Homomorphic Secret Sharing: Optimizations and Applications

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2017-10-30 DOI:10.1145/3133956.3134107

Elette Boyle, Geoffroy Couteau, N. Gilboa, Y. Ishai, Michele Orrù

{"title":"Homomorphic Secret Sharing: Optimizations and Applications","authors":"Elette Boyle, Geoffroy Couteau, N. Gilboa, Y. Ishai, Michele Orrù","doi":"10.1145/3133956.3134107","DOIUrl":null,"url":null,"abstract":"We continue the study of Homomorphic Secret Sharing (HSS), recently introduced by Boyle et al. (Crypto 2016, Eurocrypt 2017). A (2-party) HSS scheme splits an input x into shares (x0,x1) such that (1) each share computationally hides x, and (2) there exists an efficient homomorphic evaluation algorithm $\\Eval$ such that for any function (or \"program\") from a given class it holds that Eval(x0,P)+Eval(x1,P)=P(x). Boyle et al. show how to construct an HSS scheme for branching programs, with an inverse polynomial error, using discrete-log type assumptions such as DDH. We make two types of contributions. Optimizations. We introduce new optimizations that speed up the previous optimized implementation of Boyle et al. by more than a factor of 30, significantly reduce the share size, and reduce the rate of leakage induced by selective failure. Applications. Our optimizations are motivated by the observation that there are natural application scenarios in which HSS is useful even when applied to simple computations on short inputs. We demonstrate the practical feasibility of our HSS implementation in the context of such applications.","PeriodicalId":191367,"journal":{"name":"Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"77","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3133956.3134107","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 77

Abstract

We continue the study of Homomorphic Secret Sharing (HSS), recently introduced by Boyle et al. (Crypto 2016, Eurocrypt 2017). A (2-party) HSS scheme splits an input x into shares (x0,x1) such that (1) each share computationally hides x, and (2) there exists an efficient homomorphic evaluation algorithm $\Eval$ such that for any function (or "program") from a given class it holds that Eval(x0,P)+Eval(x1,P)=P(x). Boyle et al. show how to construct an HSS scheme for branching programs, with an inverse polynomial error, using discrete-log type assumptions such as DDH. We make two types of contributions. Optimizations. We introduce new optimizations that speed up the previous optimized implementation of Boyle et al. by more than a factor of 30, significantly reduce the share size, and reduce the rate of leakage induced by selective failure. Applications. Our optimizations are motivated by the observation that there are natural application scenarios in which HSS is useful even when applied to simple computations on short inputs. We demonstrate the practical feasibility of our HSS implementation in the context of such applications.

查看原文本刊更多论文

同态秘密共享:优化和应用

我们继续研究同态秘密共享(HSS)，最近由Boyle等人介绍(Crypto 2016, Eurocrypt 2017)。(2-party) HSS方案将输入x分割为共享(x0,x1)，这样(1)每个共享在计算上隐藏x，并且(2)存在一个有效的同态求值算法$\Eval$，使得对于给定类的任何函数(或“程序”)，它保持Eval(x0,P)+Eval(x1,P)=P(x)。Boyle等人展示了如何使用离散对数类型假设(如DDH)为分支程序构建具有逆多项式误差的HSS方案。我们做两种贡献。优化。我们引入了新的优化，将Boyle等人先前优化的实现速度提高了30倍以上，显著降低了份额大小，并降低了由选择性故障引起的泄漏率。应用程序。我们进行优化的动机是观察到存在一些自然的应用场景，在这些场景中，HSS即使应用于短输入的简单计算也是有用的。我们在这些应用的背景下演示了我们的HSS实现的实际可行性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

自引率

0.00%

发文量