September 9, 2013
New Cryptography Could Result In More Secure Computing
Peter Suciu for redOrbit.com – Your Universe Online
Last year, researchers in the United States and Europe reported finding an unexpected vulnerability in the encryption system commonly used to provide privacy and security for online shopping and banking websites, but now new research into cryptography could result in more secure computing.
A new, collaborative study that was conducted between the University of Bristol and Aarhus University could result in changes in securing computations. The findings of this research will be presented at the 18th European Symposium on Research in Computer Security (ESORICS 2013) by Bristol PhD student Peter Scholl from the Department of Computer Science.
Scholl will present the paper, entitled “Practical covertly secure MPC for dishonest majority – or: Breaking the SPDZ limits.” This study builds upon earlier joint work between Bristol and Aarhus and looks to fill in the missing pieces from the group’s prior work, which was presented at the CRYPTO conference in Santa Barbara last year.
The SPDZ – pronounced “Speedz” – is the result of co-development between the two universities and is the basis of the fastest protocol known to implement a theoretical idea that has been dubbed the “Multi-Party Computation.” The concept here is that this protocol, which is a subfield of cryptography, could enable two or more users to compute any function by utilizing secret inputs, without revealing those inputs to either party.
An example cited could be an election, where voters want their respective vote to be counted, but do not want their vote to be made public. Another common problem posed that Multi-Party Computation could address is the one of Yao's Millionaires’ Problem – whereby two millionaires want to determine who has a greater mass wealth without either disclosing actual wealth.
Several applications have looked to address the problem, but the particular protocol developed by the universities takes the Multi-Party Computation from a theoretical tool into actual practical reality, whereby SPDZ allowed the team to compute complex functions in a secure manner, and enabled possible applications in the finance, drugs and chemical industries where computation often needs to be performed on secret data.
“We have demonstrated our protocol to various groups and organizations across the world, and everyone is impressed by how fast we can actually perform secure computations,” said Nigel Smart, Professor of Cryptology in the University of Bristol's Department of Computer Science and leader on the project, via a statement. “Only a few years ago such a theoretical idea becoming reality was considered Alice in Wonderland style over ambitious hope. However, we in Bristol realized around five years ago that a number of advances in different areas would enable the pipe dream to be achieved. It is great that we have been able to demonstrate our foresight was correct.”
As a result of these findings, the University of Bristol is now starting to consider commercializing the protocol via a company, Dyadic Security Limited, which was co-founded by Professor Smart and Professor Yehuda Lindell from Bar-Ilan University in Israel.
The 18th European Symposium will be held in Egham U.K. at Royal Holloway, University of London.