摘要
在过去十年中,安全多方计算(secure Multi-Party Computation,MPC)已经从纯理论研究发展到成为构建隐私保护应用程序的重要多功能工具。在CCS 2016上,Keller等提出安全多方计算协议-MASCOT,其预处理阶段基于不经意传输协议,而不是类似经典SPDZ协议采用的部分同态加密技术。这使得MASCOT的性能相比SPDZ提升了两个数量级。由于其出色性能和高可用性,MASCOT引起了工业界的广泛关注。但在实际应用环境中,仍然存在MASCOT不能满足的用户需求。其中主要的缺点是MASCOT无法支持在线计算阶段中发生的参与方变更。一个直观的解决方式是在对新的参与方集合重新运行预处理阶段,重新生成在线计算所需的数据材料。但是这明显造成了数据资源与时间的浪费。针对这一实际应用需求,文中在MASCOT的主要组件中进行技术微调,使其适应各类参与方集合发生变化的情况,包括新参与方加入、旧参与方退出以及新参与方替代旧参与方。将对预处理数据材料的处理限制在发生变更的参与方之间,或发生变更的参与方与未发生变更的参与方之间,避免在参与方集合中重新执行整个预处理阶段,有效降低适应参与方变更所需的数据与时间资源。此外,对MASCOT的微调是在保证与原MASCOT一致的功能、性能与安全性的前提下进行的。因此,MASCOT的参与方自适应变体更接近实际应用环境,适合广泛配置在隐私保护应用程序中。对已经配置了MASCOT协议的应用程序,也能快速地采用所提技术添加参与方自适应性。
Over the last decade,secure multi-party computation(MPC)has made a great stride from a major theoretical area to the multi-functional tool for building privacy-preserving applications.At CCS 2016,Keller et al.presented MPC protocol MASCOT with preprocessing phase based on oblivious transfer(OT),instead of somewhat homomorphic encryption that classical SPDZ adopts,which improves by two orders of magnitude compared to SPDZ.Due to its superior performance and high availability,MASCOT has drew a lot of attention from industry.But in practical application environment,there are still users’needs that MASCOT cannot satisfy.The main disadvantage is that it is unable to handle changes in the set of parties during online computing phase.A straight forward solution is to regenerate the raw data materials required for online computation by rerunning the entire preprocessing phase among the new set of parties,which obviously results in a serious waste of data and time resources.For this practical issue,the main components of MASCOT are tweaked to adapt to the various changes of the set of parties,including new parties joining in,old parties dropping out and new parties replacing old parties.By strictly restricting the communications for pre-processed data to parties that have changed,or between parties those have changed and who have not changed,the whole preprocessing phase is avoided to be redone among parties remained after change,and it effectively reduces the data and time for suit parties changing.In addition,the minor modification of MASCOT is carried out on the premise of ensuring the functionality,performance and security consistent with the original MASCOT.In a word,the participant-adaptive variant of MASCOT is closer to the actual application environment and is suitable for extensive deployment in applications with privacy.The technique can also be easily used to add participant adaptability to deployed MASCOT protocol as it only fine-tunes the preprocessing phase in a subtle way.
作者
李艳斌
刘瑜
李木舟
吴韧韬
王鹏达
LI Yan-bin;LIU Yu;LI Mu-zhou;WU Ren-tao;WANG Peng-da(CETC Cloud(Beijing)Technology Co.,LTD,Beijing 100041,China;School of Computer Engineering,Weifang University,Weifang,Shangdong 261061,China;School of Cyber Science and Technology,Shandong University(Qingdao Campus),Qingdao,Shangdong 266237,China)
出处
《计算机科学》
CSCD
北大核心
2020年第S02期380-387,共8页
Computer Science
基金
全国一体化国家大数据中心先导工程(X06002019004)
国家自然科学基金(61902283)
潍坊学院2019年博士科研启动基金(2019BS13)。
