Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Issue title: Selected papers from the 12th Conference on Security and Cryptography for Networks
Guest editors: Clemente Galdi and Vladimir Kolesnikov
Article type: Research Article
Authors: Baum, Carstena | Escudero, Daniela | Pedrouzo-Ulloa, Albertob; * | Scholl, Petera | Troncoso-Pastoriza, Juan Ramónc
Affiliations: [a] Computer Science, Aarhus University, Aarhus, Denmark. E-mails: cbaum@cs.au.dk, escudero@cs.au.dk, peter.scholl@cs.au.dk | [b] atlanTTic Research Center, University of Vigo, Vigo, Galicia, Spain. E-mail: apedrouzo@gts.uvigo.es | [c] Laboratory for Data Security, EPFL, Lausanne, Switzerland. E-mail: juan.troncoso-pastoriza@epfl.ch
Correspondence: [*] Corresponding author. E-mail: apedrouzo@gts.uvigo.es.
Note: [1] This paper is an extended and revised version of a paper presented at the 12th Conference on Security and Cryptography for Networks.
Abstract: An oblivious linear function evaluation protocol, or OLE, is a two-party protocol for the function f(x)=ax+b, where a sender inputs the field elements a, b, and a receiver inputs x and learns f(x). OLE can be used to build secret-shared multiplication, and is an essential component of many secure computation applications including general-purpose multi-party computation, private set intersection and more. In this work, we present several efficient OLE protocols from the ring learning with errors (RLWE) assumption. Technically, we build two new passively secure protocols, which build upon recent advances in homomorphic secret sharing from (R)LWE (Boyle et al. in: EUROCRYPT 2019, Part II (2019) 3–33 Springer), with optimizations tailored to the setting of OLE. We upgrade these to active security using efficient amortized zero-knowledge techniques for lattice relations (Baum et al. in: CRYPTO 2018, Part II (2018) 669–699 Springer), and design new variants of zero-knowledge arguments that are necessary for some of our constructions. Our protocols offer several advantages over existing constructions. Firstly, they have the lowest communication complexity amongst previous, practical protocols from RLWE and other assumptions; secondly, they are conceptually very simple, and have just one round of interaction for the case of OLE where b is randomly chosen. We demonstrate this with an implementation of one of our passively secure protocols, which can perform more than 1 million OLEs per second over the ring Zm, for a 120-bit modulus m, on standard hardware.
Keywords: Oblivious linear evaluation, two-party computation, cryptographic protocols, ring learning with errors, zero-knowledge arguments
DOI: 10.3233/JCS-200116
Journal: Journal of Computer Security, vol. 30, no. 1, pp. 39-78, 2022
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
sales@iospress.com
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
info@iospress.nl
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office info@iospress.nl
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
china@iospress.cn
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
如果您在出版方面需要帮助或有任何建, 件至: editorial@iospress.nl