TU Darmstadt / ULB / TUbiblio

Hardware-Assisted Ad-Hoc Secure Two-Party Computation on Smartphones

Demmler, Daniel ; Schneider, Thomas ; Zohner, Michael (2013)
Hardware-Assisted Ad-Hoc Secure Two-Party Computation on Smartphones.
19th Crypto-Day. Stuttgart, Germany (14.11.2013 - 15.11.2013)
Konferenzveröffentlichung, Bibliographie

Kurzbeschreibung (Abstract)

Secure computation allows multiple mutually distrusting parties to jointly compute a function on their private inputs without revealing anything but the function output. This technique is particularly interesting in the context of mobile devices, such as smartphones, where typically highly sensitive user data is stored and processed. The protection of this data is desirable but challenging, due to the computational complexity of secure computation protocols and the limited processing power, memory and battery-life of mobile hardware. In this work we focus on the practical realization of secure two-party computation in a mobile environment and the possibility of enhancing it by using a trusted hardware token. Previous work in the field, e.g., is mainly based on Yao’s garbled circuit protocol [Yao86]. Further protocols employ homomorphic encryption, but are usually limited to a specific use case. We follow a different and more efficient approach by implementing the protocol by Goldreich-Micali-Wigderson and allowing generic functions to be evaluated. This is done on off-the-shelf Android smartphones using a general purpose microSD smartcard. To address the aforementioned performance issues, we shift the most expensive cryptographic operations into an initialization phase on the trusted hardware token. This phase is independent of the function to be evaluated and can be executed locally when the phone is idle, e.g., charging overnight. The pre-generated trusted data enables us to efficiently mask sensitive user data, thus minimizing the ad-hoc computation time. For the purpose of securely distributing this data from the trusted token to the user, we implemented two secure channel protocols on the smartcard. Our proof-of-concept implementation allows for managing the hardware token and running ad- hoc secure two-party computation with several use cases: private set intersection in order to find common contacts or securely scheduling a meeting, optionally with location preferences. However, our implementation is generic, i.e., new functionalities can easily be introduced by providing the Boolean circuit to be evaluated securely. The performance of our mobile implementation is exten- sively evaluated and found to be able to compete with state-of-the-art protocols implemented on desktop PCs.

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2013
Autor(en): Demmler, Daniel ; Schneider, Thomas ; Zohner, Michael
Art des Eintrags: Bibliographie
Titel: Hardware-Assisted Ad-Hoc Secure Two-Party Computation on Smartphones
Sprache: Englisch
Publikationsjahr: 15 November 2013
Veranstaltungstitel: 19th Crypto-Day
Veranstaltungsort: Stuttgart, Germany
Veranstaltungsdatum: 14.11.2013 - 15.11.2013
Kurzbeschreibung (Abstract):

Secure computation allows multiple mutually distrusting parties to jointly compute a function on their private inputs without revealing anything but the function output. This technique is particularly interesting in the context of mobile devices, such as smartphones, where typically highly sensitive user data is stored and processed. The protection of this data is desirable but challenging, due to the computational complexity of secure computation protocols and the limited processing power, memory and battery-life of mobile hardware. In this work we focus on the practical realization of secure two-party computation in a mobile environment and the possibility of enhancing it by using a trusted hardware token. Previous work in the field, e.g., is mainly based on Yao’s garbled circuit protocol [Yao86]. Further protocols employ homomorphic encryption, but are usually limited to a specific use case. We follow a different and more efficient approach by implementing the protocol by Goldreich-Micali-Wigderson and allowing generic functions to be evaluated. This is done on off-the-shelf Android smartphones using a general purpose microSD smartcard. To address the aforementioned performance issues, we shift the most expensive cryptographic operations into an initialization phase on the trusted hardware token. This phase is independent of the function to be evaluated and can be executed locally when the phone is idle, e.g., charging overnight. The pre-generated trusted data enables us to efficiently mask sensitive user data, thus minimizing the ad-hoc computation time. For the purpose of securely distributing this data from the trusted token to the user, we implemented two secure channel protocols on the smartcard. Our proof-of-concept implementation allows for managing the hardware token and running ad- hoc secure two-party computation with several use cases: private set intersection in order to find common contacts or securely scheduling a meeting, optionally with location preferences. However, our implementation is generic, i.e., new functionalities can easily be introduced by providing the Boolean circuit to be evaluated securely. The performance of our mobile implementation is exten- sively evaluated and found to be able to compete with state-of-the-art protocols implemented on desktop PCs.

Freie Schlagworte: Secure Protocols;Secure Data
ID-Nummer: TUD-CS-2013-0425
Fachbereich(e)/-gebiet(e): 20 Fachbereich Informatik
20 Fachbereich Informatik > Kryptographische Protokolle
Profilbereiche
Profilbereiche > Cybersicherheit (CYSEC)
LOEWE
LOEWE > LOEWE-Zentren
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Fachbereich Informatik > EC SPRIDE
20 Fachbereich Informatik > EC SPRIDE > Engineering Cryptographic Protocols (am 01.03.18 aufgegangen in Praktische Kryptographie und Privatheit)
Hinterlegungsdatum: 05 Okt 2016 19:42
Letzte Änderung: 30 Jul 2024 09:11
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen