Generic server-aided secure multi-party computation in cloud computing

https://doi.org/10.1016/j.csi.2021.103552Get rights and content

Highlights

  • Propose an efficient server-aided MPC protocol, which minimizes the computation overhead for all the client parties.

  • Provide the security guarantee in the scenario, where at most n1 client parties are malicious while the server is semi-honest and non-collusive with any client party.

  • Support the property of fairness, which can be achieved by only one server-aided MPC protocol in the literature.

  • Implement the proposed protocol and show that it achieves superior performance compared with the state-of-the-art result.

Abstract

Cloud computing has become one of the most popular distributed computing paradigms in recent years. With its advantages of low cost, on-demand flexibility, and high data processing abilities, more and more enterprises have adopted the cloud computing paradigm to build up their IT infrastructure. By performing collaborative computation tasks (e.g., big data analysis tasks) with multiple datasets of different correlated enterprises in cloud computing, the generated valuable information will provide the enterprises with higher productivity and financial gains. However, due to the privacy concerns from the enterprises, how to efficiently enable them to achieve secure multi-party joint datasets analysis in cloud computing without leaking their own private dataset becomes a critical but challenging problem for the enterprises. In this paper, focusing on securely performing any collaborative computation task in cloud computing, we construct a generic server-aided secure multi-party computation protocol to tackle the problem. Our solution can provide security guarantee in the setting where at most n-1 client parties are malicious while the server is semi-honest and there is no collusion between the server and clients. The security and experimental performance analysis show that this work is currently the most efficient server-aided secure multi-party computation protocol with the same security guarantee compared with all the previous works to the best of our knowledge.

Introduction

Over the past four decades, secure multi-party computation (MPC) has evolved from a specific tool for solving particular problems (e.g., the millionaires problem [1]) to a generic key cryptography technology for many privacy-preserving applications nowadays, such as privacy-preserving machine learning (e.g., [2], [3], [4], [5]) and privacy-preserving genomic computation (e.g., [6], [7], [8]), to name a few. MPC enables a group of parties {P1,P2,,Pn} who do not trust each other to jointly compute a function f(x1,x2,,xn) with their own private inputs {xi}i[1,n], such that each party Pi can receive the correct output of the function f while leaking no information of its private input xi to the other parties. The generic characteristic of MPC is embodied by the fact that it works for a generalized function f. In other words, any secure computation task that involves multiple parties and aims at not leaking individual private inputs to others can be accomplished using MPC.

In the big data era, data has become an important factor of production comparable to hard assets and human capital [9]. By performing collaborative computation tasks with distributed datasets (e.g., in big data analysis), enterprises can collaborate with multiple correlated enterprises to maximize productivity, improve product quality, perfect product or service delivery, optimize supply chain management, and reduce costs and energy consumption [10].

Since the automotive industry has shaped the global economy and billions of people’s lifestyle [11], we take the automotive industry as an example to clarify how collaborative computation with distributed datasets benefits the whole automotive industry chain [12], [13]. As shown in Figure 1, the automotive industry chain includes raw materials suppliers, auto parts suppliers, automotive manufacturers, dealers, service providers, and users. Various enterprises participate in the automotive industry, and different enterprises have their large numbers of valuable datasets. However, what is important for the whole automotive industry chain is not the scale of datasets that each enterprise owns, but the valuable information generated by cooperative analysis on these multi-party datasets. For example, if the dealers share the user data with the online car selling websites operators to match the user with their user behavior data on that website (such as brands preferences, model preferences, car comparisons, and budgets), and after cooperatively analyzing these two datasets, the result forms the consumers’ motivation and demands for purchasing a car. This analysis result cannot only benefit the dealers to take more targeted marketing actions but can also enable the manufacturers to be more targeted in product design and development. Also, if the manufacturers share the monitoring data of critical automotive components with the maintenance service provider who owns the components inventory data, and the parts suppliers who own the loss standard data, after the cooperative analysis of these three datasets, the result forms early-warning of automotive security. This result can improve the consumers’ awareness of the automotive maintenance and enable the parts suppliers to continually update the quality of parts and make maintenance service provider provide more efficient service based on timely parts supply.

However, enterprises’ privacy concerns make it difficult to perform such collaborative computation tasks with distributed datasets in practice. For enterprises, sharing the unique datasets among different enterprises is tantamount to providing other enterprises their trade secrets. Besides, if the dataset is relevant to consumers, it also involves the issue of consumer privacy, which is protected by the data protection laws of the government (e.g., General Data Protection Regulation of the European Union). These concerns make the enterprises reluctant to share their data directly and result in the data silos problem of enterprises. Therefore, how to enable the enterprises to achieve secure multi-party joint datasets analysis without leaking their own datasets has become a key issue in today’s world. This problem coincides with the concept of MPC. In particular, each enterprise with its private dataset can be regarded as the participant party Pi with its private input xi, and the collaborative computation task expected to be securely computed by the enterprises with distributed datasets can be regarded as the function f(x1,x2,,xn).

Nevertheless, we cannot directly apply the advanced MPC protocols to solve the problem, because the system model for current enterprises to tackle secure computation tasks is different from that of MPC. According to MicroStrategys 2018 Global State of Enterprise Analytics Report [14], 39 percent of global enterprises deployed their data computation platform in the cloud in 2018, while 25 percent of global enterprises are considering moving their data computation platform to the cloud by 2023. Based on this report, it is easy to see that cloud will become the typical choice for most enterprises in the world, especially for traditional industrial enterprises or small and medium-sized enterprises (SMEs) who do not have the powerful ability of big data processing and analysis. As the computation capabilities of enterprise nodes and cloud server nodes can be very different, this forms the sever-aided model that contradicts with the standard MPC system model in which all the parties are assumed to play a similar role and with similar computation ability. If we directly run MPC protocols among the enterprises without considering the server-aided model, this will put higher demands on the capability of enterprises for big data processing and cryptography operations, which will become a burden for SMEs. Also, this may incur incompatibility problems for practical adoption in the future as most computation platforms for enterprises will be built in the server-aided model. Therefore, aiming at efficiently allowing multiple enterprises to perform secure computation tasks with distributed datasets in the cloud computing setting (i.e., server-aided model), we make the following contributions:

(1) Based on the garbled circuit technique, we propose an efficient server-aided MPC protocol. This is the first work that allows the server not only to assist with garbled circuit generation but also perform garbled circuit evaluation, which minimizes the computation overhead for all the client parties.

(2) Our proposed protocol provides security guarantee in the scenario where at most n1 client parties are malicious while the server is semi-honest and non-collusive with any client party.

(3) Our protocol also provides fairness guarantee which can be achieved by only one server-aided MPC protocol in the literature.

(4) We implement our protocol and show that it achieves superior performance compared with the state-of-the-art result. For the 2 client parties setting, our work is 4× faster than the previous best server-aided 2PC work. For the 4 client parties setting, our work improves the efficiency by 83× in comparison with the only implemented server-aided MPC protocol in the malicious model.

Based on the security and experimental performance analysis, we conclude that this work is currently the most efficient server-aided secure multi-party computation protocol with the same security guarantee compared with all the previous works to the best of our knowledge.

Paper Organization. The rest of the paper is organized as follows: The overview of the related works in the literature for server-aided MPC is provided in Section 2. The preliminaries required for the protocol construction are provided in Section 3. The system model, threat model, security goals and security definition are described in Section 4. The detailed protocol construction, the security analysis and the performance evaluation are provided in Section 5–7, respectively. The conclusion of this work is provided in Section 8.

Section snippets

MPC

Through the development of over 30 years, lots of works focusing on improving both asymptotic and concrete efficiency of MPC have come forth. For the garbled circuit based approach, it was first proposed in [25] for 2-party in the semi-honest model. Then, Beaver et al. extended it into the multi-party version [26]. Later, several works continued to promote this kind of research: [27], [28], [29], [30], [31], [32], [33], [34]. The main property of the garbled circuit based approach is the

Garbled circuit technique

As the main cornerstone for the series of works in MPC field, garbled circuit (GC) technique enables the two parties to securely compute the function f without leaking anything except the computation result. The two parties first construct the boolean circuit that represents the function f. For the basic GC scheme, the garbled table for AND gate is shown in Fig. 2, where bα,bβ,bγ{0,1} are the actual bit values for the input wires α,β and the output wire γ; Lα,0/1,Lβ,0/1,Lγ,0/1{0,1}κ are the

System model

There exist n+1 entities in the system: n client parties {Pi}i[n] and one Server, as shown in Fig. 7. we summarize their roles as follows:

  • Server: It is the third party employed to both assist the circuit generation and take the circuit evaluation work for n client parties to securely compute some function f. It has stronger data processing capacity than client parties. It can be the cloud server owned by powerful cloud services providers.

  • P1: It is one of the client parties that requires to

Outline

In order to accomplish any joint datasets big data analysis task, the n client parties and Server need to reach an agreement of the boolean circuit C which properly represents the evaluated function f. Each client party Pi holds its own private input. Their goal is to securely compute the function f while achieving the goals we list above.

There are four phases in this protocol:

(1) Circuit preprocessing phase: Server sends the global MAC keys to each client parties Pi, respectively. Then, n

Security analysis

Following the Definition 1 in Section 4.4, our server-aided multi-party computation protocol is secure under the theorem as follows:

Theorem 1

The efficient server-aided multi-party computation protocol Π securely computes a function f(x1,x2,,xn) in this scenario where at most n1 client parties are malicious while Server is semi-honest.

To prove Theorem 1, we divide the proof into three claims based on the Lemma 1: (1) We prove security when all the client parties and Server are independent and

Experiment setup

Based on Table 1 and the experiment results each work presented, we select works [21] for server-aided 2PC protocols comparison, and the work [22] for server-aided MPC protocols comparison. The reason are listed as follows:

(1) For server-aided 2PC protocols comparison: Since work [21] outperforms all the server-aided 2PC works in the literature, we omit works [15], [16], [17], [18], [19], [20] for comparison.

(2) For server-aided MPC protocols comparison: The work [23] was neither implemented

Conclusions

In order to efficiently achieve secure multi-party joint datasets analysis in cloud computing among different enterprises without leaking their private dataset, we propose a generic secure server-aided MPC protocol. By constructing such a generic protocol, the enterprises can handle any collaborative computation task ideally represented with one or multiple functions in cloud computing. We provide security guarantee in the scenario where at most n-1 client parties are malicious while the server

CRediT authorship contribution statement

Yulin Wu: Conceptualization, Methodology, Writing – original draft, Writing – review & editing. Xuan Wang: Supervision, Funding acquisition, Writing – review & editing. Willy Susilo: Validation, Formal analysis. Guomin Yang: Methodology, Writing – review & editing. Zoe L. Jiang: Formal analysis. Siu-Ming Yiu: Validation. Hao Wang: Writing – review & editing.

Declaration of Competing Interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Acknowledgments

This work is supported by Basic Research Project of Shenzhen, China (No. JCYJ20180507183624136), Key-Area Research and Development Program of Guangdong Province, China (No. 2019B010136001), National Natural Science Foundation of China (No. 61872109), and Basic Research Project (Key Program) of Shenzhen, China (No.JCYJ20200109113405927).

Yulin Wu received the Bachelor degree in information security from Northeastern University, China in 2016. Since 2016, she has been a Ph.D. degree candidate in computer science at Harbin Institute of Technology, Shenzhen, China. Her research interests include secure multi-party computation, secure outsourcing computation, and cloud security.

References (52)

  • M.H. ur Rehman et al.

    The role of big data analytics in industrial internet of things

    Future Gener. Comput. Syst.

    (2019)
  • A.C. Yao

    Protocols for secure computations

    23rd Annual Symposium on Foundations of Computer Science (SFCS 1982)

    (1982)
  • P. Mohassel et al.

    SecureML: a system for scalable privacy-preserving machine learning

    2017 IEEE Symposium on Security and Privacy (SP)

    (2017)
  • P. Mohassel et al.

    ABY3: a mixed protocol framework for machine learning

    Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security

    (2018)
  • M.S. Riazi et al.

    Chameleon: a hybrid secure computation framework for machine learning applications

    Proceedings of the 2018 on Asia Conference on Computer and Communications Security

    (2018)
  • M. Byali et al.

    Flash: Fast and Robust Framework for Privacy-Preserving Machine Learning

    (2020)
  • H. Chen et al.

    Privacy-preserving SVM on outsourced genomic data via secure multi-party computation

    Proceedings of the Sixth International Workshop on Security and Privacy Analytics

    (2020)
  • X.S. Wang et al.

    Efficient genome-wide, privacy-preserving similar patient query based on private edit distance

    (2015)
  • M.M. Al Aziz et al.

    Secure and efficient multiparty computation on genomic data

    Proceedings of the 20th International Database Engineering and Applications Symposium

    (2016)
  • M. Company

    Big Data: The Next Frontier for Innovation, Competition, and Productivity

    Technical Report

    (2011)
  • D. Mohr et al.

    The Road to 2020 and Beyond: What’s Driving the Global Automotive Industry

    Technical Report

    (2013)
  • M. Woodward et al.

    Big Data and Analytics in the Automotive Industry Automotive Analytics Thought Piece

    Technical Report

    (2015)
  • N. Andersen et al.

    Big Data and Analytics in the Automotive Industry

    Technical Report

    (2015)
  • MicroStrategy

    2018 Global State of Enterprise Analytics Report

    Technical Report

    (2018)
  • S. Kamara, P. Mohassel, M. Raykova, Outsourcing multi-party computation, 2011, (Cryptology ePrint Archive, Report...
  • H. Carter et al.

    Secure outsourced garbled circuit evaluation for mobile devices

    USENIX Security Symposium

    (2013)
  • H. Carter et al.

    Whitewash: outsourcing garbled circuit generation for mobile devices

    Proceedings of the 30th Annual Computer Security Applications Conference

    (2014)
  • H. Carter et al.

    Outsourcing Secure Two-Party Computation as a Black Box

    (2016)
  • M. Blanton et al.

    Efficient server-aided secure two-party function evaluation with applications to genomic computation

    Proceedings on Privacy Enhancing Technologies

    (2016)
  • P. Mohassel et al.

    Efficient server-aided 2pc for mobile phones

    (2016)
  • Y. Wu et al.

    Efficient server-aided secure two-party computation in heterogeneous mobile cloud computing

    IEEE Trans. Depend. Secure Comput.

    (2020)
  • S. Kamara et al.

    Salus: a system for server-aided secure function evaluation

    Proceedings of the 2012 ACM Conference on Computer and Communications Security

    (2012)
  • T.P. Jakobsen et al.

    A framework for outsourcing of secure computation

    Proceedings of the 6th edition of the ACM Workshop on Cloud Computing Security

    (2014)
  • F. Baldimtsi et al.

    Server-aided secure computation with off-line parties

    European Symposium on Research in Computer Security

    (2017)
  • A.C.-C. Yao

    How to generate and exchange secrets

    The 27th Annual Symposium on Foundations of Computer Science

    (1986)
  • D. Beaver et al.

    The round complexity of secure protocols

    STOC

    (1990)
  • Cited by (15)

    • Practical reusable garbled circuits with parallel updates

      2023, Computer Standards and Interfaces
    • A direct construction of continuous leakage-resilient (H)IBE scheme with CCA security from dual system encryption

      2023, Computer Standards and Interfaces
      Citation Excerpt :

      In the next stage, we will study the leakage resilience of partial cryptographic primitives, for example, group encryption [38], attribute-based signature [39,40], signcryption [41], keyword search [42], wildcarded IBE [43], etc. Furthermore, we also design the application protocols that can the original security in the leakage environment, such as, multi-party secure computing [44–46], cloud storage [47], asynchronous messaging [48], encrypted cloud email [49], trapdoor delegation [50], etc. Yanwei Zhou: Methodology, Formal analysis, Writing – original draft.

    • A fast and flexible attribute-based searchable encryption scheme supporting multi-search mechanism in cloud computing

      2022, Computer Standards and Interfaces
      Citation Excerpt :

      With the development of the internet of things (IoT) including the wearable sensors and participatory form of a sensor network [1,2], more and more users have entrust data sharing and platform construction to proxy cloud service providers (PCSP) [3–5] through the IoT technology.

    • A designated cloud server-based multi-user certificateless public key authenticated encryption with conjunctive keyword search against IKGA

      2022, Computer Standards and Interfaces
      Citation Excerpt :

      To overcome the above problems, the cloud environment plays a vital role. It offers many services like computing, storage, management, for which cloud storage is the most important[3–6]. Furthermore, the cloud storage system (remote) provides a massive amount of space to the users, allows them to place their data in the storage of an untrusted cloud server, and enables the users to gain access to the data over wireless networks [7,8].

    View all citing articles on Scopus

    Yulin Wu received the Bachelor degree in information security from Northeastern University, China in 2016. Since 2016, she has been a Ph.D. degree candidate in computer science at Harbin Institute of Technology, Shenzhen, China. Her research interests include secure multi-party computation, secure outsourcing computation, and cloud security.

    Xuan Wang received the Ph.D. degree in computer science from Harbin Institute of Technology in 1997. He is one of the inventors of Microsoft Pinyin, and once worked in Microsoft headquarter in Seattle due to his contribution to Microsoft Pinyin. He is currently the dean of the School of Computer Science and Technology, Harbin Institute of Technology, Shenzhen, China. His main research interests include cybersecurity, information game theory, and artificial intelligence.

    Willy Susilo is a senior professor in the School of Computing and Information Technology, Faculty of Engineering and Information Sciences at the University of Wollongong (UOW), Australia. He is the director of Institute of Cybersecurity and Cryptology, School of Computing and Information Technology, UOW and the head of School of Computing and Information Technology at UOW (2015 - now). Prior to this role, he was awarded the prestigious Australian Research Council Future Fellowship in 2009. He has published more than 500 papers in journals and conference proceedings in cryptography and network security. In 2016, he was awarded the "Researcher of the Year” at UOW, due to his research excellence and contributions. He is the Editor-in-Chief of the Elsevier’s Computer Stanrdards & Interface and the Information journal. He is currently an associate editor of IEEE Transactions on Dependable and Secure Computing. He has also served as the program committee member of several international conferences.

    Guomin Yang received the Ph.D. degree in computer science from the City University of Hong Kong in 2009. He was a research scientist with the Temasek Laboratories, National University of Singapore, from 2009 to 2012. He is currently an associate professor with the School of Computing and Information Technology, University of Wollongong, Australia. His research mainly focuses on applied cryptography and network security. He received the Australian Research Council Discovery Early Career Researcher Award in 2015.

    Zoe L. Jiang received the Ph.D. degree from The University of Hong Kong in 2010. She is currently an associate professor with the School of Computer Science and Technology, Harbin Institute of Technology, Shenzhen, China. Her research interests include artificial intelligence security, federated learning, blockchain privacy protection, and applied cryptography.

    Siu-Ming Yiu received the Ph.D. degree from the University of Hong Kong in 1997. He is currently a professor in the Department of Computer Science of the University of Hong Kong. He is also the director of the FinTech & Blockchain Laboratory and associate director of the Center for Information Security and Cryptography (CISC) of the department. His interests include cyber security, cryptography, and FinTech.

    Hao Wang received his Ph.D. degree in computer science from Shandong University, China, in 2012. He is currently an associate professor at Shandong Normal University. His primary interest is public key cryptography, in particular, designing cryptographic primitives and provable security. At present, he is focusing on attribute-based cryptography, secure multi-party computation, and blockchain.

    1

    [orcid=0000-0001-7952-7136]

    2

    [orcid=0000-0002-3512-0649]

    3

    [orcid=0000-0002-1562-5105]

    4

    [orcid=0000-0002-4949-7738]

    5

    [orcid=0000-0002-8944-7444]

    6

    [orcid=0000-0002-3975-8500]

    7

    [orcid=0000-0003-3472-3699]

    View full text