Efficient and secure multiparty computation from fixed-key block ciphers

Chun Guo; Jonathan Katz; Xiao Wang; Yu Yu

doi:10.1109/SP40000.2020.00016

Efficient and secure multiparty computation from fixed-key block ciphers

Chun Guo, Jonathan Katz, Xiao Wang, Yu Yu

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

3 Scopus citations

Abstract

Many implementations of secure computation use fixed-key AES (modeled as a random permutation); this results in substantial performance benefits due to existing hardware support for AES and the ability to avoid recomputing the AES key schedule. Surveying these implementations, however, we find that most utilize AES in a heuristic fashion; in the best case this leaves a gap in the security proof, but in many cases we show it allows for explicit attacks.Motivated by this unsatisfactory state of affairs, we initiate a comprehensive study of how to use fixed-key block ciphers for secure computation - in particular for OT extension and circuit garbling - efficiently and securely. Specifically:•We consider several notions of pseudorandomness for hash functions (e.g., correlation robustness), and show provably secure schemes for OT extension, garbling, and other applications based on hash functions satisfying these notions.•We provide provably secure constructions, in the (non-programmable) random-permutation model, of hash functions satisfying the different notions of pseudorandomness we consider.Taken together, our results provide end-to-end security proofs for implementations of secure-computation protocols based on fixed-key block ciphers (modeled as random permutations). Perhaps surprisingly, at the same time our work also results in noticeable performance improvements over the state-of-the-art.

Original language	English (US)
Title of host publication	Proceedings - 2020 IEEE Symposium on Security and Privacy, SP 2020
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	825-841
Number of pages	17
ISBN (Electronic)	9781728134970
DOIs	https://doi.org/10.1109/SP40000.2020.00016
State	Published - May 2020
Event	41st IEEE Symposium on Security and Privacy, SP 2020 - San Francisco, United States Duration: May 18 2020 → May 21 2020

Publication series

Name	Proceedings - IEEE Symposium on Security and Privacy
Volume	2020-May
ISSN (Print)	1081-6011

Conference

Conference	41st IEEE Symposium on Security and Privacy, SP 2020
Country	United States
City	San Francisco
Period	5/18/20 → 5/21/20

ASJC Scopus subject areas

Safety, Risk, Reliability and Quality
Software
Computer Networks and Communications

Access to Document

10.1109/SP40000.2020.00016

Fingerprint Dive into the research topics of 'Efficient and secure multiparty computation from fixed-key block ciphers'. Together they form a unique fingerprint.

Cite this

Guo, C., Katz, J., Wang, X., & Yu, Y. (2020). Efficient and secure multiparty computation from fixed-key block ciphers. In Proceedings - 2020 IEEE Symposium on Security and Privacy, SP 2020 (pp. 825-841). [9152760] (Proceedings - IEEE Symposium on Security and Privacy; Vol. 2020-May). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SP40000.2020.00016

@inproceedings{409aa1124edf4ee0a47d01b775cc27ad,

title = "Efficient and secure multiparty computation from fixed-key block ciphers",

abstract = "Many implementations of secure computation use fixed-key AES (modeled as a random permutation); this results in substantial performance benefits due to existing hardware support for AES and the ability to avoid recomputing the AES key schedule. Surveying these implementations, however, we find that most utilize AES in a heuristic fashion; in the best case this leaves a gap in the security proof, but in many cases we show it allows for explicit attacks.Motivated by this unsatisfactory state of affairs, we initiate a comprehensive study of how to use fixed-key block ciphers for secure computation - in particular for OT extension and circuit garbling - efficiently and securely. Specifically:•We consider several notions of pseudorandomness for hash functions (e.g., correlation robustness), and show provably secure schemes for OT extension, garbling, and other applications based on hash functions satisfying these notions.•We provide provably secure constructions, in the (non-programmable) random-permutation model, of hash functions satisfying the different notions of pseudorandomness we consider.Taken together, our results provide end-to-end security proofs for implementations of secure-computation protocols based on fixed-key block ciphers (modeled as random permutations). Perhaps surprisingly, at the same time our work also results in noticeable performance improvements over the state-of-the-art.",

author = "Chun Guo and Jonathan Katz and Xiao Wang and Yu Yu",

note = "Funding Information: Chun Guo is a post-doc funded by Francois-Xavier Standaert via the ERC project SWORD (724725). Work of Jonathan Katz was supported in part by DARPA and SPAWAR under contract N66001-15-C-4065. Work of Xiao Wang was supported in part by the MACS NSF project, the RISCS institute at Boston University, and a gift from PlatON network. Work of Yu Yu was supported in part by the National Natural Science Foundation of China (Grant numbers 61872236 and 61572192), the National Cryptography Development Fund (Grant number MMJJ20170209), and the Anhui Initiative in Quantum Information Technologies (Grant number AHY150100).; 41st IEEE Symposium on Security and Privacy, SP 2020 ; Conference date: 18-05-2020 Through 21-05-2020",

year = "2020",

month = may,

doi = "10.1109/SP40000.2020.00016",

language = "English (US)",

series = "Proceedings - IEEE Symposium on Security and Privacy",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "825--841",

booktitle = "Proceedings - 2020 IEEE Symposium on Security and Privacy, SP 2020",

address = "United States",

}

Guo, C, Katz, J, Wang, X & Yu, Y 2020, Efficient and secure multiparty computation from fixed-key block ciphers. in Proceedings - 2020 IEEE Symposium on Security and Privacy, SP 2020., 9152760, Proceedings - IEEE Symposium on Security and Privacy, vol. 2020-May, Institute of Electrical and Electronics Engineers Inc., pp. 825-841, 41st IEEE Symposium on Security and Privacy, SP 2020, San Francisco, United States, 5/18/20. https://doi.org/10.1109/SP40000.2020.00016

Efficient and secure multiparty computation from fixed-key block ciphers. / Guo, Chun; Katz, Jonathan; Wang, Xiao; Yu, Yu.

Proceedings - 2020 IEEE Symposium on Security and Privacy, SP 2020. Institute of Electrical and Electronics Engineers Inc., 2020. p. 825-841 9152760 (Proceedings - IEEE Symposium on Security and Privacy; Vol. 2020-May).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Efficient and secure multiparty computation from fixed-key block ciphers

AU - Guo, Chun

AU - Katz, Jonathan

AU - Wang, Xiao

AU - Yu, Yu

N1 - Funding Information: Chun Guo is a post-doc funded by Francois-Xavier Standaert via the ERC project SWORD (724725). Work of Jonathan Katz was supported in part by DARPA and SPAWAR under contract N66001-15-C-4065. Work of Xiao Wang was supported in part by the MACS NSF project, the RISCS institute at Boston University, and a gift from PlatON network. Work of Yu Yu was supported in part by the National Natural Science Foundation of China (Grant numbers 61872236 and 61572192), the National Cryptography Development Fund (Grant number MMJJ20170209), and the Anhui Initiative in Quantum Information Technologies (Grant number AHY150100).

PY - 2020/5

Y1 - 2020/5

N2 - Many implementations of secure computation use fixed-key AES (modeled as a random permutation); this results in substantial performance benefits due to existing hardware support for AES and the ability to avoid recomputing the AES key schedule. Surveying these implementations, however, we find that most utilize AES in a heuristic fashion; in the best case this leaves a gap in the security proof, but in many cases we show it allows for explicit attacks.Motivated by this unsatisfactory state of affairs, we initiate a comprehensive study of how to use fixed-key block ciphers for secure computation - in particular for OT extension and circuit garbling - efficiently and securely. Specifically:•We consider several notions of pseudorandomness for hash functions (e.g., correlation robustness), and show provably secure schemes for OT extension, garbling, and other applications based on hash functions satisfying these notions.•We provide provably secure constructions, in the (non-programmable) random-permutation model, of hash functions satisfying the different notions of pseudorandomness we consider.Taken together, our results provide end-to-end security proofs for implementations of secure-computation protocols based on fixed-key block ciphers (modeled as random permutations). Perhaps surprisingly, at the same time our work also results in noticeable performance improvements over the state-of-the-art.

AB - Many implementations of secure computation use fixed-key AES (modeled as a random permutation); this results in substantial performance benefits due to existing hardware support for AES and the ability to avoid recomputing the AES key schedule. Surveying these implementations, however, we find that most utilize AES in a heuristic fashion; in the best case this leaves a gap in the security proof, but in many cases we show it allows for explicit attacks.Motivated by this unsatisfactory state of affairs, we initiate a comprehensive study of how to use fixed-key block ciphers for secure computation - in particular for OT extension and circuit garbling - efficiently and securely. Specifically:•We consider several notions of pseudorandomness for hash functions (e.g., correlation robustness), and show provably secure schemes for OT extension, garbling, and other applications based on hash functions satisfying these notions.•We provide provably secure constructions, in the (non-programmable) random-permutation model, of hash functions satisfying the different notions of pseudorandomness we consider.Taken together, our results provide end-to-end security proofs for implementations of secure-computation protocols based on fixed-key block ciphers (modeled as random permutations). Perhaps surprisingly, at the same time our work also results in noticeable performance improvements over the state-of-the-art.

UR - http://www.scopus.com/inward/record.url?scp=85089717574&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85089717574&partnerID=8YFLogxK

U2 - 10.1109/SP40000.2020.00016

DO - 10.1109/SP40000.2020.00016

M3 - Conference contribution

AN - SCOPUS:85089717574

T3 - Proceedings - IEEE Symposium on Security and Privacy

SP - 825

EP - 841

BT - Proceedings - 2020 IEEE Symposium on Security and Privacy, SP 2020

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 41st IEEE Symposium on Security and Privacy, SP 2020

Y2 - 18 May 2020 through 21 May 2020

ER -