TY - GEN
T1 - High-throughput semi-honest secure three-party computation with an honest majority
AU - Araki, Toshinori
AU - Furukawa, Jun
AU - Lindell, Yehuda
AU - Nof, Ariel
AU - Ohara, Kazuma
N1 - Publisher Copyright: © 2016 ACM.
PY - 2016/10/24
Y1 - 2016/10/24
N2 - In this paper, we describe a new information-theoretic protocol (and a computationally-secure variant) for secure threeparty computation with an honest majority. The protocol has very minimal computation and communication; for Boolean circuits, each party sends only a single bit for every AND gate (and nothing is sent for XOR gates). Our protocol is (simulation-based) secure in the presence of semi-honest adversaries, and achieves privacy in the client/server model in the presence of malicious adversaries. On a cluster of three 20-core servers with a 10Gbps connection, the implementation of our protocol carries out over 1.3 million AES computations per second, which involves processing over 7 billion gates per second. In addition, we developed a Kerberos extension that replaces the ticketgranting-ticket encryption on the Key Distribution Center (KDC) in MIT-Kerberos with our protocol, using keys/passwords that are shared between the servers. This enables the use of Kerberos while protecting passwords. Our implementation is able to support a login storm of over 35,000 logins per second, which suffices even for very large organizations. Our work demonstrates that high-throughput secure computation is possible on standard hardware.
AB - In this paper, we describe a new information-theoretic protocol (and a computationally-secure variant) for secure threeparty computation with an honest majority. The protocol has very minimal computation and communication; for Boolean circuits, each party sends only a single bit for every AND gate (and nothing is sent for XOR gates). Our protocol is (simulation-based) secure in the presence of semi-honest adversaries, and achieves privacy in the client/server model in the presence of malicious adversaries. On a cluster of three 20-core servers with a 10Gbps connection, the implementation of our protocol carries out over 1.3 million AES computations per second, which involves processing over 7 billion gates per second. In addition, we developed a Kerberos extension that replaces the ticketgranting-ticket encryption on the Key Distribution Center (KDC) in MIT-Kerberos with our protocol, using keys/passwords that are shared between the servers. This enables the use of Kerberos while protecting passwords. Our implementation is able to support a login storm of over 35,000 logins per second, which suffices even for very large organizations. Our work demonstrates that high-throughput secure computation is possible on standard hardware.
UR - http://www.scopus.com/inward/record.url?scp=84995468266&partnerID=8YFLogxK
U2 - 10.1145/2976749.2978331
DO - 10.1145/2976749.2978331
M3 - منشور من مؤتمر
T3 - Proceedings of the ACM Conference on Computer and Communications Security
SP - 805
EP - 817
BT - CCS 2016 - Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security
T2 - 23rd ACM Conference on Computer and Communications Security, CCS 2016
Y2 - 24 October 2016 through 28 October 2016
ER -