. "My Genome Belongs to Me: Controlling Third Party Computation on Genomic Data." Proceedings on Privacy Enhancing Technologies 2019, no. 1 (2019): 108–32. http://dx.doi.org/10.2478/popets-2019-0007.
Full textAbstract:
Abstract An individual’s genetic information is possibly the most valuable personal information. While knowledge of a person’s DNA sequence can facilitate the diagnosis of several heritable diseases and allow personalized treatment, its exposure comes with significant threats to the patient’s privacy. Currently known solutions for privacy-respecting computation require the owner of the DNA to either be heavily involved in the execution of a cryptographic protocol or to completely outsource the access control to a third party. This motivates the demand for cryptographic protocols which enable computation over encrypted genomic data while keeping the owner of the genome in full control. We envision a scenario where data owners can exercise arbitrary and dynamic access policies, depending on the intended use of the analysis results and on the credentials of who is conducting the analysis. At the same time, data owners are not required to maintain a local copy of their entire genetic data and do not need to exhaust their computational resources in an expensive cryptographic protocol. In this work, we present METIS, a system that assists the computation over encrypted data stored in the cloud while leaving the decision on admissible computations to the data owner. It is based on garbled circuits and supports any polynomially-computable function. A critical feature of our system is that the data owner is free from computational overload and her communication complexity is independent of the size of the input data and only linear in the size of the circuit’s output. We demonstrate the practicality of our approach with an implementation and an evaluation of several functions over real datasets.
25
Wei, Dongying, Dan Wang, Zhiheng Wang, and Yingyi Ma. "A Privacy-Preserving Testing Framework for Copyright Protection of Deep Learning Models." Electronics 13, no. 1 (2023): 133. http://dx.doi.org/10.3390/electronics13010133.
Full textAbstract:
Deep learning is widely utilized to acquire predictive models for mobile crowdsensing systems (MCSs). These models significantly improve the availability and performance of MCSs in real-world scenarios. However, training these models requires substantial data resources, rendering them valuable to their owners. Numerous protection schemes have been proposed to mitigate potential economic loss arising from legal issues pertaining to model copyright. Although capable of providing copyright verification, these schemes either compromise the model utility or prove ineffective against adversarial attacks. Additionally, the privacy concern surrounding copyright verification is noteworthy, given the increasing privacy concerns among model owners. This paper introduces a privacy-preserving testing framework for copyright protection (PTFCP) comprising multiple protocols. Our protocols adhere to the two-cloud server model, where the owner and the suspect transmit their model output to non-colluding servers for evaluating model similarity through the public-key cryptosystem with distributed decryption (PCDD) and garbled circuits. Additionally, we have developed novel techniques to enable secure differentiation for absolute values. Our experiments in real-world datasets demonstrate that our protocols in the PTFCP successfully operate under numerous copyright violation scenarios, such as finetuning, pruning, and extraction.
26
Aaraj, Najwa, Abdelrahaman Aly, Tim Güneysu, et al. "FANNG-MPC: Framework for Artificial Neural Networks and Generic MPC." IACR Transactions on Cryptographic Hardware and Embedded Systems 2025, no. 1 (2024): 1–36. https://doi.org/10.46586/tches.v2025.i1.1-36.
Full textAbstract:
In this work, we introduce FANNG-MPC, a versatile secure multi-party computation framework capable to offer active security for privacy-preserving machine learning as a service (MLaaS). Derived from the now deprecated SCALE-MAMBA, FANNG is a data-oriented fork, featuring novel set of libraries and instructions for realizing private neural networks, effectively reviving the popular framework. To the best of our knowledge, FANNG is the first MPC framework to offer actively secure MLaaS in the dishonest majority setting.FANNG goes beyond SCALE-MAMBA by decoupling offline and online phases and materializing the dealer model in software, enabling a separate set of entities to produce offline material. The framework incorporates database support, a new instruction set for pre-processed material, including garbled circuits and convolutional and matrix multiplication triples. FANNG also implements novel private comparison protocols and an optimized library supporting Neural Network functionality. All our theoretical claims are substantiated by an extensive evaluation using an open-sourced implementation, including the private inference of popular neural networks like LeNet and VGG16.
27
Wagh, Sameer, Divya Gupta, and Nishanth Chandran. "SecureNN: 3-Party Secure Computation for Neural Network Training." Proceedings on Privacy Enhancing Technologies 2019, no. 3 (2019): 26–49. http://dx.doi.org/10.2478/popets-2019-0035.
Full textAbstract:
Abstract Neural Networks (NN) provide a powerful method for machine learning training and inference. To effectively train, it is desirable for multiple parties to combine their data – however, doing so conflicts with data privacy. In this work, we provide novel three-party secure computation protocols for various NN building blocks such as matrix multiplication, convolutions, Rectified Linear Units, Maxpool, normalization and so on. This enables us to construct three-party secure protocols for training and inference of several NN architectures such that no single party learns any information about the data. Experimentally, we implement our system over Amazon EC2 servers in different settings. Our work advances the state-of-the-art of secure computation for neural networks in three ways: 1. Scalability: We are the first work to provide neural network training on Convolutional Neural Networks (CNNs) that have an accuracy of > 99% on the MNIST dataset; 2. Performance: For secure inference, our system outperforms prior 2 and 3-server works (SecureML, MiniONN, Chameleon, Gazelle) by 6×-113× (with larger gains obtained in more complex networks). Our total execution times are 2 − 4× faster than even just the online times of these works. For secure training, compared to the only prior work (SecureML) that considered a much smaller fully connected network, our protocols are 79× and 7× faster than their 2 and 3-server protocols. In the WAN setting, these improvements are more dramatic and we obtain an improvement of 553×! 3. Security: Our protocols provide two kinds of security: full security (privacy and correctness) against one semi-honest corruption and the notion of privacy against one malicious corruption [Araki et al. CCS’16]. All prior works only provide semi-honest security and ours is the first system to provide any security against malicious adversaries for the secure computation of complex algorithms such as neural network inference and training. Our gains come from a significant improvement in communication through the elimination of expensive garbled circuits and oblivious transfer protocols.
28
Huo, Yachao, Zongqu Zhao, Panke Qin, Shujing Wang, and Chengfu Zheng. "Post‐quantum secure two‐party computing protocols against malicious adversaries." Concurrency and Computation: Practice and Experience, October 4, 2023. http://dx.doi.org/10.1002/cpe.7923.
Full textAbstract:
SummarySecure two‐party computation allows a pair of parties to compute a function together while keeping their inputs private. Ultimately, each party receives only its own correct output. In this paper, a post‐quantum secure two‐party computation protocol is proposed that can be used to effectively block malicious parties. The protocol solves the problems of traditional protocols based on garbled circuits, which are vulnerable to quantum attacks, high communication costs and low computational efficiency. The input garbled keys of the circuit constructor is structured as a Learning with Error (LWE) equation, enabling the circuit constructor to employ a zero‐knowledge proof that demonstrates the uniformity of inputs across all circuits.In the key transfer phase, an LWE‐based batch single‐choice cut‐and‐choose oblivious transfer is proposed to avoid selective failure attacks. In addition, the protocol employs a penalty mechanism to detect if the circuit constructor has generated an incorrect circuit. We have compared the communication overhead of this protocol with three other secure two‐party computation protocols based on Cut‐and‐Choose technology. The analytical results show that this protocol has the best error probability and is resilient to quantum attacks under the malicious adversary model. In addition, with appropriate parameters, the protocol is able to reduce its communication bandwidth by an average of 40.41%.
29
Levi, Itamar, and Carmit Hazay. "Garbled Circuits from an SCA Perspective." IACR Transactions on Cryptographic Hardware and Embedded Systems, March 6, 2023, 54–79. http://dx.doi.org/10.46586/tches.v2023.i2.54-79.
Full textAbstract:
Garbling schemes, invented in the 80’s by Yao (FOCS’86), have been a versatile and fundamental tool in modern cryptography. A prominent application of garbled circuits is constant round secure two-party computation, which led to a long line of study of this object, where one of the most influential optimizations is Free-XOR (Kolesnikov and Schneider ICALP’08), introducing a global offset Δ for all garbled wire values where XOR gates are computed locally without garbling them. To date, garbling schemes were not studied per their side-channel attacks (SCA) security characteristics, even though SCA pose a significant security threat to cryptographic devices. In this research we, demonstrate that adversaries utilizing advanced SCA tools such as horizontal attacks, mixed with advanced hypothesis building and standard (vertical) SCA tools, can jeopardize garbling implementations.Our main observation is that garbling schemes utilizing a global secret Δ open a door to quite trivial side-channel attacks. We model our side-channel attacks on the garbler’s device and discuss the asymmetric setting where various computations are not performed on the evaluator side. This enables dangerous leakage extraction on the garbler and renders our attack impossible on the evaluator’s side.Theoretically, we first demonstrate on a simulated environment, that such attacks are quite devastating. Concretely, our attack is capable of extracting Δ when the circuit embeds only 8 input non-linear gates with fifth/first-order attack Success-Rates of 0.65/0.7. With as little as 3 such gates, our attack reduces the first-order Guessing Entropy of Δ from 128 to ∼ 48-bits. We further demonstrate our attack via an implementation and power measurements data over an STM 32-bit processor software implementing circuit garbling, and discuss their limitations and mitigation tactics on logical, protocol and implementation layers.
30
Nieminen, Raine, and Thomas Schneider. "Breaking and Fixing Garbled Circuits When a Gate has Duplicate Input Wires." Journal of Cryptology 36, no. 4 (2023). http://dx.doi.org/10.1007/s00145-023-09472-4.
Full textAbstract:
AbstractGarbled circuits are a fundamental cryptographic primitive that allows two or more parties to securely evaluate an arbitrary Boolean circuit without revealing any information beyond the output using a constant number of communication rounds. Garbled circuits have been introduced by Yao (FOCS’86) and generalized to the multi-party setting by Beaver, Micali and Rogaway (STOC’90). Since then, several works have improved their efficiency by providing different garbling schemes and several implementations exist. Starting with the seminal Fairplay compiler (USENIX Security’04), several implementation frameworks decoupled the task of compiling the function to be evaluated into a Boolean circuit from the engine that securely evaluates that circuit, e.g., using a secure two-party computation protocol based on garbled circuits. In this paper, we show that this decoupling of circuit generation and evaluation allows a subtle attack on several prominent garbling schemes. It occurs when violating the implicit assumption on the circuit that gates have different input wires which is most often not explicitly specified in the respective papers. The affected garbling schemes use separate calls to a deterministic encryption function for the left and right input wire of a gate to derive pseudo-random encryption pads that are XORed together. When a circuit contains a gate where the left and right input wire are the same, these two per-wire encryption pads cancel out and we demonstrate that this can result in a complete break of privacy. We show how the vulnerable garbling schemes can be fixed easily.
31
Cui, Hongrui, Xiao Wang, Kang Yang, and Yu Yu. "Actively Secure Half-Gates with Minimum Overhead under Duplex Networks." Journal of Cryptology 38, no. 2 (2025). https://doi.org/10.1007/s00145-025-09539-4.
Full textAbstract:
Abstract Actively secure two-party computation (2PC) is one of the canonical building blocks in modern cryptography. One main goal for designing actively secure 2PC protocols is to reduce the communication overhead, compared to semi-honest 2PC protocols. In this paper, we make significant progress in closing this gap by proposing two new actively secure constant-round 2PC protocols, one with one-way communication of $$2\kappa +5$$ 2 κ + 5 bits per AND gate (for $$\kappa $$ κ -bit computational security and any statistical security) and one with total communication of $$2\kappa +\rho +5$$ 2 κ + ρ + 5 bits per AND gate (for $$\rho $$ ρ -bit statistical security). In particular, our first protocol essentially matches the one-way communication of semi-honest half-gates protocol. Our optimization is achieved by three new techniques: The recent compression technique by Dittmer et al. (Crypto 13510:57–87, 2022) shows that a relaxed preprocessing is sufficient for authenticated garbling that does not reveal masked wire values to the garbler. We introduce a new form of authenticated bits and propose a new technique of generating authenticated AND triples to reduce the one-way communication of preprocessing from $$5\rho +1$$ 5 ρ + 1 bits to 2 bits per AND gate for $$\rho $$ ρ -bit statistical security. Unfortunately, the above compressing technique is only compatible with a less compact authenticated garbled circuit of size $$2\kappa +3\rho $$ 2 κ + 3 ρ bits per AND gate. We designed a new authenticated garbling that does not use information-theoretic MACs but rather dual execution without leakage to authenticate wire values in the circuit. This allows us to use a more compact half-gates based authenticated garbled circuit of size $$2\kappa +1$$ 2 κ + 1 bits per AND gate, and meanwhile keep compatible with the compression technique. Our new technique can achieve one-way communication of $$2\kappa +5$$ 2 κ + 5 bits per AND gate. In terms of total communication, we notice that the communication overhead of the consistency checking method by Dittmer et al. (Crypto 13510:57–87, 2022) can be optimized by adding one-round of interaction and utilizing the Free-XOR property. This reduces the online communication from $$2\kappa +3\rho $$ 2 κ + 3 ρ bits down to $$2\kappa +\rho +1$$ 2 κ + ρ + 1 bits per AND gate. Combined with our first contribution, this yields total amortized communication of $$2\kappa +\rho +5$$ 2 κ + ρ + 5 bits.
32
Tozawa, Kazunari, Hiraku Morita, and Takaaki Mizuki. "Single-shuffle card-based protocol with eight cards per gate and its extensions." Natural Computing, January 9, 2025. https://doi.org/10.1007/s11047-024-10006-5.
Full textAbstract:
AbstractCard-based cryptography allows us to securely compute arbitrary functions using a deck of physical cards. Its performance is mainly measured by the number of used cards and shuffles, and there is a line of work that aims to reduce either of them. One seminal work is the card-based garbled circuit technique by Shinagawa and Nuida (Discret Appl Math 289:248–261, 2021, https://doi.org/10.1016/j.dam.2020.10.013), which allows the construction of a card-based protocol for any Boolean function with a single shuffle. Their construction requires $$2n + 24g$$ 2 n + 24 g cards for an n-input Boolean function that is represented by g logical gates. In this paper, we reduce the number of cards to $$2n + 8g$$ 2 n + 8 g for arbitrary functions while keeping it working with only one shuffle. In addition, we propose two types of extensions to support numerical encoding and multi-input gates. In the extended scheme, the free-ADD technique, obtained by generalizing the free-XOR technique by Manabe and Shinagawa (Deng J, Kolesnikov V, Schwarzmann AA (eds) CANS 2023, LNCS, vol 14342. Springer, Singapore, pp 232–248, 2023, https://doi.org/10.1007/978-981-99-7563-1-11), is available. The free-ADD technique allows our scheme to evaluate any n-input symmetric Boolean function using $$2n^2+6n+2$$ 2 n 2 + 6 n + 2 cards.
33
"Private Trajectory Intersection Testing: Is Garbled Circuit Better than Custom Protocols?" International Journal of Engineering 34, no. 4 (2021). http://dx.doi.org/10.5829/ije.2021.34.04a.12.
Full text
34
De Cock, Martine, Rafael Dowsley, Anderson C. A. Nascimento, Davis Railsback, Jianwei Shen, and Ariel Todoki. "High performance logistic regression for privacy-preserving genome analysis." BMC Medical Genomics 14, no. 1 (2021). http://dx.doi.org/10.1186/s12920-020-00869-9.
Full textAbstract:
Abstract Background In biomedical applications, valuable data is often split between owners who cannot openly share the data because of privacy regulations and concerns. Training machine learning models on the joint data without violating privacy is a major technology challenge that can be addressed by combining techniques from machine learning and cryptography. When collaboratively training machine learning models with the cryptographic technique named secure multi-party computation, the price paid for keeping the data of the owners private is an increase in computational cost and runtime. A careful choice of machine learning techniques, algorithmic and implementation optimizations are a necessity to enable practical secure machine learning over distributed data sets. Such optimizations can be tailored to the kind of data and Machine Learning problem at hand. Methods Our setup involves secure two-party computation protocols, along with a trusted initializer that distributes correlated randomness to the two computing parties. We use a gradient descent based algorithm for training a logistic regression like model with a clipped ReLu activation function, and we break down the algorithm into corresponding cryptographic protocols. Our main contributions are a new protocol for computing the activation function that requires neither secure comparison protocols nor Yao’s garbled circuits, and a series of cryptographic engineering optimizations to improve the performance. Results For our largest gene expression data set, we train a model that requires over 7 billion secure multiplications; the training completes in about 26.90 s in a local area network. The implementation in this work is a further optimized version of the implementation with which we won first place in Track 4 of the iDASH 2019 secure genome analysis competition. Conclusions In this paper, we present a secure logistic regression training protocol and its implementation, with a new subprotocol to securely compute the activation function. To the best of our knowledge, we present the fastest existing secure multi-party computation implementation for training logistic regression models on high dimensional genome data distributed across a local area network.
35
Nie, Chenfei, Zhipeng Zhou, Mianxiong Dong, Kaoru Ota, and Qiang Li. "EPIDL: Towards efficient and privacy‐preserving inference in deep learning." Concurrency and Computation: Practice and Experience, April 4, 2024. http://dx.doi.org/10.1002/cpe.8110.
Full textAbstract:
SummaryDeep learning has shown its great potential in real‐world applications. However, users(clients) who want to use deep learning applications need to send their data to the deep learning service provider (server), which can make the client's data leak to the server, resulting in serious privacy concerns. To address this issue, we propose a protocol named EPIDL to perform efficient and secure inference tasks on neural networks. This protocol enables the client and server to complete inference tasks by performing secure multi‐party computation (MPC) and the client's private data is kept secret from the server. The work in EPIDL can be summarized as follows: First, we optimized the convolution operation and matrix multiplication, such that the total communication can be reduced; Second, we proposed a new method for truncation following secure multiplication based on oblivious transfer and garbled circuits, which will not fail and can be executed together with the ReLU activation function; Finally, we replace complex activation function with MPC‐friendly approximation function. We implement our work in C++ and accelerate the local matrix computation with CUDA support. We evaluate the efficiency of EPIDL in privacy‐preserving deep learning inference tasks, such as the time to execute a secure inference on the MNIST dataset in the LeNet model is about 0.14 s. Compared with the state‐ofthe‐art work, our work is 1.8–98 faster over LAN and WAN, respectively. The experimental results show that our EPIDL is efficient and privacy‐preserving.
36
Li, Jinguo, Yan Yan, Kai Zhang, Chunlin Li, and Peichun Yuan. "PCIR: Privacy‐Preserving Convolutional Neural Network Inference With Rapid Responsiveness." Computational Intelligence 41, no. 2 (2025). https://doi.org/10.1111/coin.70030.
Full textAbstract:
ABSTRACTSeveral companies leverage trained convolutional neural networks (CNNs) to offer predictive services to users. These companies capitalize on CNNs' superior performance in image processing tasks, such as autonomous driving or face recognition. To safeguard data privacy and model parameters, various algorithms have been proposed. Most of them are predominantly designed using secure multi‐party computation (MPC) or hardware‐assisted solutions. However, certain limitations persist. First, MPC‐based approaches (e.g., garbled circuits, homomorphic encryption) fail to meet rapid responsiveness requirements. Additionally, hardware‐assisted solutions impose extra burdens to realize secure inference tasks. The primary reasons for these shortcomings can be summarized as follows: (1) high computation and communication delays are introduced by heavy cryptographic operations during the online phase. (2) Additional overhead for sharing triples. In this article, we propose PCIR, a secure protocol for privacy‐preserving convolutional neural network inference (PCIR). PCIR aims to address the aforementioned issues based on a pre‐shared secret sharing mechanism. It can achieve rapid responses to user requirements and preserve privacy of data and model for the following reasons: (1) it circumvents computationally expensive operations, such as an operation for permuting plaintext slots, which runs 56 times slower than a homomorphic addition operation, and 34 times slower than a homomorphic multiplication operation. (2) Computational operations, such as homomorphic additions or multiplications, are conducted during the pre‐computation phase. It can significantly reduce the online computing costs. (3) PCIR conducts secure multiplication based on pre‐shared secret shares. It results in much lower communication and computation costs compared with the use of multiplicative triples. Finally, we evaluate PCIR with benchmark neural networks trained on the MNIST and CIFAR‐10 datasets. The results have shown that PCIR requires less time and less communication cost than previous methodologies.
37
Ong, Toan, Ibrahim Lazrig, Indrajit Ray, Indrakshi Ray, and Michael Kahn. "Scalable Secure Privacy-Preserving Record Linkage (PPRL) Methods Using Cloud-based Infrastructure." International Journal of Population Data Science 3, no. 4 (2018). http://dx.doi.org/10.23889/ijpds.v3i4.638.
Full textAbstract:
IntroductionBloom Filters (BFs) are a scalable solution for probabilistic privacy-preserving record linkage but BFs can be compromised. Yao’s garbled circuits (GCs) can perform secure multi-party computation to compute the similarity of two BFs without a trusted third party. The major drawback of using BFs and GCs together is poor efficiency.
 Objectives and ApproachWe evaluated the feasibility of BFs+GCs using high capacity compute engines and implementing a novel parallel processing framework in Google Cloud Compute Engines (GCCE). In the Yao’s two-party secure computation protocol, one party serves as the generator and the other party serves as the evaluator. To link data in parallel, records from both parties are divided into chunks. Linkage between every two chunks in the same block is processed by a thread. The number of threads for linkage depends on available computing resources. We tested the parallelized process in various scenarios with variations in hardware and software configurations.
 ResultsTwo synthetic datasets with 10K records were linked using BFs+GCs on 12 different software and hardware configurations which varied by: number of CPU cores (4 to 32), memory size (15GB – 28.8GB), number of threads (6-41), and chunk size (50-200 records). The minimum configuration (4 cores; 15GB memory) took 8,062.4s to complete whereas the maximum configuration (32 cores; 28.8GB memory) took 1,454.1s. Increasing the number of threads or changing the chunk size without providing more CPU cores and memory did not improve the efficiency. Efficiency is improved on average by 39.81% when the number of cores and memory on the both sides are doubled. The CPU utilization is maximized (near 100% on both sides) when the computing power of the generator is double the evaluator.
 Conclusion/ImplicationsThe PPRL runtime of BFs+GCs was greatly improved using parallel processing in a cloud-based infrastructure. A cluster of GCCEs could be leveraged to reduce the runtime of data linkage operations even further. Scalable cloud-based infrastructures can overcome the trade-off between security and efficiency, allowing computationally complex methods to be implemented.