SlideShare uma empresa Scribd logo

Improving-The-Round-Complexity-of-VSS-in-Point-To-Point-Networks

JITENDRA KUMAR PATEL
JITENDRA KUMAR PATEL

To understand and present the techniques on how to improve round complexity in verifiable secret sharing paradigm as academic assignment. I am also assigned on a project where i will need to implement this protocol. VSS : In secret sharing , there is a dealer who shares a secret among a group of n parties in a sharing phase. The requirements are that, for some parameter t < n,any set of t colluding parties gets no information about the dealer’s secret at the end of the sharing phase, yet any set of t+1 parties can recover the dealer’s secret in a later reconstruction phase. Secret sharing assumes the dealer is honest; verifiable secret sharing (VSS) also requires that, no matter what a cheating dealer does (in conjunction with t+1 other colluding parties), there is some unique secret to which the dealer is “committed” by the end of the sharing phase. VSS serves as a fundamental building block in the design of protocols for general secure multi-party computation as well as other specialized goals.

Engenharia
1 de 18
Improving the Round Complexity of VSS in Point-To-Point Networks Jitendra Kumar Patel
ProblemStatement.... ? What is the optimal round complexity of Verifiable Secret Sharing (VSS) ?
EarlierWork.... ? Work of Gennaro et al.(STOC 2001) and Fitzi et al. (TCC 2006) shows that, assuming a broadcast channel, three rounds are necessary and sufficient for efficient VSS. - Assumes broadcast channel available as free - Existing protocol does not attempt to minimize its usage - Poor performance when run over PPP Examples : - For t < n/3, they show an efficient ( i.e. polynomial-time )(4, 3)-round protocol, and an inefficient(3, 2)-round protocol - For t < n/4, they show that two rounds are necessary and sufficient for efficient VSS - For t < n/3, Fitzi et al. show an efficient(3, 2)-round VSS protocol.
Result of this Paper.... ? A VSS protocol, optimal in terms of : • No of rounds in the protocol. • No of invocations of Broadcast Channel. • Satisfies a certain “2-level sharing” property. • Provides base for constructing protocols for General Secure Computation. • Protocol is efficient,that the computation and communication are polynomial in n.
Secret Sharing.... ? In secret sharing - Dealer who shares a secret among a group of n parties - Sharing Phase - Reconstruction Phase The requirements are that : - For t <n, any set of t colluding parties - No information about the dealer’s secret at the end of the sharing - Any set of t+1 parties can recover the dealer’s secret in a Assumption : - The dealer is honest
Verifiable Secret Sharing (VSS) .... ? Just like secret sharing but requires : - No matter what a cheating dealer does (in conjunction with t other colluding parties), there is some unique secret to which the dealer is “committed” by the end of the sharing phase. Perfect VSS, where the security guarantees are : - Unconditional - Privacy is perfect - Protocol is error-free. Perfect VSS is known to be possible if and only if t < n/3
Why this Research.... ? High overhead of emulating a broadcast channel over a point-to-point network. - Protocols are likely to be run in PPP - It is preferable to minimize the number of rounds in which broadcast is used rather than to minimize the total number of rounds. - A constant-round protocol that only uses a single round of broadcast is likely to yield a more round-efficient protocol in a point-to-point setting than any protocol that uses two rounds of broadcast (even that protocol uses no additional rounds) - Examples : VSS protocol of Micali and Rabin vs the “round-optimal” VSS protocol of Fitzi et al.
WeakVerifiable Secret Sharing (WSS) .... ? If the dealer is dishonest then, in the reconstruction phase, each honest party recovers either the dealer’s input or a special failure symbol. Example : - Fitzi et al. Mentioned (3,2)-round WSS protocol - A (5,1)-round WSS protocol is implicitly given by J. Katz, C.-Y. Koo Notation : We say a protocol has round complexity(r,b) if it uses r rounds in total, and b ≤ r of these rounds invoke broadcast.
Modifications .... ? To construct a(3, 1)-round WSS protocol, modify the(3, 2)-round WSS protocol by Fitzi et al. - Does not have the “2-level sharing” property - Cannot directly be plugged in to existing protocols of Secure MPC
Model and Definitions.... ? Standard communication model : - Pairwise private and authenticated channels. - A broadcast channel which can be emulated in a PPP network using a broadcast protocol [ Protocol tolerates t malicious parties signifies it is secure against an adversary who may adaptively corrupt up tot parties during an execution of the protocol and coordinate the actions of these parties as they deviate from the protocol in an arbitrary manner. Parties not corrupted by the adversary are called honest and assumption of a rushing adversary.
VSS and Variants .... ? - Weak verifiable secret sharing - Verifiable secret sharing - Verifiable secret sharing with 2-level sharing
WeakVerifiable Secret Sharing (Cont.).... ? – Two Phase Protocol for parties P = { P1,..., Pn }, – A Distinguished dealer D ∈ P holds initial input S – Tolerating t malicious parties Conditions to hold : - Privacy : If the dealer is honest, at the end of this phase the joint view of the malicious parties is independent of the dealer’s inputs. ] - Correctness : Each honest party Pi outputs a value si at the end of the second phase (RE phase). If the dealer is honest then [ - Weak commitment : At the end of the sharing phase the joint view of the honest parties defines a values such that each honest party will output either s or a default value ⊥ at the end (REC phase). si = s.
Conditions to hold : - Privacy : If the dealer is honest, at the end of this phase the joint view of the malicious parties is independent of the dealer’s inputs. ] - Correctness : Each honest party Pi outputs a value si at the end of the second phase (RE phase). If the dealer is honest then [ - Strong commitment : At the end of the sharing phase the joint view of the honest parties defines a value such that all honest parties will output at the end of the reconstruction phase. – Two Phase Protocol for parties P = { P1,..., Pn }, – A Distinguished dealer D ∈ P holds initial input S – Tolerating t malicious parties Verifiable Secret Sharing.... ? si = s. S' S'
Conditions to hold : - Privacy : If the dealer is honest, at the end of this phase the joint view of the malicious parties is independent of the dealer’s inputs. ] - Correctness : Each honest party Pi outputs a value si at the end of the second phase (RE phase). If the dealer is honest then [ - Commitment with 2-level sharing : - A polynomial p(x) of degree at most t such that for every honest party with all honest parties output = p(0) at the end of REC phase. - For each j ∈ {1,...,n }, there exists a polynomial pj(x) of degree at most t such that pj(0) = p(j) and Si,j = pj(i) for every honest party . – Two Phase Protocol for parties P = { P1,..., Pn }, – A Distinguished dealer D ∈ P holds initial input S – Tolerating t malicious parties VSS with 2-Level Sharing .... ? si = s. si = p(i) Pi S' Pi Pi
Future Directions.... ? - Characterize the optimal round complexity of VSS in point-to-point networks. - Characterize the round complexity of statistical VSS
Reference….. Improving The Round Complexity of VSS in Point-To-Point Networks Jonathan Katz Chiu-Yuen Koob Department of Computer Science, University of Maryland, College Park, MD 20742, USA Ranjit Kumaresana Google Labs, Mountain View, CA 94043, USA Link : http://www.journals.elsevier.com/information-and-computation
Jitendra Kumar Patel www.jitendrapatel.in jitendra.patel@iiitb.org @bewithjitendra facebook.com/bewithjitendrapatel
Improving-The-Round-Complexity-of-VSS-in-Point-To-Point-Networks

Recomendados

Security protocols
Security protocolsSecurity protocols
Security protocolsAbhijit Mondal
 
PBFT
PBFTPBFT
PBFTAnna Yudina
 
Presentation on cyclic redundancy check (crc)
Presentation on cyclic redundancy check (crc)Presentation on cyclic redundancy check (crc)
Presentation on cyclic redundancy check (crc)Sudhanshu Srivastava
 
Tugas komjar 7-yee
Tugas komjar 7-yeeTugas komjar 7-yee
Tugas komjar 7-yeeramasatriaf
 
Fano algorithm
Fano algorithmFano algorithm
Fano algorithmHrudya Balachandran
 
Fast Multiparty Threshold ECDSA with Fast TrustlessSetup
Fast Multiparty Threshold ECDSA with Fast TrustlessSetupFast Multiparty Threshold ECDSA with Fast TrustlessSetup
Fast Multiparty Threshold ECDSA with Fast TrustlessSetupNational Chengchi University
 
M.Sridevi II-M.Sc (computer science)
M.Sridevi II-M.Sc (computer science)M.Sridevi II-M.Sc (computer science)
M.Sridevi II-M.Sc (computer science)SrideviM4
 
Computer Security Lecture 2: Classical Encryption Techniques 1
Computer Security Lecture 2: Classical Encryption Techniques 1Computer Security Lecture 2: Classical Encryption Techniques 1
Computer Security Lecture 2: Classical Encryption Techniques 1Mohamed Loey
 

Recomendados

Security protocols
Security protocolsSecurity protocols
Security protocolsAbhijit Mondal
 
PBFT
PBFTPBFT
PBFTAnna Yudina
 
Presentation on cyclic redundancy check (crc)
Presentation on cyclic redundancy check (crc)Presentation on cyclic redundancy check (crc)
Presentation on cyclic redundancy check (crc)Sudhanshu Srivastava
 
Tugas komjar 7-yee
Tugas komjar 7-yeeTugas komjar 7-yee
Tugas komjar 7-yeeramasatriaf
 
Fano algorithm
Fano algorithmFano algorithm
Fano algorithmHrudya Balachandran
 
Fast Multiparty Threshold ECDSA with Fast TrustlessSetup
Fast Multiparty Threshold ECDSA with Fast TrustlessSetupFast Multiparty Threshold ECDSA with Fast TrustlessSetup
Fast Multiparty Threshold ECDSA with Fast TrustlessSetupNational Chengchi University
 
M.Sridevi II-M.Sc (computer science)
M.Sridevi II-M.Sc (computer science)M.Sridevi II-M.Sc (computer science)
M.Sridevi II-M.Sc (computer science)SrideviM4
 
Computer Security Lecture 2: Classical Encryption Techniques 1
Computer Security Lecture 2: Classical Encryption Techniques 1Computer Security Lecture 2: Classical Encryption Techniques 1
Computer Security Lecture 2: Classical Encryption Techniques 1Mohamed Loey
 
Docker meetup-jan-2015
Docker meetup-jan-2015Docker meetup-jan-2015
Docker meetup-jan-2015JITENDRA KUMAR PATEL
 
Manufacturing Compromise The Emergence of Exploit-as-a-Service
Manufacturing Compromise The Emergence of Exploit-as-a-ServiceManufacturing Compromise The Emergence of Exploit-as-a-Service
Manufacturing Compromise The Emergence of Exploit-as-a-ServiceJITENDRA KUMAR PATEL
 
Introduction-To-SMPC-Philips-Innovation-Campus-SecurityExploded
Introduction-To-SMPC-Philips-Innovation-Campus-SecurityExplodedIntroduction-To-SMPC-Philips-Innovation-Campus-SecurityExploded
Introduction-To-SMPC-Philips-Innovation-Campus-SecurityExplodedJITENDRA KUMAR PATEL
 
Secure 2 Party AES
Secure 2 Party AESSecure 2 Party AES
Secure 2 Party AESJITENDRA KUMAR PATEL
 
Glyph-Placement-Strategy
Glyph-Placement-StrategyGlyph-Placement-Strategy
Glyph-Placement-StrategyJITENDRA KUMAR PATEL
 
Introduction to node.js aka NodeJS
Introduction to node.js aka NodeJSIntroduction to node.js aka NodeJS
Introduction to node.js aka NodeJSJITENDRA KUMAR PATEL
 
Introduction to Web Server Security
Introduction to Web Server SecurityIntroduction to Web Server Security
Introduction to Web Server SecurityJITENDRA KUMAR PATEL
 
N1802029295
N1802029295N1802029295
N1802029295IOSR Journals
 
Protocols and Practices in Using Encryption Chapter 4
Protocols and Practices in Using Encryption Chapter 4Protocols and Practices in Using Encryption Chapter 4
Protocols and Practices in Using Encryption Chapter 4AfiqEfendy Zaen
 
Lecture 10 - Multi-Party Computation Protocols
Lecture 10 - Multi-Party Computation ProtocolsLecture 10 - Multi-Party Computation Protocols
Lecture 10 - Multi-Party Computation ProtocolsUniversity of Rome "La Sapienza"
 
SPDZ-BASED OPTIMISTIC FAIR MULTI-PARTY COMPUTATION
SPDZ-BASED OPTIMISTIC FAIR MULTI-PARTY COMPUTATIONSPDZ-BASED OPTIMISTIC FAIR MULTI-PARTY COMPUTATION
SPDZ-BASED OPTIMISTIC FAIR MULTI-PARTY COMPUTATIONIJNSA Journal
 
Proof of Transit: Securely Verifying a Path or Service Chain
Proof of Transit: Securely Verifying a Path or Service ChainProof of Transit: Securely Verifying a Path or Service Chain
Proof of Transit: Securely Verifying a Path or Service ChainFrank Brockners
 
1901 1903
1901 19031901 1903
1901 1903Editor IJARCET
 
1901 1903
1901 19031901 1903
1901 1903Editor IJARCET
 
transport layer
transport layertransport layer
transport layerBishalWosti1
 
Totem
TotemTotem
Totembin liu
 
Live Streaming With Receiver-Based P2P Multiplexing for Future IPTV Network
Live Streaming With Receiver-Based P2P Multiplexing for Future IPTV NetworkLive Streaming With Receiver-Based P2P Multiplexing for Future IPTV Network
Live Streaming With Receiver-Based P2P Multiplexing for Future IPTV NetworkIJMER
 
Week4 lec1-bscs1
Week4 lec1-bscs1Week4 lec1-bscs1
Week4 lec1-bscs1syedhaiderraza
 
Computer Networking Assignment Help
Computer Networking Assignment HelpComputer Networking Assignment Help
Computer Networking Assignment HelpComputer Network Assignment Help
 
A New Key Agreement Protocol Using BDP and CSP in Non Commutative Groups
A New Key Agreement Protocol Using BDP and CSP in Non Commutative GroupsA New Key Agreement Protocol Using BDP and CSP in Non Commutative Groups
A New Key Agreement Protocol Using BDP and CSP in Non Commutative GroupsEswar Publications
 
Chapter3 transport layer
Chapter3 transport layerChapter3 transport layer
Chapter3 transport layerKhánh Ghẻ
 
12EASApril-3412
12EASApril-341212EASApril-3412
12EASApril-3412Arjit Gupta
 

Mais conteúdo relacionado

Destaque

Manufacturing Compromise The Emergence of Exploit-as-a-Service
Manufacturing Compromise The Emergence of Exploit-as-a-ServiceManufacturing Compromise The Emergence of Exploit-as-a-Service
Manufacturing Compromise The Emergence of Exploit-as-a-ServiceJITENDRA KUMAR PATEL
 
Introduction-To-SMPC-Philips-Innovation-Campus-SecurityExploded
Introduction-To-SMPC-Philips-Innovation-Campus-SecurityExplodedIntroduction-To-SMPC-Philips-Innovation-Campus-SecurityExploded
Introduction-To-SMPC-Philips-Innovation-Campus-SecurityExplodedJITENDRA KUMAR PATEL
 
Introduction to node.js aka NodeJS
Introduction to node.js aka NodeJSIntroduction to node.js aka NodeJS
Introduction to node.js aka NodeJSJITENDRA KUMAR PATEL
 
Introduction to Web Server Security
Introduction to Web Server SecurityIntroduction to Web Server Security
Introduction to Web Server SecurityJITENDRA KUMAR PATEL
 

Destaque (7)

Docker meetup-jan-2015
Docker meetup-jan-2015Docker meetup-jan-2015
Docker meetup-jan-2015
 
Manufacturing Compromise The Emergence of Exploit-as-a-Service
Manufacturing Compromise The Emergence of Exploit-as-a-ServiceManufacturing Compromise The Emergence of Exploit-as-a-Service
Manufacturing Compromise The Emergence of Exploit-as-a-Service
 
Introduction-To-SMPC-Philips-Innovation-Campus-SecurityExploded
Introduction-To-SMPC-Philips-Innovation-Campus-SecurityExplodedIntroduction-To-SMPC-Philips-Innovation-Campus-SecurityExploded
Introduction-To-SMPC-Philips-Innovation-Campus-SecurityExploded
 
Secure 2 Party AES
Secure 2 Party AESSecure 2 Party AES
Secure 2 Party AES
 
Glyph-Placement-Strategy
Glyph-Placement-StrategyGlyph-Placement-Strategy
Glyph-Placement-Strategy
 
Introduction to node.js aka NodeJS
Introduction to node.js aka NodeJSIntroduction to node.js aka NodeJS
Introduction to node.js aka NodeJS
 
Introduction to Web Server Security
Introduction to Web Server SecurityIntroduction to Web Server Security
Introduction to Web Server Security
 

Semelhante a Improving-The-Round-Complexity-of-VSS-in-Point-To-Point-Networks

Protocols and Practices in Using Encryption Chapter 4
Protocols and Practices in Using Encryption Chapter 4Protocols and Practices in Using Encryption Chapter 4
Protocols and Practices in Using Encryption Chapter 4AfiqEfendy Zaen
 
SPDZ-BASED OPTIMISTIC FAIR MULTI-PARTY COMPUTATION
SPDZ-BASED OPTIMISTIC FAIR MULTI-PARTY COMPUTATIONSPDZ-BASED OPTIMISTIC FAIR MULTI-PARTY COMPUTATION
SPDZ-BASED OPTIMISTIC FAIR MULTI-PARTY COMPUTATIONIJNSA Journal
 
Proof of Transit: Securely Verifying a Path or Service Chain
Proof of Transit: Securely Verifying a Path or Service ChainProof of Transit: Securely Verifying a Path or Service Chain
Proof of Transit: Securely Verifying a Path or Service ChainFrank Brockners
 
Live Streaming With Receiver-Based P2P Multiplexing for Future IPTV Network
Live Streaming With Receiver-Based P2P Multiplexing for Future IPTV NetworkLive Streaming With Receiver-Based P2P Multiplexing for Future IPTV Network
Live Streaming With Receiver-Based P2P Multiplexing for Future IPTV NetworkIJMER
 
A New Key Agreement Protocol Using BDP and CSP in Non Commutative Groups
A New Key Agreement Protocol Using BDP and CSP in Non Commutative GroupsA New Key Agreement Protocol Using BDP and CSP in Non Commutative Groups
A New Key Agreement Protocol Using BDP and CSP in Non Commutative GroupsEswar Publications
 
Chapter3 transport layer
Chapter3 transport layerChapter3 transport layer
Chapter3 transport layerKhánh Ghẻ
 
Solid partners, flexible solutions. Do’s and don’ts in tendering for audiovis...
Solid partners, flexible solutions. Do’s and don’ts in tendering for audiovis...Solid partners, flexible solutions. Do’s and don’ts in tendering for audiovis...
Solid partners, flexible solutions. Do’s and don’ts in tendering for audiovis...Brecht Declercq
 

Semelhante a Improving-The-Round-Complexity-of-VSS-in-Point-To-Point-Networks (20)

N1802029295
N1802029295N1802029295
N1802029295
 
Protocols and Practices in Using Encryption Chapter 4
Protocols and Practices in Using Encryption Chapter 4Protocols and Practices in Using Encryption Chapter 4
Protocols and Practices in Using Encryption Chapter 4
 
Lecture 10 - Multi-Party Computation Protocols
Lecture 10 - Multi-Party Computation ProtocolsLecture 10 - Multi-Party Computation Protocols
Lecture 10 - Multi-Party Computation Protocols
 
SPDZ-BASED OPTIMISTIC FAIR MULTI-PARTY COMPUTATION
SPDZ-BASED OPTIMISTIC FAIR MULTI-PARTY COMPUTATIONSPDZ-BASED OPTIMISTIC FAIR MULTI-PARTY COMPUTATION
SPDZ-BASED OPTIMISTIC FAIR MULTI-PARTY COMPUTATION
 
Proof of Transit: Securely Verifying a Path or Service Chain
Proof of Transit: Securely Verifying a Path or Service ChainProof of Transit: Securely Verifying a Path or Service Chain
Proof of Transit: Securely Verifying a Path or Service Chain
 
1901 1903
1901 19031901 1903
1901 1903
 
1901 1903
1901 19031901 1903
1901 1903
 
transport layer
transport layertransport layer
transport layer
 
Totem
TotemTotem
Totem
 
Live Streaming With Receiver-Based P2P Multiplexing for Future IPTV Network
Live Streaming With Receiver-Based P2P Multiplexing for Future IPTV NetworkLive Streaming With Receiver-Based P2P Multiplexing for Future IPTV Network
Live Streaming With Receiver-Based P2P Multiplexing for Future IPTV Network
 
Week4 lec1-bscs1
Week4 lec1-bscs1Week4 lec1-bscs1
Week4 lec1-bscs1
 
Computer Networking Assignment Help
Computer Networking Assignment HelpComputer Networking Assignment Help
Computer Networking Assignment Help
 
A New Key Agreement Protocol Using BDP and CSP in Non Commutative Groups
A New Key Agreement Protocol Using BDP and CSP in Non Commutative GroupsA New Key Agreement Protocol Using BDP and CSP in Non Commutative Groups
A New Key Agreement Protocol Using BDP and CSP in Non Commutative Groups
 
Chapter3 transport layer
Chapter3 transport layerChapter3 transport layer
Chapter3 transport layer
 
12EASApril-3412
12EASApril-341212EASApril-3412
12EASApril-3412
 
Chapter 3 - Transport Layer
Chapter 3 - Transport LayerChapter 3 - Transport Layer
Chapter 3 - Transport Layer
 
Voice and video over ip
Voice and video over ipVoice and video over ip
Voice and video over ip
 
Solid partners, flexible solutions. Do’s and don’ts in tendering for audiovis...
Solid partners, flexible solutions. Do’s and don’ts in tendering for audiovis...Solid partners, flexible solutions. Do’s and don’ts in tendering for audiovis...
Solid partners, flexible solutions. Do’s and don’ts in tendering for audiovis...
 
Data link layer
Data link layerData link layer
Data link layer
 
SCP
SCPSCP
SCP
 

Último

data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfJiananWang21
 
Double rodded leveling 1 pdf activity 01
Double rodded leveling 1 pdf activity 01Double rodded leveling 1 pdf activity 01
Double rodded leveling 1 pdf activity 01KreezheaRecto
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingrknatarajan
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Christo Ananth
 
Vivazz, Mieres Social Housing Design Spain
Vivazz, Mieres Social Housing Design SpainVivazz, Mieres Social Housing Design Spain
Vivazz, Mieres Social Housing Design Spaintimesproduction05
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Call Girls in Nagpur High Profile
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)simmis5
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...roncy bisnoi
 
Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...Christo Ananth
 
Intze Overhead Water Tank Design by Working Stress - IS Method.pdf
Intze Overhead Water Tank Design by Working Stress - IS Method.pdfIntze Overhead Water Tank Design by Working Stress - IS Method.pdf
Intze Overhead Water Tank Design by Working Stress - IS Method.pdfSuman Jyoti
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTbhaskargani46
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performancesivaprakash250
 
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...SUHANI PANDEY
 
UNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular ConduitsUNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular Conduitsrknatarajan
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELL
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELLPVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELL
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELLManishPatel169454
 
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Call Girls in Nagpur High Profile
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdfKamal Acharya
 

Último (20)

data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdf
 
Double rodded leveling 1 pdf activity 01
Double rodded leveling 1 pdf activity 01Double rodded leveling 1 pdf activity 01
Double rodded leveling 1 pdf activity 01
 
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
(INDIRA) Call Girl Meerut Call Now 8617697112 Meerut Escorts 24x7
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
 
Vivazz, Mieres Social Housing Design Spain
Vivazz, Mieres Social Housing Design SpainVivazz, Mieres Social Housing Design Spain
Vivazz, Mieres Social Housing Design Spain
 
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
Top Rated Pune Call Girls Budhwar Peth ⟟ 6297143586 ⟟ Call Me For Genuine Se...
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
 
Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...
 
Intze Overhead Water Tank Design by Working Stress - IS Method.pdf
Intze Overhead Water Tank Design by Working Stress - IS Method.pdfIntze Overhead Water Tank Design by Working Stress - IS Method.pdf
Intze Overhead Water Tank Design by Working Stress - IS Method.pdf
 
Generative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPTGenerative AI or GenAI technology based PPT
Generative AI or GenAI technology based PPT
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
VIP Model Call Girls Kothrud ( Pune ) Call ON 8005736733 Starting From 5K to ...
 
UNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular ConduitsUNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular Conduits
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELL
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELLPVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELL
PVC VS. FIBERGLASS (FRP) GRAVITY SEWER - UNI BELL
 
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
 

Improving-The-Round-Complexity-of-VSS-in-Point-To-Point-Networks

  • 1. Improving the Round Complexity of VSS in Point-To-Point Networks Jitendra Kumar Patel
  • 2. ProblemStatement.... ? What is the optimal round complexity of Verifiable Secret Sharing (VSS) ?
  • 3. EarlierWork.... ? Work of Gennaro et al.(STOC 2001) and Fitzi et al. (TCC 2006) shows that, assuming a broadcast channel, three rounds are necessary and sufficient for efficient VSS. - Assumes broadcast channel available as free - Existing protocol does not attempt to minimize its usage - Poor performance when run over PPP Examples : - For t < n/3, they show an efficient ( i.e. polynomial-time )(4, 3)-round protocol, and an inefficient(3, 2)-round protocol - For t < n/4, they show that two rounds are necessary and sufficient for efficient VSS - For t < n/3, Fitzi et al. show an efficient(3, 2)-round VSS protocol.
  • 4. Result of this Paper.... ? A VSS protocol, optimal in terms of : • No of rounds in the protocol. • No of invocations of Broadcast Channel. • Satisfies a certain “2-level sharing” property. • Provides base for constructing protocols for General Secure Computation. • Protocol is efficient,that the computation and communication are polynomial in n.
  • 5. Secret Sharing.... ? In secret sharing - Dealer who shares a secret among a group of n parties - Sharing Phase - Reconstruction Phase The requirements are that : - For t <n, any set of t colluding parties - No information about the dealer’s secret at the end of the sharing - Any set of t+1 parties can recover the dealer’s secret in a Assumption : - The dealer is honest
  • 6. Verifiable Secret Sharing (VSS) .... ? Just like secret sharing but requires : - No matter what a cheating dealer does (in conjunction with t other colluding parties), there is some unique secret to which the dealer is “committed” by the end of the sharing phase. Perfect VSS, where the security guarantees are : - Unconditional - Privacy is perfect - Protocol is error-free. Perfect VSS is known to be possible if and only if t < n/3
  • 7. Why this Research.... ? High overhead of emulating a broadcast channel over a point-to-point network. - Protocols are likely to be run in PPP - It is preferable to minimize the number of rounds in which broadcast is used rather than to minimize the total number of rounds. - A constant-round protocol that only uses a single round of broadcast is likely to yield a more round-efficient protocol in a point-to-point setting than any protocol that uses two rounds of broadcast (even that protocol uses no additional rounds) - Examples : VSS protocol of Micali and Rabin vs the “round-optimal” VSS protocol of Fitzi et al.
  • 8. WeakVerifiable Secret Sharing (WSS) .... ? If the dealer is dishonest then, in the reconstruction phase, each honest party recovers either the dealer’s input or a special failure symbol. Example : - Fitzi et al. Mentioned (3,2)-round WSS protocol - A (5,1)-round WSS protocol is implicitly given by J. Katz, C.-Y. Koo Notation : We say a protocol has round complexity(r,b) if it uses r rounds in total, and b ≤ r of these rounds invoke broadcast.
  • 9. Modifications .... ? To construct a(3, 1)-round WSS protocol, modify the(3, 2)-round WSS protocol by Fitzi et al. - Does not have the “2-level sharing” property - Cannot directly be plugged in to existing protocols of Secure MPC
  • 10. Model and Definitions.... ? Standard communication model : - Pairwise private and authenticated channels. - A broadcast channel which can be emulated in a PPP network using a broadcast protocol [ Protocol tolerates t malicious parties signifies it is secure against an adversary who may adaptively corrupt up tot parties during an execution of the protocol and coordinate the actions of these parties as they deviate from the protocol in an arbitrary manner. Parties not corrupted by the adversary are called honest and assumption of a rushing adversary.
  • 11. VSS and Variants .... ? - Weak verifiable secret sharing - Verifiable secret sharing - Verifiable secret sharing with 2-level sharing
  • 12. WeakVerifiable Secret Sharing (Cont.).... ? – Two Phase Protocol for parties P = { P1,..., Pn }, – A Distinguished dealer D ∈ P holds initial input S – Tolerating t malicious parties Conditions to hold : - Privacy : If the dealer is honest, at the end of this phase the joint view of the malicious parties is independent of the dealer’s inputs. ] - Correctness : Each honest party Pi outputs a value si at the end of the second phase (RE phase). If the dealer is honest then [ - Weak commitment : At the end of the sharing phase the joint view of the honest parties defines a values such that each honest party will output either s or a default value ⊥ at the end (REC phase). si = s.
  • 13. Conditions to hold : - Privacy : If the dealer is honest, at the end of this phase the joint view of the malicious parties is independent of the dealer’s inputs. ] - Correctness : Each honest party Pi outputs a value si at the end of the second phase (RE phase). If the dealer is honest then [ - Strong commitment : At the end of the sharing phase the joint view of the honest parties defines a value such that all honest parties will output at the end of the reconstruction phase. – Two Phase Protocol for parties P = { P1,..., Pn }, – A Distinguished dealer D ∈ P holds initial input S – Tolerating t malicious parties Verifiable Secret Sharing.... ? si = s. S' S'
  • 14. Conditions to hold : - Privacy : If the dealer is honest, at the end of this phase the joint view of the malicious parties is independent of the dealer’s inputs. ] - Correctness : Each honest party Pi outputs a value si at the end of the second phase (RE phase). If the dealer is honest then [ - Commitment with 2-level sharing : - A polynomial p(x) of degree at most t such that for every honest party with all honest parties output = p(0) at the end of REC phase. - For each j ∈ {1,...,n }, there exists a polynomial pj(x) of degree at most t such that pj(0) = p(j) and Si,j = pj(i) for every honest party . – Two Phase Protocol for parties P = { P1,..., Pn }, – A Distinguished dealer D ∈ P holds initial input S – Tolerating t malicious parties VSS with 2-Level Sharing .... ? si = s. si = p(i) Pi S' Pi Pi
  • 15. Future Directions.... ? - Characterize the optimal round complexity of VSS in point-to-point networks. - Characterize the round complexity of statistical VSS
  • 16. Reference….. Improving The Round Complexity of VSS in Point-To-Point Networks Jonathan Katz Chiu-Yuen Koob Department of Computer Science, University of Maryland, College Park, MD 20742, USA Ranjit Kumaresana Google Labs, Mountain View, CA 94043, USA Link : http://www.journals.elsevier.com/information-and-computation