{"title":"重新审视可验证(外包)计算中使用的隐私保护变换","authors":"Liang Zhao, Liqun Chen","doi":"10.1109/TDSC.2023.3334890","DOIUrl":null,"url":null,"abstract":"Recently, a privacy-preserving technique called Privacy-Preserving Matrix Transformation (PPMT) is widely used to construct efficient privacy-preserving Verifiable (outsourced) Computation (VC) protocols for specific functions. This technique is first proposed and formalized by Salinas et al. in 2015, and it enjoys provable privacy and high efficiency. Although it seems that Salinas et al.'s PPMT scheme and the further modified scheme are elegant, we still need to take a step back and precisely discuss whether the PPMT schemes are suitable choices for VC protocols. Since Salinas et al. gave two concrete PPMT schemes to achieve the matrix-related VC in data protection and proved that their schemes are private (in terms of indistinguishability), and Zhou et al. devised a new type of PPMT scheme for the same purpose, we focus on exploring privacy of these three types of PPMT schemes. In this article, to achieve our object, we first propose the concept of a linear distinguisher and two constructions of the linear distinguisher algorithms. In particular, the linear distinguisher is a polynomial-time algorithm employed by an adversary to explore the privacy property of a cryptographic primitive. Then, we take these three PPMT schemes (including Salinas et al.'s original work, Yu et al.'s generalization and Zhou et al.'s variant) as targets and analyze their privacy property by letting an adversary make use of our linear distinguisher algorithms. The analysis results show that all these three types of transformations do not hold privacy even against passive eavesdropping (i.e., a ciphertext-only attack), and subsequently, the privacy-preserving VC protocols, based on any of these PPMT schemes, also do not hold the same privacy.","PeriodicalId":13047,"journal":{"name":"IEEE Transactions on Dependable and Secure Computing","volume":null,"pages":null},"PeriodicalIF":7.0000,"publicationDate":"2024-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Privacy-Preserving Transformation Used in Verifiable (Outsourced) Computation, Revisited\",\"authors\":\"Liang Zhao, Liqun Chen\",\"doi\":\"10.1109/TDSC.2023.3334890\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Recently, a privacy-preserving technique called Privacy-Preserving Matrix Transformation (PPMT) is widely used to construct efficient privacy-preserving Verifiable (outsourced) Computation (VC) protocols for specific functions. This technique is first proposed and formalized by Salinas et al. in 2015, and it enjoys provable privacy and high efficiency. Although it seems that Salinas et al.'s PPMT scheme and the further modified scheme are elegant, we still need to take a step back and precisely discuss whether the PPMT schemes are suitable choices for VC protocols. Since Salinas et al. gave two concrete PPMT schemes to achieve the matrix-related VC in data protection and proved that their schemes are private (in terms of indistinguishability), and Zhou et al. devised a new type of PPMT scheme for the same purpose, we focus on exploring privacy of these three types of PPMT schemes. In this article, to achieve our object, we first propose the concept of a linear distinguisher and two constructions of the linear distinguisher algorithms. In particular, the linear distinguisher is a polynomial-time algorithm employed by an adversary to explore the privacy property of a cryptographic primitive. Then, we take these three PPMT schemes (including Salinas et al.'s original work, Yu et al.'s generalization and Zhou et al.'s variant) as targets and analyze their privacy property by letting an adversary make use of our linear distinguisher algorithms. The analysis results show that all these three types of transformations do not hold privacy even against passive eavesdropping (i.e., a ciphertext-only attack), and subsequently, the privacy-preserving VC protocols, based on any of these PPMT schemes, also do not hold the same privacy.\",\"PeriodicalId\":13047,\"journal\":{\"name\":\"IEEE Transactions on Dependable and Secure Computing\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":7.0000,\"publicationDate\":\"2024-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Transactions on Dependable and Secure Computing\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1109/TDSC.2023.3334890\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Dependable and Secure Computing","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1109/TDSC.2023.3334890","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
Privacy-Preserving Transformation Used in Verifiable (Outsourced) Computation, Revisited
Recently, a privacy-preserving technique called Privacy-Preserving Matrix Transformation (PPMT) is widely used to construct efficient privacy-preserving Verifiable (outsourced) Computation (VC) protocols for specific functions. This technique is first proposed and formalized by Salinas et al. in 2015, and it enjoys provable privacy and high efficiency. Although it seems that Salinas et al.'s PPMT scheme and the further modified scheme are elegant, we still need to take a step back and precisely discuss whether the PPMT schemes are suitable choices for VC protocols. Since Salinas et al. gave two concrete PPMT schemes to achieve the matrix-related VC in data protection and proved that their schemes are private (in terms of indistinguishability), and Zhou et al. devised a new type of PPMT scheme for the same purpose, we focus on exploring privacy of these three types of PPMT schemes. In this article, to achieve our object, we first propose the concept of a linear distinguisher and two constructions of the linear distinguisher algorithms. In particular, the linear distinguisher is a polynomial-time algorithm employed by an adversary to explore the privacy property of a cryptographic primitive. Then, we take these three PPMT schemes (including Salinas et al.'s original work, Yu et al.'s generalization and Zhou et al.'s variant) as targets and analyze their privacy property by letting an adversary make use of our linear distinguisher algorithms. The analysis results show that all these three types of transformations do not hold privacy even against passive eavesdropping (i.e., a ciphertext-only attack), and subsequently, the privacy-preserving VC protocols, based on any of these PPMT schemes, also do not hold the same privacy.
期刊介绍:
The "IEEE Transactions on Dependable and Secure Computing (TDSC)" is a prestigious journal that publishes high-quality, peer-reviewed research in the field of computer science, specifically targeting the development of dependable and secure computing systems and networks. This journal is dedicated to exploring the fundamental principles, methodologies, and mechanisms that enable the design, modeling, and evaluation of systems that meet the required levels of reliability, security, and performance.
The scope of TDSC includes research on measurement, modeling, and simulation techniques that contribute to the understanding and improvement of system performance under various constraints. It also covers the foundations necessary for the joint evaluation, verification, and design of systems that balance performance, security, and dependability.
By publishing archival research results, TDSC aims to provide a valuable resource for researchers, engineers, and practitioners working in the areas of cybersecurity, fault tolerance, and system reliability. The journal's focus on cutting-edge research ensures that it remains at the forefront of advancements in the field, promoting the development of technologies that are critical for the functioning of modern, complex systems.