Security/Efficiency Tradeoffs
for Two-party Computation
Payman Mohassel
Yahoo Labs
Based on work with Matthew
Franklin, Vladimir Kolesnikov, Ben Riva, Mike Rosulek
Secure Multiparty Computation
P2, x2
P1, x1
P3, x3
P5, x5
P4, x4
Correctness:
honest parties learns
the correct output
Privacy:
Nothing but the
final output is leaked
Parties learn only f(x1,…,xn) Fairness, Output Delivery, …
Location-Based Services
 Serving information/services
›
stores, restaurants, ATMs, …
›
tourist guides, Ads, …
 Location-based access control
 Privacy-Preserving Proximity Testing
3
Remote Diagnosis
• Error reporting systems
• Medical Diagnosis program
• IDS/IPS rule sets
• DNA patterns
GT AT . . .
• Log files
• List of symptoms
• Packets
• DNA database
More Applications
 Data mining
 Electronic Voting
 Auctions
 Exchanges/financial analysis
 Location privacy
 Genomic computation
 Electronic commerce
 Healthcare
Dyadic Security
 When there is IP, NDA, user consent involved
 When you need to distribute trust
Towards MPC in Practice
 Optimizing/enhancing constructions
›
›
Design and implementation
Garbling, OT extension, parallelization, pipelining, hardware,
batch execution, offline/online, RAM programs, …
 Custom protocols
›
›
Customize for important functions
Set operations, pattern matching, genomic computation, linear
algebra, …
 Relaxing models and security guarantees
›
Commodity-based, covert, server-aided, leaky MPC, …
Security/Model Relaxations
 Risk-aware cheaters
›
Economic/legal incentive to not get caught
›
Covert adversaries
 MPC with small leakage
›
Full correctness, but one bit of leakage
›
As cheap as semi-honest security!
 Revisit standard architectures
›
Server-Aided MPC, commodity-based MPC
Leaky MPC (Outline)
 2PC based on Garbled Circuits
 Leaky 2PC via Dual-Execution
 Reducing Leakage Probability
 Restricting Leakage Functions
 Summary/Future Work
Yao’s Garbled Circuits
 First secure computation protocol
 Uses fast symmetric-key primitives
•
Implementations
›
›
›
›
›
›
•
Fairplay, 2004
TASTY, 2010
FastGarble, 2011
SCAPI, 2013
JustGarble, 2013
…
Circuits with millions of gates in less than a second
A Garbling Scheme
Encode(
𝒙, 𝒚,
𝐸
)
𝐶 𝑥, 𝑦 = 𝑓(𝑥, 𝑦)
Garble(
, 𝑠𝑒𝑒𝑑
)
𝐸
𝐺𝐶
𝐺𝐼𝑥
𝐷
𝐺𝐼𝑦
𝐺𝐼𝑥
Eval(
𝐺𝐶
𝐺𝐼𝑦
)
𝐺𝑂
𝐷
𝒇(𝒙, 𝒚)
Some Basic Properties
 Privacy: Knowing 𝐺𝐼𝑥 , 𝐺𝐼𝑦 , and 𝐺𝐶 does no leak any info
𝐺𝐼𝑥
𝐺𝐼𝑥
𝐺𝐶
𝒇(𝒙, 𝒚)
𝐺𝐶
𝐺𝐼𝑦
𝐷
𝐺𝐼𝑦
 Output Authenticity: Cannot compute another valid output
𝐺𝐼𝑥
𝐺𝐶
𝐺𝐼𝑦
𝐺𝑂′
Garble/Evaluate
Evaluate
Garble
𝑘01 , 𝑘11
AND
3 3
𝑘0 , 𝑘1
AND
𝑘02 , 𝑘12
𝑐0,0 = 𝐸 𝑘01,𝑘02 (𝑘03 )
𝑐0,1 = 𝐸 𝑘01,𝑘12 (𝑘03 )
𝑐1,0 = 𝐸 𝑘11,𝑘02
𝑐1,1 = 𝐸 𝑘11,𝑘12
(𝑘03 )
(𝑘13 )
3
𝐷𝑒𝑐 𝑘𝑎1 ,𝑘 2 𝑐𝑎,𝑏 = 𝑘𝑎&𝑏
𝑏
Semi-honest 2PC
𝐶 𝑥, 𝑦 = 𝑓(𝑥, 𝑦)
𝐺𝐶, 𝐸, 𝐷 ← 𝐺𝑎𝑟𝑏𝑙𝑒(𝐶, 𝑠𝑑)
𝐺𝐼𝑥 ← 𝐸𝑛𝑐𝑜𝑑𝑒(𝑥, 𝐸)
𝒙
𝐺𝐼𝑥
𝐺𝐶
𝒚
𝐷
Evaluator
Garbler
Oblivious Transfer
𝐺𝐼𝑦
𝒇(𝒙, 𝒚)
Malicious 2PC
Cut-and-Choose
Ensure all inputs are same
Open
𝑥
𝐺𝐶1
𝑥
𝐺𝐶2
𝒙
⋮
𝑃1
𝐺𝐶3
𝑥
𝐺𝐶6
Majority
𝐺𝐶1
𝐺𝐶2
𝑧2
1 − 2−s 𝑠𝑒𝑐𝑢𝑟𝑖𝑡𝑦
𝑠 ~ 120
𝐺𝐶3
𝐺𝐶4
𝐺𝐶5
Evaluate
𝐺𝐶4
𝑧4
𝐺𝐶6
𝑧6
𝐺𝐶5
𝑧 = 𝑓(𝑥, 𝑦)
Malicious 2PC [Lindell 2013]
o 𝑠 circuits for 1 − 2−𝑠 security
o 3𝑠 circuits for cheating recovery
o But computation is smaller
Open
𝑥
𝐺𝐶1
𝑥
𝐺𝐶2
𝒙
⋮
𝑃1
𝐺𝐶3
𝑥
𝐺𝐶6
Cheating recovery
𝐺𝐶1
𝐺𝐶2
𝒙
𝐺𝐶3
𝐺𝐶4
𝐺𝐶4
𝐺𝐶5
Evaluate
𝐺𝐶𝑧
𝐺𝐶𝑧
𝐺𝐶5
𝐺𝐶6
𝐺𝐶𝑧′
𝐶ℎ𝑒𝑎𝑡𝑖𝑛𝑔
𝑟𝑒𝑐𝑜𝑣𝑒𝑟𝑦
output 𝑥 if
2PC
𝐺𝐶𝑧 ≠ 𝐺𝐶𝑧′
𝐺𝐶𝑧′
proof of cheating
Security Definition for 2PC
Real world
Ideal world
TTP
≈
𝑃1
𝑃2
𝑥′
𝑎𝑏𝑜𝑟𝑡/𝑐𝑜𝑛𝑡
𝑓(𝑥′, 𝑦)
𝑆𝑖𝑚
𝑎𝑏𝑜𝑟𝑡/𝑓(𝑥′, 𝑦)
𝑦
𝑃2
Dual-Ex 2PC [MF06, HKE12]
o Leakage prob. = 1
o Bad circuit
o Different inputs
𝐺𝐼𝑥
𝐺𝐶
𝐷
𝑧, 𝐺𝑂𝑧
𝐺𝐼𝑦
𝒙
𝑃1
𝑮𝑶𝒛 ||𝑮𝑶𝒛
Yes/no
𝑮𝑶𝒛′ ||𝑮𝑶𝒛′
Equality
Check
2PC
𝐺𝐼𝑥 ′
𝑧′, 𝐺𝑂𝑧′
𝐷
𝐺𝐶
𝐺𝐼𝑦 ′
Yes/no
𝒚
𝑃2
1-leaked Model
1-leaked world
Real world
TTP
≈ 𝑔 . , . , 𝑥′
𝑖𝑓 𝑔 𝑥 ′ , 𝑦 = 0
𝑎𝑏𝑜𝑟𝑡
𝑓(𝑥′, 𝑦)
𝑃1
𝑃2
𝑎𝑏𝑜𝑟𝑡/𝑐𝑜𝑛𝑡
𝑆𝑖𝑚
𝑖𝑓 𝑔 𝑥 ′ , 𝑦 = 0
𝑎𝑏𝑜𝑟𝑡
𝑒𝑙𝑠𝑒 𝑓(𝑥 ′ , 𝑦) 𝑎𝑏𝑜𝑟𝑡/𝑐𝑜𝑛𝑡
𝑦
𝑃2
Reducing Probability of Leakage
𝜖-CovIDA Model
[MR13]
With probability 𝜖 (undetected)
With probability 1 − 𝜖 (detected)
TTP
TTP
cheat,𝑔, 𝑥′
𝑎𝑏𝑜𝑟𝑡
𝑎𝑏𝑜𝑟𝑡
𝑦
cheat, 𝑔, 𝑥′
𝑓(𝑥′, 𝑦)
𝑆𝑖𝑚
𝑃2
𝑆𝑖𝑚
𝑖𝑓 𝑔 𝑥 ′ , 𝑦 = 0
𝑎𝑏𝑜𝑟𝑡
𝑖𝑓 𝑔 𝑥 ′ , 𝑦 = 0
𝑎𝑏𝑜𝑟𝑡
𝑒𝑙𝑠𝑒 𝑓(𝑥 ′ , 𝑦)
𝑦
𝑃2
o Leakage prob. = 1
o Bad circuit
o Different inputs
1
( )-CovIDA
𝑠
2PC
𝐺𝐶1
𝐺𝐶2
Yes/no
Equality
Check
2PC
Yes/no
𝐺𝐶3
𝐺𝐶1
𝐺𝐶4
𝐺𝐶2
𝐺𝐶3
𝐺𝐶4
o Leakage prob. 𝜖 = 1/𝑠
o Bad circuit
o Different inputs
𝒙
𝑃1
1
( )-CovIDA
𝑠
2PC [MR13]
𝑥′1
𝑟′1
𝐺𝐶1
𝑟′1
=?
𝑟1
𝐺𝐶1
𝑥1
𝑟1
𝑥′2
𝑟′2
𝐺𝐶2
𝑟′2
=?
𝑟2
𝐺𝐶2
𝑥2
𝑟2
𝑥′3
𝑟′3
𝐺𝐶3
𝐺𝐶3
𝑥3
𝑟3
𝑥′4
𝑟′4
𝐺𝐶4
𝐺𝐶4
𝑥4
𝑟4
𝑥3′ ⊕ 𝑟′3 =? 𝑥3 ⊕ 𝑟3
𝑟′4
=?
𝑟4
𝒚
𝑃2
(2−𝑠 )-CovIDA 2PC
(existing solutions)
 [MR13]
›
3𝑠 circuits in each direction + equality-check (Pre Lindell’13)
›
Same cut-and-choose for both parties (cannot use different 𝑠 values)
 Best alternative
›
Two malicious 2PCs with 𝑠 circuits (one in each direction)
›
Equality-check to compare the outputs
›
Two full cheating recovery 2PCs
›
3𝑠 circuits each + associated input-consistency checks
›
Noticeable for small/medium circuits
(2−𝑠 )-CovIDA 2PC
(input-consistency via [SS’13])
𝒙
𝑃1
𝑥′1
𝑟′1
𝐺𝐶1
𝑥′2
𝑟′2
𝐺𝐶2
𝑥′3
𝑟′3
𝐺𝐶3
𝑥′4
𝑟′4
𝐺𝐶4
𝐻(𝑟1′ ||𝑥1′ )
𝐻(𝑟2 ||𝑥2 )
𝐺𝐶1
𝑥1
𝑟1
𝐺𝐶2
𝑥2
𝑟2
𝐺𝐶3
𝑥3
𝑟3
𝐺𝐶4
𝑥4
𝑟4
All should be same
𝐻(𝑟3′ ||𝑥3′ )
𝐻(𝑟3 ||𝑥3 )
𝒚
𝑃2
(2−𝑠 )-CovIDA 2PC
(Cheating Recovery via PSI)
All the same for honest party
𝑥′1
𝑟′1
𝒙
𝑃1
𝐺𝐶1
𝑥′2
𝑟′2
𝐺𝐶2
𝑥′3
𝑟′3
𝐺𝐶3
𝑥′4
𝑟′4
𝐺𝐶4
At least one correct output
with prob. 1 − 2−𝑠
𝑧′1 , 𝐺𝑂𝑧1
𝑧2 , 𝐺𝑂𝑧2
𝑧′3 , 𝐺𝑂𝑧3
{ 𝐺𝑂𝑧1′ ||𝐺𝑂𝑧1′ , 𝐺𝑂𝑧3′ ||𝐺𝑂𝑧3′ }
𝑧3 , 𝐺𝑂𝑧3
Malicious 2PC for
Private Set intersection
𝐺𝐶1
𝑥1
𝑟1
𝐺𝐶2
𝑥2
𝑟2
𝐺𝐶3
𝑥3
𝑟3
𝐺𝐶4
𝑥4
𝑟4
𝒚
𝑃2
{ 𝐺𝑂𝑧2 ||𝐺𝑂𝑧2 , 𝐺𝑂𝑧3 ||𝐺𝑂𝑧3 }
(2−𝑠 )-CovIDA 2PC
(details)
 Size of each set
›
s
~
2
Padded with dummy elements when needed
 Size of intersection is at most 1
 Two-Stage PSI
(1) parties commit to input sets
(2) parties learn the set intersection
(2−𝑠 )-CovIDA 2PC
(efficiency)
 𝑂(𝑠) exponentiations for PSI
›
Constant are small for best malicious PSI
 For AES circuit
›
35% reduction in bandwidth compared to alternative
 Best latency for standard 2PC too!
Restricting the Leakage Function
Dual-Ex 2PC
𝐺𝐼𝑥
𝐺𝐶
𝐷
𝑧, 𝐺𝑂𝑧
𝐺𝐼𝑦
𝒙
𝑃1
𝑮𝑶𝒛 ||𝑮𝑶𝒛
Yes/no
𝑮𝑶𝒛′ ||𝑮𝑶𝒛′
Equality
Check
Yes/no
𝐺𝐼𝑥 ′
𝑧′, 𝐺𝑂𝑧′
𝐷
𝐺𝐶
𝐺𝐼𝑦 ′
𝒚
𝑃2
What is the leakage function?
′
′
 𝑔 𝑥, 𝑦 ≝ [𝑓 𝑥, 𝑦 =? 𝑓 𝑥, 𝑦 ]
 But to what extent is 𝑓′ adversary’s choice?
[HKE, S&P 2012]
“It may be possible to take advantage of constraints in the circuit design to limit
the possible partitioning functions …. although we have no yet found a principled
way to provide meaningful constraints on the possible partitioning functions.”
Property-Enforcing Garbling Schemes
(PEGS)
 What properties of 𝑓′ can we enforce given 𝐺𝐶𝑓′ ?
›
𝑃𝑟𝑜𝑝 𝐺𝐶𝑓′ = 𝑝𝑟𝑜𝑝(𝑓 ′ )
 𝑃𝑟𝑜𝑝: topology, depth, input size, output size, …?
›
It may seem that an honest evaluator enforces topology through his evaluation
𝐶 𝑥, 𝑦 = 𝑓(𝑥, 𝑦)
Garble(
, 𝑠𝑒𝑒𝑑
𝐺𝐶
)
Encode(
𝐷
𝐸
𝐺𝐶
Extract(
PEGS
𝐸
)
)
𝐺𝐼𝑥
Eval(
𝐺𝐶
𝐺𝐼𝑦
𝐷′
𝐸
𝐺𝐼𝑦
𝐺𝐼𝑥
⊥
𝑓′
𝒙, 𝒚,
)
𝐺𝑂
𝐷
𝒇(𝒙, 𝒚)
PEGS
𝑝𝑟𝑜𝑝 𝑓 ′ = 𝑃𝑟𝑜𝑝(𝐺𝐶)
𝐺𝐼𝑥
Eval(
Extract(
𝐺𝐶
𝐸
)
𝐺𝐶
𝐺𝐼𝑦
𝒇′
≈
𝐷′
𝒇′(𝒙, 𝒚)
)
𝐺𝑂
𝐷′
Enforcing Topology
 Standard Garbling does NOT enforce topology
𝑐0,0 = 𝐸 𝑘01 ,𝑘02 (𝑘03 )
𝐻(𝑘03 )
3
𝐻(𝑘
1)
(𝑘03 )
𝑐0,0 = 𝐸 𝑘01 ,𝑘02 (𝑘13 )
𝑐0,1 = 𝐸 𝑘01 ,𝑘12 (𝑘03 )
𝑐0,1 = 𝐸 𝑘01 ,𝑘12 (𝑘23 )
𝑐1,0 = 𝐸 𝑘11 ,𝑘02
𝑐1,0 = 𝐸 𝑘11 ,𝑘02 (𝑘33 )
𝑐1,1 = 𝐸 𝑘11 ,𝑘12 (𝑘13 )
𝑐1,1 = 𝐸 𝑘11 ,𝑘12 (𝑘43 )
Honest Garbler
Malicious Garbler
 But is not far off!
 Just need to control information bandwidth
Computation Only Leaks
 𝑔 is a function of intermediate wires of 𝑓
 𝑔 respects locality of inputs and intermediate wires
›
E.g. if two inputs never touch in the circuit, they cannot both be inputs to 𝑔
 PEGS (topology) + gate-level Dual-Ex  Computation Only Leakage
›
Conjunction of gate-local leakage functions
Summary
 Leaking one bit via dual-execution
 Reducing probability of leakage via cut-and-choose & PSI
 Restricting leakage function via PEGs
 The techniques are composable
Future Work
 PEGS
›
Design PEGS for different properties
›
Applications go beyond leaky MPC
 Leaky MPC
›
2−𝑠 -CovIDA 2PC with less than 2𝑠 circuits
›
Rule out certain leakage functions
›
Limit leakage to certain complexity classes
• Low-depth circuits, etc.
Questions?