Responsive image
博碩士論文 etd-0718115-113647 詳細資訊
Title page for etd-0718115-113647
論文名稱
Title
安全且可重覆使用之模糊隨機存取機器
Secure Reusable Garbled Random Access Machine
系所名稱
Department
畢業學年期
Year, semester
語文別
Language
學位類別
Degree
頁數
Number of pages
59
研究生
Author
指導教授
Advisor
召集委員
Convenor
口試委員
Advisory Committee
口試日期
Date of Exam
2015-06-24
繳交日期
Date of Submission
2015-08-18
關鍵字
Keywords
亂碼電路、安全計算、亂碼隨機存取機器、惡意模型
Garbled Circuits, Malicious Model, Garbled RAM, Secure Computation
統計
Statistics
本論文已被瀏覽 5731 次,被下載 39
The thesis/dissertation has been browsed 5731 times, has been downloaded 39 times.
中文摘要
在1980年代,Yao提出了一種安全計算方式,可以使得任兩方,一方持有函式f,一方持有資料x的環境中,在不洩漏f和x的情形下計算出f(x),因為這項特性讓亂碼電路得應用變得廣泛,例如雲端外包、委外運算以及資料探勘等方面的應用。但是每次當我們想要模糊一個程式的時候,都必須先將它轉換成電路型式才能加以模糊。在2013年,Lu和Ostrovsky提出了亂碼隨機存取機器,利用虛擬隨機函數以及Beaver-Micali-Rogaway的方法來建構在半誠實模型上的模糊隨機存取機器,這使得隨機存取機器程式可以直接地被模糊化。

在Lu和Ostrovsky的設計中,亂碼資料是可以被重複使用的,但亂碼程式並不能被重複使用。因此我們提出了可以重複使用的模糊隨機存取機器,亂碼資料和亂碼程式都可以重複使用。我們第一個架構設計在半誠實模型上,具有較低的計算成本,但無法防禦惡意攻擊者,適合在信任度較高的環境下運作;而第二個架構構築在Lindell和Pinkas的方法上,Lindell和Pinkas利用Cut-and-Choose演算法來抵禦在安全雙方運算中的惡意攻擊者,我們利用此項特性來協助我們設計能抵擋有惡意攻擊者存在的機制。
Abstract
In 1980s, Yao proposed a secure computation which can allow two parties, one of which has a function f(⋅) and the other one has data x, to compute f(x) without revealing anything about f and x. Garbled circuits got numerous applications. But every time we want to garble a program, we need to convert it into a circuit first. In 2013, Lu and Ostrovsky proposed the garbled random-access machines, which can garble a RAM program directly. They constructed garbled RAM based on the pseudo-random functions and the Beaver-Micali-Rogaway paradigm in the semi-honest model.

In Lu-Ostrovsky construction, the garbled data is reusable, but the garbled programs are not reusable. Therefore, we propose a reusable garbled RAM with both the reusable data and programs. Our first construction is designed in the semi-honest model for less computational cost. The second construction is based on the approach of Lindell and Pinkas, which used the cut-and-choose technique to resist the malicious adversary.
目次 Table of Contents
論文審定書i
Acknowledgments iv
摘要v
Abstract vi
List of Figures ix
List of Tables x
Chapter 1 Introduction 1
1.1 Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.2 Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Chapter 2 Preliminaries 4
2.1 Random Access Machine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
2.2 Oblivious Transfer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
2.3 Secure Two-Party Computation . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.4 Identity-Based Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
2.5 Semi-Honest Model versus Malicious Model . . . . . . . . . . . . . . . . . . . . 9
Chapter 3 Related Works 10
3.1 Yao’s Protocol [38] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
3.2 Abadi et al.’s Protocol [1] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
3.2.1 Review of Abadi et al.’s Protocol . . . . . . . . . . . . . . . . . . . . . . 12
3.3 Beaver et al.’s Protocol [7] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
3.3.1 Review of Beaver et al.’s Protocol . . . . . . . . . . . . . . . . . . . . . 14
3.4 Feige et al.’s Protocol [14] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
3.4.1 Review of Feige et al.’s Protocol . . . . . . . . . . . . . . . . . . . . . . 19
3.5 Gentry et al.’s Protocol [16] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
3.5.1 Review of Gentry et al.’s Protocol . . . . . . . . . . . . . . . . . . . . . 22
Chapter 4 Our Construction 23
4.1 Garbling RAM programs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
4.2 Approach Against Malicious Adversary . . . . . . . . . . . . . . . . . . . . . . . 27
Chapter 5 Security Analysis 30
5.1 Security Notion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
5.2 Double-Encryption Security [30] . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
5.3 Security Proof of Garbled Circuit . . . . . . . . . . . . . . . . . . . . . . . . . . 32
5.4 Security Proof in Semi-Honest Model . . . . . . . . . . . . . . . . . . . . . . . . 34
5.5 Security Proof in Malicious Model . . . . . . . . . . . . . . . . . . . . . . . . . . 38
5.5.1 Security Against a Malicious P . . . . . . . . . . . . . . . . . . . . . . . 38
5.5.2 Security Against a Malicious D . . . . . . . . . . . . . . . . . . . . . . . 39
Chapter 6 Comparison 41
Chapter 7 Conclusion 43
Bibliography 44
參考文獻 References
[1] Martin Abadi and Joan Feigenbaum. Secure circuit evaluation. Journal of Cryptology,
2(1):1–12, 1990.
[2] Benny Applebaum. Key-dependent message security: Generic amplification and completeness.
Journal of Cryptology, 27(3):429–451, 2014.
[3] Benny Applebaum, Yuval Ishai, and Eyal Kushilevitz. Computationally private randomizing
polynomials and their applications. Computational Complexity, 15(2):115–162, 2006.
[4] Benny Applebaum, Yuval Ishai, and Eyal Kushilevitz. From secrecy to soundness: Efficient
verification via secure computation. In Automata, Languages and Programming,
pages 152–163. Springer, 2010.
[5] Benny Applebaum, Yuval Ishai, and Eyal Kushilevitz. How to garble arithmetic circuits.
SIAM Journal on Computing, 43(2):905–929, 2014.
[6] Boaz Barak, Iftach Haitner, Dennis Hofheinz, and Yuval Ishai. Bounded key-dependent
message security. In Advances in Cryptology–EUROCRYPT 2010, pages 423–444.
Springer, 2010.
[7] Donald Beaver, Silvio Micali, and Phillip Rogaway. The round complexity of secure
protocols. In Proceedings of the twenty-second annual ACM symposium on Theory of
computing, pages 503–513. ACM, 1990.
[8] Dan Boneh and Matt Franklin. Identity-based encryption from the weil pairing. In Advances
in Cryptology—CRYPTO 2001, pages 213–229. Springer, 2001.
[9] Michael Brenner, Jan Wiebelitz, Gabriele von Voigt, and Matthew Smith. Secret program
execution in the cloud applying homomorphic encryption. In Digital Ecosystems
and Technologies Conference (DEST), 2011 Proceedings of the 5th IEEE International
Conference on, pages 114–119. IEEE, 2011.
[10] Christian Cachin, Jan Camenisch, Joe Kilian, and Joy Müller. One-round secure computation
and secure autonomous mobile agents. Springer, 2000.
[11] Ran Canetti. Security and composition of multiparty cryptographic protocols. Journal of
Cryptology, 13(1):143–202, 2000.
[12] Clifford Cocks. An identity based encryption scheme based on quadratic residues. In
Cryptography and coding, pages 360–363. Springer, 2001.
[13] Shimon Even, Oded Goldreich, and Abraham Lempel. A randomized protocol for signing
contracts. Communications of the ACM, 28(6):637–647, 1985.
[14] Uri Feige, Joe Killian, and Moni Naor. A minimal model for secure computation. In
Proceedings of the twenty-sixth annual ACM symposium on Theory of computing, pages
554–563. ACM, 1994.
[15] Matthew Franklin and Moti Yung. Communication complexity of secure computation. In
Proceedings of the twenty-fourth annual ACM symposium on Theory of computing, pages
699–710. ACM, 1992.
[16] Craig Gentry, Shai Halevi, Steve Lu, Rafail Ostrovsky, Mariana Raykova, and Daniel
Wichs. Garbled ram revisited. In Advances in Cryptology–EUROCRYPT 2014, pages
405–422. Springer, 2014.
[17] Oded Goldreich. Cryptography and cryptographic protocols. 2001.
[18] Oded Goldreich, Silvio Micali, and Avi Wigderson. How to play any mental game. In
Proceedings of the nineteenth annual ACM symposium on Theory of computing, pages
218–229. ACM, 1987.
[19] Oded Goldreich and Rafail Ostrovsky. Software protection and simulation on oblivious
rams. Journal of the ACM (JACM), 43(3):431–473, 1996.
[20] Yuval Ishai and Eyal Kushilevitz. Randomizing polynomials: A new representation with
applications to round-efficient secure computation. In Foundations of Computer Science,
2000. Proceedings. 41st Annual Symposium on, pages 294–304. IEEE, 2000.
[21] Yuval Ishai and Eyal Kushilevitz. Perfect constant-round secure computation via perfect
randomizing polynomials. In Automata, Languages and Programming, pages 244–256.
Springer, 2002.
[22] Yuval Ishai, Eyal Kushilevitz, Rafail Ostrovsky, and Amit Sahai. Cryptography with
constant computational overhead. In Proceedings of the fortieth annual ACM symposium
on Theory of computing, pages 433–442. ACM, 2008.
[23] Stanisław Jarecki and Vitaly Shmatikov. Efficient two-party secure computation on committed
inputs. In Advances in Cryptology-EUROCRYPT 2007, pages 97–114. Springer,
2007.
[24] S Kamara and L Wei. Special-purpose garbled circuits. Unpublished manuscript, 2012.
[25] Seny Kamara, Payman Mohassel, and Mariana Raykova. Outsourcing multi-party computation.
IACR Cryptology ePrint Archive, 2011:272, 2011.
[26] Jonathan Katz and Rafail Ostrovsky. Round-optimal secure two-party computation. In
Advances in Cryptology–CRYPTO 2004, pages 335–354. Springer, 2004.
[27] Mehmet Kiraz. Secure and fair two-party computation. In Proc. of EUROCRYPT, volume
3, 2008.
[28] Yehuda Lindell and Benny Pinkas. A proof of yao’s protocol for secure two-party computation.
In Electronic Colloquium on Computational Complexity, 2004.
[29] Yehuda Lindell and Benny Pinkas. An efficient protocol for secure two-party computation
in the presence of malicious adversaries. In Advances in Cryptology-EUROCRYPT 2007,
pages 52–78. Springer, 2007.
[30] Yehuda Lindell and Benny Pinkas. A proof of security of yao’s protocol for two-party
computation. Journal of Cryptology, 22(2):161–188, 2009.
[31] Yehuda Lindell and Benny Pinkas. Secure two-party computation via cut-and-choose
oblivious transfer. Journal of cryptology, 25(4):680–722, 2012.
[32] Steve Lu and Rafail Ostrovsky. How to garble ram programs. In EUROCRYPT, volume
7881, pages 719–734. Springer, 2013.
[33] Benjamin Mood, Lara Letaw, and Kevin Butler. Memory-efficient garbled circuit generation
for mobile devices. In Financial Cryptography and Data Security, pages 254–268.
Springer, 2012.
[34] Moni Naor, Benny Pinkas, and Reuban Sumner. Privacy preserving auctions and mechanism
design. In Proceedings of the 1st ACM conference on Electronic commerce, pages
129–139. ACM, 1999.
[35] Michael O Rabin. How to exchange secrets with oblivious transfer. IACR Cryptology
ePrint Archive, 2005:187, 2005.
[36] Amit Sahai and Hakan Seyalioglu. Worry-free encryption: functional encryption with
public keys. In Proceedings of the 17th ACM conference on Computer and communications
security, pages 463–472. ACM, 2010.
[37] Adi Shamir. Identity-based cryptosystems and signature schemes. In Advances in cryptology,
pages 47–53. Springer, 1985.
[38] Andrew C Yao. How to generate and exchange secrets. In Foundations of Computer
Science, 1986., 27th Annual Symposium on, pages 162–167. IEEE, 1986.
[39] Andrew Chi-Chih Yao. Protocols for secure computations. In FOCS, volume 82, pages
160–164, 1982.
電子全文 Fulltext
本電子全文僅授權使用者為學術研究之目的,進行個人非營利性質之檢索、閱讀、列印。請遵守中華民國著作權法之相關規定,切勿任意重製、散佈、改作、轉貼、播送,以免觸法。
論文使用權限 Thesis access permission:自定論文開放時間 user define
開放時間 Available:
校內 Campus: 已公開 available
校外 Off-campus: 已公開 available


紙本論文 Printed copies
紙本論文的公開資訊在102學年度以後相對較為完整。如果需要查詢101學年度以前的紙本論文公開資訊,請聯繫圖資處紙本論文服務櫃台。如有不便之處敬請見諒。
開放時間 available 已公開 available

QR Code