More Like this

1. Delegated Private Matching For Compute

   https://doi.org/10.56553/popets-2024-0040  

   Mouris, Dimitris; Masny, Daniel; Trieu, Ni; Sengupta, Shubho; Buddhavarapu, Prasad; Case, Benjamin (April 2024, Proceedings on Privacy Enhancing Technologies)

   Private matching for compute (PMC) establishes a match between two datasets owned by mutually distrusted parties (C and P) and allows the parties to input more data for the matched records for arbitrary downstream secure computation without rerunning the private matching component. The state-of-the-art PMC protocols only support two parties and assume that both parties can participate in computationally intensive secure computation. We observe that such operational overhead limits the adoption of these protocols to solely powerful entities as small data owners or devices with minimal computing power will not be able to participate. We introduce two protocols to delegate PMC from party P to untrusted cloud servers, called delegates, allowing multiple smaller P parties to provide inputs containing identifiers and associated values. Our Delegated Private Matching for Compute protocols, called DPMC and DsPMC, establish a join between the datasets of party C and multiple delegators P based on multiple identifiers and compute secret shares of associated values for the identifiers that the parties have in common. We introduce a rerandomizable encrypted oblivious pseudorandom function (OPRF) primitive, called EO, which allows two parties to encrypt, mask, and shuffle their data. Note that EO may be of independent interest. Our DsPMC protocol limits the leakages of DPMC by combining our EO scheme and secure three-party shuffling. Finally, our implementation demonstrates the efficiency of our constructions by outperforming related works by approximately 10x for the total protocol execution and by at least 20x for the computation on the delegators. 

   more » « less
2. Oblivious Transfer Is in MiniQCrypt.

   Grilo, Alex; Lin, Huijia; Song, Fang; Vaikuntanathan, Vinod (January 2021, EUROCRYPT)

   null (Ed.)

   MiniQCrypt is a world where quantum-secure one-way functions exist, and quantum communication is possible. We construct an oblivious transfer (OT) protocol in MiniQCrypt that achieves simulation-security in the plain model against malicious quantum polynomial-time adversaries, building on the foundational work of Bennett, Brassard, Crépeau and Skubiszewska (CRYPTO 1991). Combining the OT protocol with prior works, we obtain secure two-party and multi-party computation protocols also in MiniQCrypt. This is in contrast to the classical world, where it is widely believed that one-way functions alone do not give us OT. 

   more » « less
3. Secrecy: Secure collaborative analytics in untrusted clouds

   Liagouris, John; Kalavri, Vasiliki; Faisal, Muhammad; Varia, Mayank (April 2023, 20th USENIX Symposium on Networked Systems Design and Implementation)

   We present Secrecy, a system for privacy-preserving collaborative analytics as a service. Secrecy allows multiple data holders to contribute their data towards a joint analysis in the cloud, while keeping the data siloed even from the cloud providers. At the same time, it enables cloud providers to offer their services to clients who would have otherwise refused to perform a computation altogether or insisted that it be done on private infrastructure. Secrecy ensures no information leakage and provides provable security guarantees by employing cryptographically secure Multi-Party Computation (MPC). In Secrecy we take a novel approach to optimizing MPC execution by co-designing multiple layers of the system stack and exposing the MPC costs to the query engine. To achieve practical performance, Secrecy applies physical optimizations that amortize the inherent MPC overheads along with logical optimizations that dramatically reduce the computation, communication, and space requirements during query execution. Our multi-cloud experiments demonstrate that Secrecy improves query performance by over 1000x compared to existing approaches and computes complex analytics on millions of data records with modest use of resources. 

   more » « less
4. BFT-Metronome: A Novel Byzantine Fault-Tolerant Clock Synchronization Algorithm

   https://doi.org/10.1109/BCCA62388.2024.10844398  

   Fulford, Conner; Medury, Sai; Altarawneh, Amani; Skjellum, Anthony (November 2024, IEEE)

   Distributed systems and blockchain consensus protocols rely on a clock synchronization algorithm to resolve any conflicts related to the state of data or resources. Faulty and adversarial peers make it challenging to achieve clock synchronization in a peer-to-peer distributed system. Clock-synchronization protocols such as the Network Time Protocol (NTP) and the Precision Time Protocol (PTP) are effective but only in a partially or fully trusted network. They fail to synchronize clocks in the presence of misbehaving peers who try to rewind or fast-forward time or introduce deadlocks purposely.This paper introduces BFT-Metronome, a Byzantine fault-tolerant clock synchronization algorithm for peer-to-peer distributed systems. The novel BFT-Metronome algorithm combines a sensor-fusion algorithm with a statistical outlier detection algorithm to enable participating peers to determine the most likely skew based on broadcast timestamps. The algorithm is designed to withstand up to N3−1 misbehaving participants in a network of N total participants, and the independently calculated offset is observed to be within 10 ms of precision vs. 40-100 ms in peer-to-peer distributed systems.The BFT-Metronome clock synchronization algorithm can also be applied to blockchain consensus protocols (such as Proof-of-Stake) that rely on weakly synchronized clocks. This is shown by integrating BFT-Metronome with the Lightweight Mining Algorithm to achieve consensus-round synchronization and timeouts. Then, generalization to other protocols is argued qualitatively. It can also be applied to large distributed systems to secure against insider threats during clock synchronization. 

   more » « less
5. Flamingo: Multi-Round Single-Server Secure Aggregation with Applications to Private Federated Learning

   https://doi.org/10.1109/SP46215.2023.10179434  

   Ma, Yiping; Woods, Jess; Angel, Sebastian; Polychroniadou, Antigoni; Rabin, Tal (May 2023, Proceedings of the IEEE Symposium on Security and Privacy)

   This paper introduces Flamingo, a system for secure aggregation of data across a large set of clients. In secure aggregation, a server sums up the private inputs of clients and obtains the result without learning anything about the individual inputs beyond what is implied by the final sum. Flamingo focuses on the multi-round setting found in federated learning in which many consecutive summations (averages) of model weights are performed to derive a good model. Previous protocols, such as Bell et al. (CCS ’20), have been designed for a single round and are adapted to the federated learning setting by repeating the protocol multiple times. Flamingo eliminates the need for the per-round setup of previous protocols, and has a new lightweight dropout resilience protocol to ensure that if clients leave in the middle of a sum the server can still obtain a meaningful result. Furthermore, Flamingo introduces a new way to locally choose the so-called client neighborhood introduced by Bell et al. These techniques help Flamingo reduce the number of interactions between clients and the server, resulting in a significant reduction in the end-to-end runtime for a full training session over prior work.We implement and evaluate Flamingo and show that it can securely train a neural network on the (Extended) MNIST and CIFAR-100 datasets, and the model converges without a loss in accuracy, compared to a non-private federated learning system. 

   more » « less