M. Abadi and J. Feigenbaum, "Secure circuit evaluation," a protocol based on hiding information from an oracle. Journal of Cryptology 2, 1990, pp. 1--12.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....network at MIT. The genetic algorithm finds the absolute maximum value of a function f(x, y) by maintaining a population of chromosomes which contain encoded x and y values. The genetic material is a string of 44 bits, which is divided into two 22bit numbers. The numbers are scaled from the range [0, 22 1] to the range [ 100, 100] and used as inputs to the function. The score of a chromosome is equal to its function value. Thus, since the highest scoring chromosomes come to dominate the population, the population eventually evolves to the point where a maximum is found. Two trial runs were ....

....approach is currently limited to the evaluation of polynomials and rational functions. In fact, it is not clear that they can really handle rational functions either since they note that they still need to come up with a good way to find easily invertible rational functions. They note that others [1] have developed some theoretical methods for the encrypted evaluation of boolean circuits in general, but that these are very inefficient and require a lot of rounds of communication. Poor Efficiency. Secondly, their techniques still seem to be too inefficent for practical use. To be practical, ....

[Article contains additional citation context not shown here]

M. Abadi, and J. Feigenbaum. Secure circuit evaluation, in Journal of Cryptology, 2(1), 1990.

....paper we use our process calculus framework to characterize security requirements for several kinds of cryptographic protocols. The security requirements are expressed in the form that a real protocol emulates an ideal protocol. We focus on oblivious transfer (OT) 24] secure function evaluation [1, 10, 14], zero knowledge proofs [12] and secure channel implementations [7] The OT protocol is a particular case of secure function evaluation, which we present in some detail. We also derive a compositionality property from inherent structural properties of our process calculus. Basically, ....

M. Abadi and J. Feigenbaum. Secure circuit evaluation. Journal of Cryptology, 2(1):1-12, 1990.

....infrastructure can be viewed as follows: The subscriber S would like the network N to compute Jx) without revealing f to N. Here, x is the publication information andf is the subscription function. A closely related topic of interest to subscription confidentiality is secure circuit evaluation [2], which has been studied in various models [4] 9] 27] Secure circuit evaluation hides the circuit 2 from the circuit evaluator. In theory, if computing with encrypted data can be achieved, hiding the circuit can be implemented as encoding the circuit itself as an input to a universal circuit ....

....studied in various models [4] 9] 27] Secure circuit evaluation hides the circuit 2 from the circuit evaluator. In theory, if computing with encrypted data can be achieved, hiding the circuit can be implemented as encoding the circuit itself as an input to a universal circuit evaluation function [2]. In practice, however, it is difficult and often impractical to encode the function as an input to a universal circuit; the proposed schemes often involve an expensive protocol. Another related subject of interest is Private Information Retrieval (PIR) 11] 12] PIR mechanisms allow a user to ....

. M. Abadi and J. Feigenbaum. "Secure Circuit Evaluation". Journal of Cryptology, Vol 2. No. 1: pages 1-12. 1990.

....NSF Grant CCR 0098096. SECURE COMPUTATION IN A PROBABILISTIC POLYNOMIAL TIME PROCESS CALCULUS 1 Introduction Throughout the last years, designing secure protocols has been one of the most prolific areas in cryptography. The branch which deals with secure computation has not been an exception [AF90, Bea91, GM95, HM00] The overall goal of this cryptographic task is to evaluate publicly a function f , guaranteeing in the presence of adversary behavior of some part of the system, the secrecy of the arguments of f , which are hold by the participants. The fact that adversaries are part of the ....

....notion of secure computation. For the sake of simplicity, we focus a very particular case of secure computation called oblivious transfer (OT) Oblivious transfer protocols are building blocks for several other multi party secure computation protocols, like the circuit evaluation protocol [AF90] Therefore, establishing an accurate concept of secure OT is of outmost importance. As discussed in [MR91] any notion of security must be endowed with a composition theorem, which loosely speaking states that composing secure protocols is secure. The composition theorem is specially relevant ....

[Article contains additional citation context not shown here]

M. Abadi and J. Feigenbaum. Secure circuit evaluation. Journal of Cryptology, 2(1):1--12, 1990.

....While not providing full security (hence its efficiency) it can be proved to satisfy our notion of weak security against a malicious client, and can therefore be naturally combined with any of the input selection protocols in this section. The protocol is reminiscent of protocols described in [15, 1, 18, 24]. The arithmetic circuit is evaluated gate by gate. Before evaluating each gate, the server holds a homomorphic encryption of the input values for the gate (where the encryption is under the client s key) At the end of the evaluation of the gate the server holds an encryption of the output value ....

M. Abadi and J. Feigenbaum. Secure circuit evaluation. J. Cryptology 2(1): 1--12 (1990).

....kinds of tasks without the help of the originator. An alternative approach is proposed by Sander and Tschudin [8, 9] by using the techniques of function composition. This research is still at primary stage and is far from being practical. Computing with encrypted data: This is described in [1]. It is theoretically possible but practically still not ideal because of the computational complexity involved and the collaboration with the two parties, original creator of the mobile agent and the executing host. Apart from the above solution, one alternative approach is that a trusted host ....

M. Abadi and J. Feigenbaum, \Secure circuit evaluation", Journal of Cryptology, 2(1), 1990, pp.1-12.

....infrastructure can be viewed as follows: The subscriber S would like the network N to compute f(x) without revealing f to N. Here, x is the publication information and f is the subscription function. A closely related topic of interest to subscription confidentiality is secure circuit evaluation [2], which has been studied in various models [4] 9] 27] Secure circuit evaluation hides the circuit 2 from the circuit evaluator. In theory, if computing with encrypted data can be achieved, hiding the circuit can be implemented as encoding the circuit itself as an input to a universal circuit ....

....studied in various models [4] 9] 27] Secure circuit evaluation hides the circuit 2 from the circuit evaluator. In theory, if computing with encrypted data can be achieved, hiding the circuit can be implemented as encoding the circuit itself as an input to a universal circuit evaluation function [2]. In practice, however, it is difficult and often impractical to encode the function as an input to a universal circuit; the proposed schemes often involve an expensive protocol. Another related subject of interest is Private Information Retrieval (PIR) 11] 12] PIR mechanisms allow a user to ....

. M. Abadi and J. Feigenbaum. "Secure Circuit Evaluation". Journal of Cryptology, Vol 2. No. 1: pages 1-12. 1990.

....internal state of an agent: software agents have no hopes of keeping cryptographic keys secret in a realistic, ecient setting. Distributed function evaluation approaches may seem to apply, but that requires an unrealistic fault model and is not likely to ever be practical. Approaches such as [1, 2, 27] are extremely expensive or have very restricted domains. The privacy of computation is only one aspect of the security picture: the integrity of computation is perhaps more critical. In agent based computing, most researchers have been concentrating on one side of the security issue: protecting ....

Mart  in Abadi and Joan Feigenbaum. Secure circuit evaluation. Journal of Cryptography, 2(1):1-12, 1990.

....by the desired noninteractiveness for mobile agents. We then identify an important class of such encryptable functions, namely polynomials and rational functions. 3. 1 Computing with Encrypted Data The problem of computing with encrypted data (CED) has been described by Abadi and Feigenbaum [1] in the following way: Bob has an algorithm to compute a function f and is willing to compute f(x) for Alice. Alice wants to compute f on her private input x but does not want to reveal x to Bob. Furthermore Alice should not learn anything substantial about the algorithm of Bob for computing f ....

M. Abadi and J. Feigenbaum. Secure circuit evaluation. Journal of Cryptology, 2(1):1--12, 1990.

....by the desired non interactiveness for mobile agents. We then identify an important class of such encryptable functions, namely polynomials and rational functions. 3. 1 Computing with Encrypted Data The problem of computing with encrypted data (CED) has been described by Abadi and Feigenbaum [1] in the following way: Bob has an algorithm to compute a function f and is willing to compute f(x) for Alice. Alice wants to compute f on her private input x but does not want to reveal x to Bob. Furthermore Alice should not learn anything substantial about the algorithm of Bob for computing f ....

M. Abadi and J. Feigenbaum. Secure circuit evaluation. Journal of Cryptology, 2(1):1--12, 1990.

....that if one can observe one execution of the above checking algorithm, then one can easily determine an initial part of the dynamic signature D v , whence help the anti virus software to detect the virus. In order to solve this problem, we can use the protocol of computation with encryption (see [1]) Abadi and Feigenbaum [1] described a protocol how to securely evaluate a Boolean circuit in encrypted data. They further reduced the problem of evaluation of encrypted functions to the problem of processing of encrypted data by representing the Boolean circuit that is to be hidden as data fed ....

....execution of the above checking algorithm, then one can easily determine an initial part of the dynamic signature D v , whence help the anti virus software to detect the virus. In order to solve this problem, we can use the protocol of computation with encryption (see [1] Abadi and Feigenbaum [1] described a protocol how to securely evaluate a Boolean circuit in encrypted data. They further reduced the problem of evaluation of encrypted functions to the problem of processing of encrypted data by representing the Boolean circuit that is to be hidden as data fed to a universal Boolean ....

[Article contains additional citation context not shown here]

M. Abadi and J. Feigenbaum. Secure circuit evaluation. Journal of Cryptology, 2(1):1-- 12, 1990.

....Related Work Previous work dealt mainly with the (related) problem of processing encrypted data. The general importance of homomorphic encryption functions for these type of problems was pointed out by Rivest, Adleman and Dertouzos (cf. 8] An important step was done by Abadi and Feigenbaum [1] who described a protocol how to securely evaluate a Boolean circuit in encrypted data. Their protocol however requires a high amount of communication rounds between Alice and Bob. Adaptions of this techniques to evaluate encrypted circuits would intrinsically put a high communication burden on ....

M. Abadi and J. Feigenbaum. Secure circuit evaluation. Journal of Cryptology, 2(1):1--12, 1990.

....whether it is under attack. An efficient proof checker can automate the process of checking the proof, thus providing an automated test oracle. Some early work in this area includes work to check cryptographic operations performed by an untrusted assistant [35] and for secure circuit evaluation [4]. Other approaches are in the direction of using quorum schemes for distributing trust among servers using threshold cryptography [21] However, these su#er from performance issues associated with quorum schemes. A low level step towards this direction is the use of secure data structures. In ....

M. Abadi and J. Feigenbaum:. Secure circuit evaluation. Journal of Cryptology, 2(1), 1990.

....FCT grant: PRAXIS XXI BD 13875 97 2 2 Related Work The problem addressed here was referred in the seminal paper by Abadi, Feigenbaum and Kilian [AFK89] which focuses on hiding data from an oracle, or in other words, computing with encrypted data. Based on this idea, Abadi and Feigenbaum [AF90] developed a protocol to secure circuit evaluation, which allows a player to evaluate his data on another player s boolean circuit, thereby preserving the confidentiality of his data, under the Quadratic Residue Assumption (QRA) and also hiding the circuit from the owner of the data. Even though ....

....in so far as the interactions between the owner of the function (Alice) and the remote party that evaluates the function (Bob) consist only of the transmission of the function by Alice to Bob and the transmission of the result back to Alice by Bob. Unlike the protocol by Abadi and Feigenbaum [AF90], an autonomous protocol does not involve the exchange of information between players during function evaluation. In an autonomous protocol, a function f owned by Alice is evaluated by Bob on the input data x (provided by Bob) while preventing the disclosure of f to Bob. The privacy of f is ....

Martin Abadi and Joan Feigenbaum. Secure circuit evaluation. Journal of Cryptology, 2(1):1--12, 1990.

....do not directly apply to the problem at hand since they require interactivity. Secure protocols for evaluating boolean circuits have been studied in which one participant has a function, the other participant has a value, and neither participant wishes to share information with the other [1]. A tamper resistant software scheme has been proposed by Aucsmith which relies on obfuscation via lazy self decryption, self modifying code, and sharing integrity checks between modules to make localized tampering difficult [4] 8 Conclusion I have surveyed a number of issues related to ....

Abadi, M., and Feigenbaum, J. Secure circuit evaluation. Journal of Cryptology 2, 1 (1990), 1--12.

....work and conclusion. 2: Related Work The problem that is dealt with in this section was also mentioned in the seminal paper by Abadi, Feigenbaum and Kilian [2] which focuses on hiding data from an oracle, or in other words, computing with encrypted data. Based on this idea, Abadi and Feigenbaum [1] developed a protocol to secure circuit evaluation, which allows a player to evaluate his data on another player s boolean circuit, thereby preserving the confidentiality of his data and also hiding the circuit from the data s owner. Even though it was originally intended for data confidentiality, ....

....autonomous in so far as the interactions between the owner of the function (Alice) and the remote party that evaluates the function (Bob) consist only of the transmission of the function by Alice to Bob and the transmission of the result back to Alice. Unlike the protocol by Abadi and Feigenbaum [1], an autonomous protocol does not involve the exchange of information between the players during function evaluation. In an autonomous protocol, a function f owned by Alice is evaluated by Bob on the input data x provided by Bob, while preventing the disclosure of f to Bob. The confidentiality of ....

[Article contains additional citation context not shown here]

Martin Abadi and Joan Feigenbaum. Secure circuit evaluation. Journal of Cryptology, 2(1):1--12, 1990.

....reused [18] Furthermore, the availability of e cient decompilation techniques [30, 39] even in light of code obfuscation [22] make these approaches unsatisfactory for deterring hosts from misbehaving. Recently, Sanders and Tschudin [34, 33] proposed the use of computing with encrypted functions [32, 1] to address the issues pertaining to publicly readable executable content. While the idea of computing with encrypted functions is appealing, numerous obstacles, both theoretical and practical, still need to be overcome before its application to mobile cryptography can be fully realized. An ....

....Since the de mangling time is much less than that of typical coarse grain parallel computations, this approach is not applicable to our goals. The approach of Sanders et al. 34, 33] for protecting mobile agents against malicious hosts is based on the idea of computing with encrypted functions [32, 1]. The intuition is as follows: given a function f(x) which can be represented by a program P , rather than distribute P , the encrypted function E(P ) is distributed instead. The remote host then executes y = E(P ) x) and transmits y back to the originating host, at which point y is decrypted to ....

[Article contains additional citation context not shown here]

M. Abadi and J. Feigenbaum. Secure Circuit Evaluation. Journal of Cryptography, 2(1):1-12, 1990.

....Bob execute the encrypted function f are given in section 4.3.1. 4.2 EEF via Homomorphic Functions Subsequently we show how homomorphic encryption schemes enable the realization of EEF. We start by discussing related work on the problem of processing encrypted data (PED) Abadi and Feigenbaum [1] described a protocol how to securely evaluate a Boolean circuit in encrypted data. They further reduced EEF (for Boolean circuits) to PED by representing the Boolean circuit that is to be hidden as data fed to a universal Boolean circuit. For mobile code there are two problems with their ....

M. Abadi and J. Feigenbaum. Secure circuit evaluation. Journal of Cryptology, 2(1):1--12, 1990.

No context found.

M. Abadi and J. Feigenbaum, "Secure circuit evaluation," a protocol based on hiding information from an oracle. Journal of Cryptology 2, 1990, pp. 1--12.

No context found.

M. Abadi and J. Feigenbaum, "Secure circuit evaluation, " Journal of Cryptology, 1990.

No context found.

M. Abadi and J. Feigenbaum, "Secure Circuit Evaluation," Journal of Cryptology, 2(1), 1990, pp.1-12.

No context found.

Abadi, M., and Feigenbaum, J. Secure circuit evaluation. Journal of Cryptology, 2 (1990), 5--21.

No context found.

M. Abdadi and J. Feigenbaum, "Secure Circuit Evaluation", Journal of Cryptology, 2(1), 1990. 83 84

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC