Fortified Multi-Party Computation: Taking Advantage of Simple Secure Hardware Modules

Brandon Broadnax, Alexander Koch, Jeremias Mechler, Tobias Müller, J. Müller-Quade, Matthias Nagel
{"title":"Fortified Multi-Party Computation: Taking Advantage of Simple Secure Hardware Modules","authors":"Brandon Broadnax, Alexander Koch, Jeremias Mechler, Tobias Müller, J. Müller-Quade, Matthias Nagel","doi":"10.2478/popets-2021-0072","DOIUrl":null,"url":null,"abstract":"Abstract In practice, there are numerous settings where mutually distrusting parties need to perform distributed computations on their private inputs. For instance, participants in a first-price sealed-bid online auction do not want their bids to be disclosed. This problem can be addressed using secure multi-party computation (MPC), where parties can evaluate a publicly known function on their private inputs by executing a specific protocol that only reveals the correct output, but nothing else about the private inputs. Such distributed computations performed over the Internet are susceptible to remote hacks that may take place during the computation. As a consequence, sensitive data such as private bids may leak. All existing MPC protocols do not provide any protection against the consequences of such remote hacks. We present the first MPC protocols that protect the remotely hacked parties’ inputs and outputs from leaking. More specifically, unless the remote hack takes place before the party received its input or all parties are corrupted, a hacker is unable to learn the parties’ inputs and outputs, and is also unable to modify them. We achieve these strong (privacy) guarantees by utilizing the fact that in practice parties may not be susceptible to remote attacks at every point in time, but only while they are online, i.e. able to receive messages. To this end, we model communication via explicit channels. In particular, we introduce channels with an airgap switch (disconnect-able by the party in control of the switch), and unidirectional data diodes. These channels and their isolation properties, together with very few, similarly simple and plausibly remotely unhackable hardware modules serve as the main ingredient for attaining such strong security guarantees. In order to formalize these strong guarantees, we propose the UC with Fortified Security (UC#) framework, a variant of the Universal Composability (UC) framework.","PeriodicalId":74556,"journal":{"name":"Proceedings on Privacy Enhancing Technologies. Privacy Enhancing Technologies Symposium","volume":"2021 1","pages":"312 - 338"},"PeriodicalIF":0.0000,"publicationDate":"2021-07-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings on Privacy Enhancing Technologies. Privacy Enhancing Technologies Symposium","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2478/popets-2021-0072","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3

Abstract

Abstract In practice, there are numerous settings where mutually distrusting parties need to perform distributed computations on their private inputs. For instance, participants in a first-price sealed-bid online auction do not want their bids to be disclosed. This problem can be addressed using secure multi-party computation (MPC), where parties can evaluate a publicly known function on their private inputs by executing a specific protocol that only reveals the correct output, but nothing else about the private inputs. Such distributed computations performed over the Internet are susceptible to remote hacks that may take place during the computation. As a consequence, sensitive data such as private bids may leak. All existing MPC protocols do not provide any protection against the consequences of such remote hacks. We present the first MPC protocols that protect the remotely hacked parties’ inputs and outputs from leaking. More specifically, unless the remote hack takes place before the party received its input or all parties are corrupted, a hacker is unable to learn the parties’ inputs and outputs, and is also unable to modify them. We achieve these strong (privacy) guarantees by utilizing the fact that in practice parties may not be susceptible to remote attacks at every point in time, but only while they are online, i.e. able to receive messages. To this end, we model communication via explicit channels. In particular, we introduce channels with an airgap switch (disconnect-able by the party in control of the switch), and unidirectional data diodes. These channels and their isolation properties, together with very few, similarly simple and plausibly remotely unhackable hardware modules serve as the main ingredient for attaining such strong security guarantees. In order to formalize these strong guarantees, we propose the UC with Fortified Security (UC#) framework, a variant of the Universal Composability (UC) framework.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
强化多方计算:利用简单的安全硬件模块
摘要在实践中,存在许多相互不信任的各方需要对其私人输入执行分布式计算的设置。例如,首次价格密封的在线拍卖的参与者不希望他们的出价被披露。这个问题可以使用安全多方计算(MPC)来解决,在MPC中,各方可以通过执行一个特定的协议来评估其私有输入上的已知函数,该协议只显示正确的输出,而不显示私有输入的其他信息。这种在互联网上执行的分布式计算容易受到计算过程中可能发生的远程黑客攻击。因此,私人投标等敏感数据可能会泄露。所有现有的MPC协议都没有提供任何保护来抵御这种远程黑客攻击的后果。我们提出了第一个MPC协议,可以保护远程黑客入侵方的输入和输出不泄漏。更具体地说,除非远程黑客在一方收到其输入之前发生,或者所有各方都被破坏,否则黑客无法了解各方的输入和输出,也无法修改它们。我们通过利用这样一个事实来实现这些强有力的(隐私)保证,即在实践中,各方可能不会在每个时间点都受到远程攻击,而是只有在他们在线时,即能够接收消息时。为此,我们建立了通过明确渠道进行沟通的模型。特别是,我们引入了带有气隙开关(可由控制开关的一方断开)和单向数据二极管的通道。这些通道及其隔离特性,以及极少数类似简单且看似不可破解的远程硬件模块,是实现如此强大的安全保障的主要因素。为了将这些强保证形式化,我们提出了具有增强安全性的UC(UC#)框架,这是通用可组合性(UC)框架的变体。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
审稿时长
16 weeks
期刊最新文献
Editors' Introduction Compact and Divisible E-Cash with Threshold Issuance On the Robustness of Topics API to a Re-Identification Attack DP-SIPS: A simpler, more scalable mechanism for differentially private partition selection Privacy-Preserving Federated Recurrent Neural Networks
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1