Efficient techniques for secure multiparty computation on mobile devices

Carter, Henry Lee

07 January 2016

Smartphones are rapidly becoming a widespread computation platform, with many users relying on their mobile devices as their primary computing device. This popularity has brought about a plethora of mobile applications and services which are designed to efficiently make these limited devices a viable source of entertainment and productivity. This is commonly accomplished by moving the critical application computation to a Cloud or application server managed by the application developer. Unfortunately, the significant number of breaches experienced by mobile application infrastructure and the accompanying loss of private user data indicates the need for stronger security and privacy guarantees before this model of computation can become ubiquitous. The cryptographic community has developed the field of secure multiparty computation (SMC) to allow applications to perform computation over encrypted data. Such a protocol would allow mobile users to keep their private information encrypted while still enjoying the convenience of their Cloud based applications. However, while SMC protocols have seen significant advances in efficiency on desktop and server class machines, they currently require more computation power and memory than is available on commodity smartphones. Furthermore, even as smartphone computational power increases, the mobile-specific limitations of network bandwidth and power usage will always stand as barriers to efficiently executing SMC protocols. This dissertation develops techniques for outsourcing the costly operations in garbled circuit SMC protocols to an untrusted Cloud to allow resource-constrained devices to use this cryptographic primitive. By providing the mobile device with a third party Cloud provider, we show that it is possible for a mobile device to execute a garbled circuit with an application server at approximately the same efficiency as the same computation run between two server class machines. We first show two protocols for outsourcing the garbled circuit evaluation and generation. We develop a novel outsourced oblivious transfer (OOT) protocol to make this type of outsourcing possible. Second, we develop a black box technique for outsourcing any two-party SMC protocol, and show that the overhead incurred by outsourcing is minimal. Finally, we develop a protocol for outsourcing SMC that pro- vides both input privacy and circuit privacy, preventing the assisting Cloud from learning anything about the computation besides the fact that it took place. Through the protocols and the empirical evaluations in this dissertation, we show that executing SMC protocols on mobile devices can be done with comparable efficiency to the desktop platform, and provide techniques to allow for such computation using the latest developments in secure computation.

Server-assisted cryptography

Garbled circuits

Cloud computing

Secure multiparty computation

Mobile privacy