Secure data exchange: A marketplace in the cloud

Ran Gilad-Bachrach, Kim Laine, Kristin Lauter, Peter Rindal, Mike Rosulek

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

A vast amount of data belonging to companies and individuals is currently stored in the cloud in encrypted form by trustworthy service providers such as Microsoft, Amazon, and Google. Unfortunately, the only way for the cloud to use the data in computations is to first decrypt it, then compute on it, and finally re-encrypt it, resulting in a problematic trade-off between value/utility and security. At a high level, our goal in this paper is to present a general and practical cryptographic solution to this dilemma. More precisely, we describe a scenario that we call Secure Data Exchange (SDE), where several data owners are storing private encrypted data in a semi-honest non-colluding cloud, and an evaluator (a third party) wishes to engage in a secure function evaluation on the data belonging to some subset of the data owners. We require that none of the parties involved learns anything beyond what they already know and what is revealed by the function, even when the parties (except the cloud) are active malicious. We also recognize the ubiquity of scenarios where the lack of an eficient SDE protocol prevents for example business transactions, research collaborations, or mutually beneficial computations on aggregated private data from taking place, and discuss several such scenarios in detail. Our main result is an eficient and practical protocol for enabling SDE using Secure Multi-Party Computation (MPC) in a novel adaptation of the server-aided setting. We also present the details of an implementation along with performance numbers.

Original languageEnglish
Title of host publicationCCSW 2019 - Proceedings of the 2019 ACM SIGSAC Conference on Cloud Computing Security Workshop
Pages117-128
Number of pages12
ISBN (Electronic)9781450368261
DOIs
StatePublished - 11 Nov 2019
Externally publishedYes
Event10th ACM SIGSAC Conference on Cloud Computing Security Workshop, CCSW 2019, co-located with the 26th ACM Conference on Computer and Communications Security, CCS 2019 - London, United Kingdom
Duration: 11 Nov 2019 → …

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security

Conference

Conference10th ACM SIGSAC Conference on Cloud Computing Security Workshop, CCSW 2019, co-located with the 26th ACM Conference on Computer and Communications Security, CCS 2019
Country/TerritoryUnited Kingdom
CityLondon
Period11/11/19 → …

Keywords

  • Cloud computation
  • Secure multi-party computation

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Secure data exchange: A marketplace in the cloud'. Together they form a unique fingerprint.

Cite this