[Resource Topic] 2016/620: Secure Data Exchange: A Marketplace in the Cloud

Resource Cryptographic protocols
#1

Welcome to the resource topic for 2016/620

Title:
Secure Data Exchange: A Marketplace in the Cloud

Authors: Ran Gilad-Bachrach, Kim Laine, Kristin Lauter, Peter Rindal, Mike Rosulek

Abstract:

A vast amount of data belonging to companies and individuals is currently stored \emph{in the cloud} in encrypted form by trustworthy service providers such as Microsoft, Amazon, and Google. Unfortunately, the only way for the cloud to use the data in computations is to first decrypt it, then compute on it, and finally re-encrypt it, resulting in a problematic trade-off between value/utility and security. At a high level, our goal in this paper is to present a general and practical cryptographic solution to this dilemma. More precisely, we describe a scenario that we call \emph{Secure Data Exchange} (SDE), where several data owners are storing private encrypted data in a semi-honest non-colluding cloud, and an evaluator (a third party) wishes to engage in a secure function evaluation on the data belonging to some subset of the data owners. We require that none of the parties involved learns anything beyond what they already know and what is revealed by the function, even when the parties (except the cloud) are active malicious. We also recognize the ubiquity of scenarios where the lack of an efficient SDE protocol prevents for example business transactions, research collaborations, or mutually beneficial computations on aggregated private data from taking place, and discuss several such scenarios in detail. Our main result is an efficient and practical protocol for enabling SDE using \emph{Secure Multi-Party Computation}~(MPC) in a novel adaptation of the server-aided setting. We also present the details of an implementation along with performance numbers.

ePrint: https://eprint.iacr.org/2016/620

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .