TC: Large: Collaborative Research: Practical Secure Two-Party Computation: Techniques, Tools, and Applications

TC：大型：协作研究：实用安全两方计算：技术、工具和应用

• 批准号: 1111599
• 负责人: Jonathan Katz
• 金额: $ 100万
• 依托单位: University of Maryland, College Park
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2011
• 资助国家: 美国
• 起止时间: 2011-08-15 至 2018-07-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1111599&HistoricalAwards=false
• 关键词: TC; Large; Collaborative; Research; Practical

Many compelling applications involve computations that require sensitive data from two or more individuals. For example, as the cost of personal genome sequencing rapidly plummets many genetics applications will soon be within reach of individuals such as comparing one?s genome with the genomes of different groups of participants in a study to determine which treatment is likely to be most effective. Such comparisons could have tremendous value, but are currently infeasible because of the privacy concerns both for the individual and study participants. What is needed is a way to produce the result of the comparison without exposing either party's private inputs. The ultimate aim of this project is to make privacy-preserving computation practical and accessible enough to be used routinely in applications such as personalized genetics, medical research, and privacy-preserving biometrics.Theoretical solutions to this problem, known as secure multi-party computation, have been known for several decades, including a general solution developed by Andrew Yao based on garbled circuits. Because of its extensive memory use and computational cost, however, the garbled circuits approach has traditionally been considered more of a theoretical curiosity than a practical mechanism for building privacy-preserving applications. Recent developments in cryptographic techniques and new implementation approaches are beginning to change this, however, and admit the possibility of scalable, practical secure computation. This project is designing methods for avoiding the memory bottleneck associated with garbled circuit evaluation by aggressively pipelining circuit generation and evaluation, and exploring a variety of techniques for reducing the size of garbled circuits. Another issue the limits the use of secure computation in practice is the need for standard protocols to assume an honest-but-curious adversary who always follows the specified protocol. This project is developing new techniques for dealing with malicious adversaries, improving the standard cut-and-choose and commit-and-prove approaches by using new cryptographic tools and exploring an alternate model in which a verifiable trusted party generates the circuit but is not trusted with any private data. The project is also developing techniques to audit the information that can be inferred from the result of a secure computation. Another goal is to make secure computation more accessible to developers by developing programming tools for defining secure computations at a high level, based on information-flow analysis and program partitioning.

许多引人注目的应用程序涉及需要来自两个或更多个人的敏感数据的计算。例如，随着个人基因组测序的成本迅速下降，许多遗传学应用将很快进入个人的范围，如比较一个？在一项研究中，将人类的基因组与不同群体参与者的基因组进行比较，以确定哪种治疗可能最有效。这种比较可能具有巨大的价值，但由于个人和研究参与者的隐私问题，目前是不可行的。现在需要的是一种方法，在不暴露任何一方私人投入的情况下产生比较结果。该项目的最终目标是使隐私保护计算足够实用和可访问，以便在个性化遗传学，医学研究和隐私保护生物识别等应用中常规使用。这个问题的理论解决方案，称为安全多方计算，已经知道了几十年，包括Andrew Yao基于乱码电路开发的一般解决方案。然而，由于其大量的内存使用和计算成本，乱码电路方法传统上被认为更多的是一种理论上的好奇心，而不是构建隐私保护应用程序的实际机制。然而，密码技术和新的实现方法的最新发展开始改变这一点，并承认可扩展的，实用的安全计算的可能性。本项目旨在通过积极的流水线电路生成和评估，设计避免与混淆电路评估相关的存储器瓶颈的方法，并探索各种减少混淆电路大小的技术。限制安全计算在实践中使用的另一个问题是，标准协议需要假设一个诚实但好奇的对手总是遵循指定的协议。该项目正在开发新的技术来应对恶意对手，通过使用新的加密工具来改进标准的切割和选择以及提交和证明方法，并探索一种替代模型，其中可验证的可信方生成电路，但不信任任何私人数据。该项目还在开发审计可从安全计算结果推断出的信息的技术。 另一个目标是通过开发基于信息流分析和程序划分的编程工具来定义高级别的安全计算，从而使开发人员更容易访问安全计算。