Generic server-aided secure multi-party computation in cloud computing
Introduction
Over the past four decades, secure multi-party computation (MPC) has evolved from a specific tool for solving particular problems (e.g., the millionaires problem [1]) to a generic key cryptography technology for many privacy-preserving applications nowadays, such as privacy-preserving machine learning (e.g., [2], [3], [4], [5]) and privacy-preserving genomic computation (e.g., [6], [7], [8]), to name a few. MPC enables a group of parties who do not trust each other to jointly compute a function with their own private inputs , such that each party can receive the correct output of the function while leaking no information of its private input to the other parties. The generic characteristic of MPC is embodied by the fact that it works for a generalized function . In other words, any secure computation task that involves multiple parties and aims at not leaking individual private inputs to others can be accomplished using MPC.
In the big data era, data has become an important factor of production comparable to hard assets and human capital [9]. By performing collaborative computation tasks with distributed datasets (e.g., in big data analysis), enterprises can collaborate with multiple correlated enterprises to maximize productivity, improve product quality, perfect product or service delivery, optimize supply chain management, and reduce costs and energy consumption [10].
Since the automotive industry has shaped the global economy and billions of people’s lifestyle [11], we take the automotive industry as an example to clarify how collaborative computation with distributed datasets benefits the whole automotive industry chain [12], [13]. As shown in Figure 1, the automotive industry chain includes raw materials suppliers, auto parts suppliers, automotive manufacturers, dealers, service providers, and users. Various enterprises participate in the automotive industry, and different enterprises have their large numbers of valuable datasets. However, what is important for the whole automotive industry chain is not the scale of datasets that each enterprise owns, but the valuable information generated by cooperative analysis on these multi-party datasets. For example, if the dealers share the user data with the online car selling websites operators to match the user with their user behavior data on that website (such as brands preferences, model preferences, car comparisons, and budgets), and after cooperatively analyzing these two datasets, the result forms the consumers’ motivation and demands for purchasing a car. This analysis result cannot only benefit the dealers to take more targeted marketing actions but can also enable the manufacturers to be more targeted in product design and development. Also, if the manufacturers share the monitoring data of critical automotive components with the maintenance service provider who owns the components inventory data, and the parts suppliers who own the loss standard data, after the cooperative analysis of these three datasets, the result forms early-warning of automotive security. This result can improve the consumers’ awareness of the automotive maintenance and enable the parts suppliers to continually update the quality of parts and make maintenance service provider provide more efficient service based on timely parts supply.
However, enterprises’ privacy concerns make it difficult to perform such collaborative computation tasks with distributed datasets in practice. For enterprises, sharing the unique datasets among different enterprises is tantamount to providing other enterprises their trade secrets. Besides, if the dataset is relevant to consumers, it also involves the issue of consumer privacy, which is protected by the data protection laws of the government (e.g., General Data Protection Regulation of the European Union). These concerns make the enterprises reluctant to share their data directly and result in the data silos problem of enterprises. Therefore, how to enable the enterprises to achieve secure multi-party joint datasets analysis without leaking their own datasets has become a key issue in today’s world. This problem coincides with the concept of MPC. In particular, each enterprise with its private dataset can be regarded as the participant party with its private input , and the collaborative computation task expected to be securely computed by the enterprises with distributed datasets can be regarded as the function .
Nevertheless, we cannot directly apply the advanced MPC protocols to solve the problem, because the system model for current enterprises to tackle secure computation tasks is different from that of MPC. According to MicroStrategys 2018 Global State of Enterprise Analytics Report [14], 39 percent of global enterprises deployed their data computation platform in the cloud in 2018, while 25 percent of global enterprises are considering moving their data computation platform to the cloud by 2023. Based on this report, it is easy to see that cloud will become the typical choice for most enterprises in the world, especially for traditional industrial enterprises or small and medium-sized enterprises (SMEs) who do not have the powerful ability of big data processing and analysis. As the computation capabilities of enterprise nodes and cloud server nodes can be very different, this forms the sever-aided model that contradicts with the standard MPC system model in which all the parties are assumed to play a similar role and with similar computation ability. If we directly run MPC protocols among the enterprises without considering the server-aided model, this will put higher demands on the capability of enterprises for big data processing and cryptography operations, which will become a burden for SMEs. Also, this may incur incompatibility problems for practical adoption in the future as most computation platforms for enterprises will be built in the server-aided model. Therefore, aiming at efficiently allowing multiple enterprises to perform secure computation tasks with distributed datasets in the cloud computing setting (i.e., server-aided model), we make the following contributions:
(1) Based on the garbled circuit technique, we propose an efficient server-aided MPC protocol. This is the first work that allows the server not only to assist with garbled circuit generation but also perform garbled circuit evaluation, which minimizes the computation overhead for all the client parties.
(2) Our proposed protocol provides security guarantee in the scenario where at most client parties are malicious while the server is semi-honest and non-collusive with any client party.
(3) Our protocol also provides fairness guarantee which can be achieved by only one server-aided MPC protocol in the literature.
(4) We implement our protocol and show that it achieves superior performance compared with the state-of-the-art result. For the 2 client parties setting, our work is faster than the previous best server-aided 2PC work. For the 4 client parties setting, our work improves the efficiency by in comparison with the only implemented server-aided MPC protocol in the malicious model.
Based on the security and experimental performance analysis, we conclude that this work is currently the most efficient server-aided secure multi-party computation protocol with the same security guarantee compared with all the previous works to the best of our knowledge.
Paper Organization. The rest of the paper is organized as follows: The overview of the related works in the literature for server-aided MPC is provided in Section 2. The preliminaries required for the protocol construction are provided in Section 3. The system model, threat model, security goals and security definition are described in Section 4. The detailed protocol construction, the security analysis and the performance evaluation are provided in Section 5–7, respectively. The conclusion of this work is provided in Section 8.
Section snippets
MPC
Through the development of over 30 years, lots of works focusing on improving both asymptotic and concrete efficiency of MPC have come forth. For the garbled circuit based approach, it was first proposed in [25] for 2-party in the semi-honest model. Then, Beaver et al. extended it into the multi-party version [26]. Later, several works continued to promote this kind of research: [27], [28], [29], [30], [31], [32], [33], [34]. The main property of the garbled circuit based approach is the
Garbled circuit technique
As the main cornerstone for the series of works in MPC field, garbled circuit (GC) technique enables the two parties to securely compute the function without leaking anything except the computation result. The two parties first construct the boolean circuit that represents the function . For the basic GC scheme, the garbled table for AND gate is shown in Fig. 2, where are the actual bit values for the input wires and the output wire ; are the
System model
There exist entities in the system: client parties and one , as shown in Fig. 7. we summarize their roles as follows:
- •
: It is the third party employed to both assist the circuit generation and take the circuit evaluation work for client parties to securely compute some function . It has stronger data processing capacity than client parties. It can be the cloud server owned by powerful cloud services providers.
- •
: It is one of the client parties that requires to
Outline
In order to accomplish any joint datasets big data analysis task, the client parties and need to reach an agreement of the boolean circuit which properly represents the evaluated function . Each client party holds its own private input. Their goal is to securely compute the function while achieving the goals we list above.
There are four phases in this protocol:
(1) Circuit preprocessing phase: sends the global MAC keys to each client parties , respectively. Then,
Security analysis
Following the Definition 1 in Section 4.4, our server-aided multi-party computation protocol is secure under the theorem as follows: Theorem 1 The efficient server-aided multi-party computation protocol securely computes a function in this scenario where at most client parties are malicious while is semi-honest.
To prove Theorem 1, we divide the proof into three claims based on the Lemma 1: (1) We prove security when all the client parties and are independent and
Experiment setup
Based on Table 1 and the experiment results each work presented, we select works [21] for server-aided 2PC protocols comparison, and the work [22] for server-aided MPC protocols comparison. The reason are listed as follows:
(1) For server-aided 2PC protocols comparison: Since work [21] outperforms all the server-aided 2PC works in the literature, we omit works [15], [16], [17], [18], [19], [20] for comparison.
(2) For server-aided MPC protocols comparison: The work [23] was neither implemented
Conclusions
In order to efficiently achieve secure multi-party joint datasets analysis in cloud computing among different enterprises without leaking their private dataset, we propose a generic secure server-aided MPC protocol. By constructing such a generic protocol, the enterprises can handle any collaborative computation task ideally represented with one or multiple functions in cloud computing. We provide security guarantee in the scenario where at most n-1 client parties are malicious while the server
CRediT authorship contribution statement
Yulin Wu: Conceptualization, Methodology, Writing – original draft, Writing – review & editing. Xuan Wang: Supervision, Funding acquisition, Writing – review & editing. Willy Susilo: Validation, Formal analysis. Guomin Yang: Methodology, Writing – review & editing. Zoe L. Jiang: Formal analysis. Siu-Ming Yiu: Validation. Hao Wang: Writing – review & editing.
Declaration of Competing Interest
The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.
Acknowledgments
This work is supported by Basic Research Project of Shenzhen, China (No. JCYJ20180507183624136), Key-Area Research and Development Program of Guangdong Province, China (No. 2019B010136001), National Natural Science Foundation of China (No. 61872109), and Basic Research Project (Key Program) of Shenzhen, China (No.JCYJ20200109113405927).
Yulin Wu received the Bachelor degree in information security from Northeastern University, China in 2016. Since 2016, she has been a Ph.D. degree candidate in computer science at Harbin Institute of Technology, Shenzhen, China. Her research interests include secure multi-party computation, secure outsourcing computation, and cloud security.
References (52)
- et al.
The role of big data analytics in industrial internet of things
Future Gener. Comput. Syst.
(2019) Protocols for secure computations
23rd Annual Symposium on Foundations of Computer Science (SFCS 1982)
(1982)- et al.
SecureML: a system for scalable privacy-preserving machine learning
2017 IEEE Symposium on Security and Privacy (SP)
(2017) - et al.
ABY3: a mixed protocol framework for machine learning
Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security
(2018) - et al.
Chameleon: a hybrid secure computation framework for machine learning applications
Proceedings of the 2018 on Asia Conference on Computer and Communications Security
(2018) - et al.
Flash: Fast and Robust Framework for Privacy-Preserving Machine Learning
(2020) - et al.
Privacy-preserving SVM on outsourced genomic data via secure multi-party computation
Proceedings of the Sixth International Workshop on Security and Privacy Analytics
(2020) - et al.
Efficient genome-wide, privacy-preserving similar patient query based on private edit distance
(2015) - et al.
Secure and efficient multiparty computation on genomic data
Proceedings of the 20th International Database Engineering and Applications Symposium
(2016) Big Data: The Next Frontier for Innovation, Competition, and Productivity
Technical Report
(2011)
The Road to 2020 and Beyond: What’s Driving the Global Automotive Industry
Technical Report
Big Data and Analytics in the Automotive Industry Automotive Analytics Thought Piece
Technical Report
Big Data and Analytics in the Automotive Industry
Technical Report
2018 Global State of Enterprise Analytics Report
Technical Report
Secure outsourced garbled circuit evaluation for mobile devices
USENIX Security Symposium
Whitewash: outsourcing garbled circuit generation for mobile devices
Proceedings of the 30th Annual Computer Security Applications Conference
Outsourcing Secure Two-Party Computation as a Black Box
Efficient server-aided secure two-party function evaluation with applications to genomic computation
Proceedings on Privacy Enhancing Technologies
Efficient server-aided 2pc for mobile phones
Efficient server-aided secure two-party computation in heterogeneous mobile cloud computing
IEEE Trans. Depend. Secure Comput.
Salus: a system for server-aided secure function evaluation
Proceedings of the 2012 ACM Conference on Computer and Communications Security
A framework for outsourcing of secure computation
Proceedings of the 6th edition of the ACM Workshop on Cloud Computing Security
Server-aided secure computation with off-line parties
European Symposium on Research in Computer Security
How to generate and exchange secrets
The 27th Annual Symposium on Foundations of Computer Science
The round complexity of secure protocols
STOC
Cited by (15)
A robust analysis of adversarial attacks on federated learning environments
2023, Computer Standards and InterfacesPractical reusable garbled circuits with parallel updates
2023, Computer Standards and InterfacesA direct construction of continuous leakage-resilient (H)IBE scheme with CCA security from dual system encryption
2023, Computer Standards and InterfacesCitation Excerpt :In the next stage, we will study the leakage resilience of partial cryptographic primitives, for example, group encryption [38], attribute-based signature [39,40], signcryption [41], keyword search [42], wildcarded IBE [43], etc. Furthermore, we also design the application protocols that can the original security in the leakage environment, such as, multi-party secure computing [44–46], cloud storage [47], asynchronous messaging [48], encrypted cloud email [49], trapdoor delegation [50], etc. Yanwei Zhou: Methodology, Formal analysis, Writing – original draft.
A fast and flexible attribute-based searchable encryption scheme supporting multi-search mechanism in cloud computing
2022, Computer Standards and InterfacesCitation Excerpt :With the development of the internet of things (IoT) including the wearable sensors and participatory form of a sensor network [1,2], more and more users have entrust data sharing and platform construction to proxy cloud service providers (PCSP) [3–5] through the IoT technology.
A designated cloud server-based multi-user certificateless public key authenticated encryption with conjunctive keyword search against IKGA
2022, Computer Standards and InterfacesCitation Excerpt :To overcome the above problems, the cloud environment plays a vital role. It offers many services like computing, storage, management, for which cloud storage is the most important[3–6]. Furthermore, the cloud storage system (remote) provides a massive amount of space to the users, allows them to place their data in the storage of an untrusted cloud server, and enables the users to gain access to the data over wireless networks [7,8].
Yulin Wu received the Bachelor degree in information security from Northeastern University, China in 2016. Since 2016, she has been a Ph.D. degree candidate in computer science at Harbin Institute of Technology, Shenzhen, China. Her research interests include secure multi-party computation, secure outsourcing computation, and cloud security.
Xuan Wang received the Ph.D. degree in computer science from Harbin Institute of Technology in 1997. He is one of the inventors of Microsoft Pinyin, and once worked in Microsoft headquarter in Seattle due to his contribution to Microsoft Pinyin. He is currently the dean of the School of Computer Science and Technology, Harbin Institute of Technology, Shenzhen, China. His main research interests include cybersecurity, information game theory, and artificial intelligence.
Willy Susilo is a senior professor in the School of Computing and Information Technology, Faculty of Engineering and Information Sciences at the University of Wollongong (UOW), Australia. He is the director of Institute of Cybersecurity and Cryptology, School of Computing and Information Technology, UOW and the head of School of Computing and Information Technology at UOW (2015 - now). Prior to this role, he was awarded the prestigious Australian Research Council Future Fellowship in 2009. He has published more than 500 papers in journals and conference proceedings in cryptography and network security. In 2016, he was awarded the "Researcher of the Year” at UOW, due to his research excellence and contributions. He is the Editor-in-Chief of the Elsevier’s Computer Stanrdards & Interface and the Information journal. He is currently an associate editor of IEEE Transactions on Dependable and Secure Computing. He has also served as the program committee member of several international conferences.
Guomin Yang received the Ph.D. degree in computer science from the City University of Hong Kong in 2009. He was a research scientist with the Temasek Laboratories, National University of Singapore, from 2009 to 2012. He is currently an associate professor with the School of Computing and Information Technology, University of Wollongong, Australia. His research mainly focuses on applied cryptography and network security. He received the Australian Research Council Discovery Early Career Researcher Award in 2015.
Zoe L. Jiang received the Ph.D. degree from The University of Hong Kong in 2010. She is currently an associate professor with the School of Computer Science and Technology, Harbin Institute of Technology, Shenzhen, China. Her research interests include artificial intelligence security, federated learning, blockchain privacy protection, and applied cryptography.
Siu-Ming Yiu received the Ph.D. degree from the University of Hong Kong in 1997. He is currently a professor in the Department of Computer Science of the University of Hong Kong. He is also the director of the FinTech & Blockchain Laboratory and associate director of the Center for Information Security and Cryptography (CISC) of the department. His interests include cyber security, cryptography, and FinTech.
Hao Wang received his Ph.D. degree in computer science from Shandong University, China, in 2012. He is currently an associate professor at Shandong Normal University. His primary interest is public key cryptography, in particular, designing cryptographic primitives and provable security. At present, he is focusing on attribute-based cryptography, secure multi-party computation, and blockchain.
- 1
[orcid=0000-0001-7952-7136]
- 2
[orcid=0000-0002-3512-0649]
- 3
[orcid=0000-0002-1562-5105]
- 4
[orcid=0000-0002-4949-7738]
- 5
[orcid=0000-0002-8944-7444]
- 6
[orcid=0000-0002-3975-8500]
- 7
[orcid=0000-0003-3472-3699]