{"title":"重新审视可验证(外包)计算中使用的隐私保护变换","authors":"Liang Zhao, Liqun Chen","doi":"10.1109/TDSC.2023.3334890","DOIUrl":null,"url":null,"abstract":"Recently, a privacy-preserving technique called Privacy-Preserving Matrix Transformation (PPMT) is widely used to construct efficient privacy-preserving Verifiable (outsourced) Computation (VC) protocols for specific functions. This technique is first proposed and formalized by Salinas et al. in 2015, and it enjoys provable privacy and high efficiency. Although it seems that Salinas et al.'s PPMT scheme and the further modified scheme are elegant, we still need to take a step back and precisely discuss whether the PPMT schemes are suitable choices for VC protocols. Since Salinas et al. gave two concrete PPMT schemes to achieve the matrix-related VC in data protection and proved that their schemes are private (in terms of indistinguishability), and Zhou et al. devised a new type of PPMT scheme for the same purpose, we focus on exploring privacy of these three types of PPMT schemes. In this article, to achieve our object, we first propose the concept of a linear distinguisher and two constructions of the linear distinguisher algorithms. In particular, the linear distinguisher is a polynomial-time algorithm employed by an adversary to explore the privacy property of a cryptographic primitive. Then, we take these three PPMT schemes (including Salinas et al.'s original work, Yu et al.'s generalization and Zhou et al.'s variant) as targets and analyze their privacy property by letting an adversary make use of our linear distinguisher algorithms. The analysis results show that all these three types of transformations do not hold privacy even against passive eavesdropping (i.e., a ciphertext-only attack), and subsequently, the privacy-preserving VC protocols, based on any of these PPMT schemes, also do not hold the same privacy.","PeriodicalId":7,"journal":{"name":"ACS Applied Polymer Materials","volume":"41 32","pages":"3671-3687"},"PeriodicalIF":5.2000,"publicationDate":"2024-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Privacy-Preserving Transformation Used in Verifiable (Outsourced) Computation, Revisited\",\"authors\":\"Liang Zhao, Liqun Chen\",\"doi\":\"10.1109/TDSC.2023.3334890\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Recently, a privacy-preserving technique called Privacy-Preserving Matrix Transformation (PPMT) is widely used to construct efficient privacy-preserving Verifiable (outsourced) Computation (VC) protocols for specific functions. This technique is first proposed and formalized by Salinas et al. in 2015, and it enjoys provable privacy and high efficiency. Although it seems that Salinas et al.'s PPMT scheme and the further modified scheme are elegant, we still need to take a step back and precisely discuss whether the PPMT schemes are suitable choices for VC protocols. Since Salinas et al. gave two concrete PPMT schemes to achieve the matrix-related VC in data protection and proved that their schemes are private (in terms of indistinguishability), and Zhou et al. devised a new type of PPMT scheme for the same purpose, we focus on exploring privacy of these three types of PPMT schemes. In this article, to achieve our object, we first propose the concept of a linear distinguisher and two constructions of the linear distinguisher algorithms. In particular, the linear distinguisher is a polynomial-time algorithm employed by an adversary to explore the privacy property of a cryptographic primitive. Then, we take these three PPMT schemes (including Salinas et al.'s original work, Yu et al.'s generalization and Zhou et al.'s variant) as targets and analyze their privacy property by letting an adversary make use of our linear distinguisher algorithms. The analysis results show that all these three types of transformations do not hold privacy even against passive eavesdropping (i.e., a ciphertext-only attack), and subsequently, the privacy-preserving VC protocols, based on any of these PPMT schemes, also do not hold the same privacy.\",\"PeriodicalId\":7,\"journal\":{\"name\":\"ACS Applied Polymer Materials\",\"volume\":\"41 32\",\"pages\":\"3671-3687\"},\"PeriodicalIF\":5.2000,\"publicationDate\":\"2024-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"ACS Applied Polymer Materials\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1109/TDSC.2023.3334890\",\"RegionNum\":2,\"RegionCategory\":\"化学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"MATERIALS SCIENCE, MULTIDISCIPLINARY\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACS Applied Polymer Materials","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1109/TDSC.2023.3334890","RegionNum":2,"RegionCategory":"化学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"MATERIALS SCIENCE, MULTIDISCIPLINARY","Score":null,"Total":0}
Privacy-Preserving Transformation Used in Verifiable (Outsourced) Computation, Revisited
Recently, a privacy-preserving technique called Privacy-Preserving Matrix Transformation (PPMT) is widely used to construct efficient privacy-preserving Verifiable (outsourced) Computation (VC) protocols for specific functions. This technique is first proposed and formalized by Salinas et al. in 2015, and it enjoys provable privacy and high efficiency. Although it seems that Salinas et al.'s PPMT scheme and the further modified scheme are elegant, we still need to take a step back and precisely discuss whether the PPMT schemes are suitable choices for VC protocols. Since Salinas et al. gave two concrete PPMT schemes to achieve the matrix-related VC in data protection and proved that their schemes are private (in terms of indistinguishability), and Zhou et al. devised a new type of PPMT scheme for the same purpose, we focus on exploring privacy of these three types of PPMT schemes. In this article, to achieve our object, we first propose the concept of a linear distinguisher and two constructions of the linear distinguisher algorithms. In particular, the linear distinguisher is a polynomial-time algorithm employed by an adversary to explore the privacy property of a cryptographic primitive. Then, we take these three PPMT schemes (including Salinas et al.'s original work, Yu et al.'s generalization and Zhou et al.'s variant) as targets and analyze their privacy property by letting an adversary make use of our linear distinguisher algorithms. The analysis results show that all these three types of transformations do not hold privacy even against passive eavesdropping (i.e., a ciphertext-only attack), and subsequently, the privacy-preserving VC protocols, based on any of these PPMT schemes, also do not hold the same privacy.
期刊介绍:
ACS Applied Polymer Materials is an interdisciplinary journal publishing original research covering all aspects of engineering, chemistry, physics, and biology relevant to applications of polymers.
The journal is devoted to reports of new and original experimental and theoretical research of an applied nature that integrates fundamental knowledge in the areas of materials, engineering, physics, bioscience, polymer science and chemistry into important polymer applications. The journal is specifically interested in work that addresses relationships among structure, processing, morphology, chemistry, properties, and function as well as work that provide insights into mechanisms critical to the performance of the polymer for applications.