Periodic Reporting for period 4 - NTSC (New Techniques for Secure Computation)
Período documentado: 2022-04-01 hasta 2023-09-30
The project studies the cryptographic problem of secure multiparty computation, which addresses the following broad scenarios: How can sensitive data be processed without introducing a single point of failure? How can several parties perform a joint computation on their secret inputs, say add them up or compute some other statistics, without revealing any additional information to each other except the desired output?
Secure multiparty computation is a popular research topic because of its rich and deep theory and the relevance to many real-world security problems. It has recently attracted a lot of development and implementation efforts in both academia and industry. These are driven by the growing concerns about privacy in the digital world.
The goal of the project is to develop new techniques for secure multiparty computation that will improve the efficiency and the scalability of current techniques.
There are three main technical objectives that concern improving the communication complexity (via "homomorphic secret sharing" and related primitives), offering efficient protection against stronger ("malicious") attacks, and studying the extent to which computations can be protected against side-channels attack that leak a bounded amount of information about their internal state.
Secure multiparty computation is a popular research topic because of its rich and deep theory and the relevance to many real-world security problems. It has recently attracted a lot of development and implementation efforts in both academia and industry. These are driven by the growing concerns about privacy in the digital world.
The goal of the project is to develop new techniques for secure multiparty computation that will improve the efficiency and the scalability of current techniques.
There are three main technical objectives that concern improving the communication complexity (via "homomorphic secret sharing" and related primitives), offering efficient protection against stronger ("malicious") attacks, and studying the extent to which computations can be protected against side-channels attack that leak a bounded amount of information about their internal state.
In this project, my team members and I have made significant progress on all of the above objectives. Among the highlights:
- New techniques for securely compressing useful forms of correlated randomness. These serve as efficient building blocks for secure computation protocols that have a "silent preprocessing" phase. This kind of preprocessing can be carried out without interaction and supports a very fast online phase once the inputs are known. Results along these lines were reported in papers that were published at the CCS '18, Crypto '19, CCS '19, Crypto '20, Crypto '22. In a recent paper from Eurocrypt '23, these techniques were used to obtain the first oblivious transfer protocols that obtain security against malicious parties with constant computational overhead.
- New techniques for sublinear-communication zero-knowledge proofs. In contrast to traditional techniques, these apply also in the distributed setting of secure multiparty computation over secure point-to-point channels. They improve the state of the art in secure computation protocols for the honest majority setting by closing the gap between the communication required for protecting against passive and active attacks. Results along these lines were reported in papers that were published at the Crypto '19, CCS '19, Crypto '20, Asiacrypt '20, S&P '21, Crypto '21, Eurocrypt '22 and Crypto '23 conferences. We also made progress of the problem of post-quantum succinct zero-knowledge proofs (Eurocrypt 2018) and established a surprising path towards witness encryption, an advanced cryptographic primitive, and hardness of approximation (Crypto '20). This connection uses optimally succinct proofs as a crucial building block.
- New techniques for securely computing useful nonlinear functions, such as integer comparison, truncation, and ReLU, based on function secret sharing. These improve the online communication complexity of earlier protocols based on garbled circuits by two orders of magnitude and enable fast protocols for secure machine learning and fixed-point arithmetic. Results along this line were reported in papers from TCC '19 and Eurocrypt '21.
- A leakage-resilient circuit compiler that converts any circuit into one that offers protection against "constant-depth" leakage functions (Crypto '21). This improves on a previous construction that achieved a similar result under an unproven conjecture. This work has later inspired a complexity theoretic study of the kinds of probability distributions that fool constant-depth distinguishers (ITCS '22). We have also settled an open question about minimizing the randomness complexity of leakage-resilient circuits (Eurocrypt '22), which we then extended to settling a related question about the randomness complexity of securely computing addition and related functions (Crypto '22).
- New techniques for securely compressing useful forms of correlated randomness. These serve as efficient building blocks for secure computation protocols that have a "silent preprocessing" phase. This kind of preprocessing can be carried out without interaction and supports a very fast online phase once the inputs are known. Results along these lines were reported in papers that were published at the CCS '18, Crypto '19, CCS '19, Crypto '20, Crypto '22. In a recent paper from Eurocrypt '23, these techniques were used to obtain the first oblivious transfer protocols that obtain security against malicious parties with constant computational overhead.
- New techniques for sublinear-communication zero-knowledge proofs. In contrast to traditional techniques, these apply also in the distributed setting of secure multiparty computation over secure point-to-point channels. They improve the state of the art in secure computation protocols for the honest majority setting by closing the gap between the communication required for protecting against passive and active attacks. Results along these lines were reported in papers that were published at the Crypto '19, CCS '19, Crypto '20, Asiacrypt '20, S&P '21, Crypto '21, Eurocrypt '22 and Crypto '23 conferences. We also made progress of the problem of post-quantum succinct zero-knowledge proofs (Eurocrypt 2018) and established a surprising path towards witness encryption, an advanced cryptographic primitive, and hardness of approximation (Crypto '20). This connection uses optimally succinct proofs as a crucial building block.
- New techniques for securely computing useful nonlinear functions, such as integer comparison, truncation, and ReLU, based on function secret sharing. These improve the online communication complexity of earlier protocols based on garbled circuits by two orders of magnitude and enable fast protocols for secure machine learning and fixed-point arithmetic. Results along this line were reported in papers from TCC '19 and Eurocrypt '21.
- A leakage-resilient circuit compiler that converts any circuit into one that offers protection against "constant-depth" leakage functions (Crypto '21). This improves on a previous construction that achieved a similar result under an unproven conjecture. This work has later inspired a complexity theoretic study of the kinds of probability distributions that fool constant-depth distinguishers (ITCS '22). We have also settled an open question about minimizing the randomness complexity of leakage-resilient circuits (Eurocrypt '22), which we then extended to settling a related question about the randomness complexity of securely computing addition and related functions (Crypto '22).
The project delivered what it promised: a variety of new techniques for secure computation. These new techniques address some of the critical efficiency bottlenecks and have a major impact on both theoretical and applied work in this area.