Secure Function Evaluation
   HOME

TheInfoList



Click Here for Items Related To - Secure Function Evaluation
OR:
Secure Function Evaluation on:   [Wikipedia]   [Google]   [Amazon]

Secure two-party computation (2PC) a.k.a. Secure function evaluation is sub-problem of secure multi-party computation (MPC) that has received special attention by researchers because of its close relation to many
cryptographic Cryptography, or cryptology (from grc, , translit=kryptós "hidden, secret"; and ''graphein'', "to write", or '' -logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adve ...
tasks. The goal of 2PC is to create a generic protocol that allows two parties to jointly compute an arbitrary function on their inputs without sharing the value of their inputs with the opposing party. One of the most well known examples of 2PC is Yao's Millionaires' problem, in which two parties, Alice and Bob, are millionaires who wish to determine who is wealthier without revealing their wealth. Formally, Alice has wealth a, Bob has wealth b, and they wish to compute a \geq b without revealing the values a or b. Yao's
garbled circuit protocol Garbled circuit is a cryptographic protocol that enables two-party secure computation in which two mistrusting parties can jointly evaluate a function over their private inputs without the presence of a trusted third party. In the garbled circui ...
for two-party computation only provided security against passive adversaries. One of the first general solutions for achieving security against active adversary was introduced by Goldreich, Micali and Wigderson by applying Zero-Knowledge Proof to enforce semi-honest behavior. This approach was known to be impractical for years due to high complexity overheads. However, significant improvements have been made toward applying this method in 2PC and Abascal, Faghihi Sereshgi, Hazay, Yuval Ishai and Venkitasubramaniam gave the first efficient protocol based on this approach. Another type of 2PC protocols that are secure against active adversaries were proposed by Yehuda Lindell and Benny Pinkas, Ishai, Manoj Prabhakaran and
Amit Sahai Amit Sahai (born 1974) is an American computer scientist. He is a professor of computer science at UCLA and the director of the Center for Encrypted Functionalities. Biography Amit Sahai was born in 1974 in Thousand Oaks, California, to parents ...
and Jesper Buus Nielsen and Claudio Orlandi. Another solution for this problem, that explicitly works with committed input was proposed by Stanisław Jarecki and Vitaly Shmatikov.


Secure multi-party computation


Security

The security of a two-party computation protocol is usually defined through a comparison with an idealised scenario that is secure by definition. The idealised scenario involves a trusted party that collects the input of the two parties mostly client and server over secure channels and returns the result if none of the parties chooses to abort. The cryptographic two-party computation protocol is secure, if it behaves no worse than this ideal protocol, but without the additional trust assumptions. This is usually modeled using a simulator. The task of the simulator is to act as a wrapper around the idealised protocol to make it appear like the cryptographic protocol. The simulation succeeds with respect to an information theoretic, respectively
computationally bounded adversary In information theory, the computationally bounded adversary problem is a different way of looking at the problem of sending data over a noisy channel. In previous models the best that could be done was ensuring correct decoding for up to ''d''/2 e ...
if the output of the simulator is statistically close to, respectively computationally indistinguishable from the output of the cryptographic protocol. A two-party computation protocol is secure if for all adversaries there exists a successful simulator.


See also

* An important primitive in 2PC is oblivious transfer. * Universal composability


References

Cryptography {{crypto-stub