IIIT Hyderabad Publications |
|||||||||
|
Channel asynchrony and communication complexity in Multi-Party ComputationAuthor: Achintya M Desai 20172001 Date: 2022-06-25 Report no: IIIT/TH/2022/78 Advisor:Kannan Srinathan AbstractEver since secure multi-party computation was successfully showed [6], it has remained an interesting research field in the cryptography community. Multi-party computation is one of the most important primitive in modern cryptography, in which mutually distrusting parties want to compute a functionality over their private data without revealing any additional information about their data. It is well established that the information theoretic multi-party computation among n parties is possible if the number of corrupted nodes t is less than n 2 for semi-honest adversary and the number of corrupted nodes t is less than n 3 for malicious adversary. Despite the progress over past 3 decades, multi-party computation have many improvements to go through before it becomes viable for practical scenarios. Also, there happens to exist many areas which are little explored. In this dissertation we explore one such path where we rely on physical cryptographic assumption rather than the traditional assumptions. The traditional assumptions such as discrete log problem, RSA, etc. are always subject to non-existence of poly time algorithm for computational problems of certain nature. Also, these assumptions do not cover computationally unbounded adversary. The motivation to study such assumption is that the physical cryptographic assumptions can be characterized in a way that they are realistic as well as provide required security guarantees. In this thesis, we discover that channel asynchrony is one such assumption where the channel may not deliver the messages in the same order as they were sent. Usually we use solutions such as sequence number to order the messages in such case but for security such asynchrony happens to be a boon. It is also more efficient practically compared to the protocols in the information theoretic setting. This thesis also solves an open problem in the multi-party computation literature. “Is it possible to remove the dependency on the multiplicative depth of the circuit in the overall communication complexity of a secure MPC protocol while maintaining its efficiency and the restrictions on the number of corruptions such that 3ta + 2tp + tf < n?”. This work is based on the works of Goyal et al. and Hirt et al. Goyal et. al. solve a similar question for active adversarial setting instead of mixed adversary. Hirt et al. have also given the multiplicative depth dependent protocol for mixed adversarial setting. We combine these two works to answer the question stated above in affirmative. Middleboxes in a computer network system inspect and analyse network traffic to detect malicious communications, monitor system performance and provide operational services. However, encrypted traffic, which has become increasingly prevalent, hinders the ability of middleboxes to perform such services. A common practice in addressing this issue is by employing a “Man-in-the-Middle” (MitM)approach, wherein an encrypted traffic flow between two end-points is interrupted, decrypted and analyzed by the middleboxes. The MitM approach is straightforward and is used by many organisations, but there are both practical and privacy concerns. Practically, due to the cost of the MitM appliances and the latency incurred due to the encrypt-decrypt processes, enterprises continue to seek solutions that are less costly and less compute-intensive. There has also been discussion on the many efforts required to configure MitM. Besides, MitM violates end-to-end privacy guarantee, raising privacy concerns and potential issues on compliance especially with the rising awareness on user privacy. Furthermore, some of the MitM implementations were found to be flawed. Consequently, new practical and privacy-preserving techniques that enable inspection over encrypted traffic were proposed. In this thesis, we also systematically examine these techniques to compare their advantages, limitations and challenges. We categorise them into four main categories by defining a framework that consist of system architectures, use cases, trust and threat models. These are searchable encryption, access control, machine learning and trusted hardware. We first discuss the man-in-the-middle approach as a baseline, then discuss in details each of them, and provide an in-depth comparisons of their advantages and limitations. By doing so we describe practical constraints, advantages and pitfalls towards adopting the techniques. Following this, we give insights on the gaps between research work and practical implementation in the industries, which leads us to the discussion on the challenges and research directions. Full thesis: pdf Centre for Security, Theory and Algorithms |
||||||||
Copyright © 2009 - IIIT Hyderabad. All Rights Reserved. |