Results 11  20
of
131
PrivacyPreserving Multivariate Statistical Analysis: Linear Regression and Classification
 In Proceedings of the 4th SIAM International Conference on Data Mining
, 2004
"... analysis technique that has found applications in various areas. In this paper, we study some multivariate statistical analysis methods in Secure 2party Computation (S2C) framework illustrated by the following scenario: two parties, each having a secret data set, want to conduct the statistical ana ..."
Abstract

Cited by 89 (1 self)
 Add to MetaCart
(Show Context)
analysis technique that has found applications in various areas. In this paper, we study some multivariate statistical analysis methods in Secure 2party Computation (S2C) framework illustrated by the following scenario: two parties, each having a secret data set, want to conduct the statistical analysis on their joint data, but neither party is willing to disclose its private data to the other party or any third party. The current statistical analysis techniques cannot be used directly to support this kind of computation because they require all parties to send the necessary data to a central place. In this paper, We define two Secure 2party multivariate statistical analysis problems: Secure 2party Multivariate Linear Regression problem and Secure 2party Multivariate Classification problem. We have developed a practical security model, based on which we have developed a number of building blocks for solving these two problems.
Privacypreserving cooperative statistical analysis
 In Proceedings of the 17th Annual Computer Security Applications Conference
, 2001
"... The growth of the Internet opens up tremendous opportunities for cooperative computation, where the answer depends on the private inputs of separate entities. Sometimes these computations may occur between mutually untrusted entities. The problem is trivial if the context allows the conduct of these ..."
Abstract

Cited by 70 (0 self)
 Add to MetaCart
(Show Context)
The growth of the Internet opens up tremendous opportunities for cooperative computation, where the answer depends on the private inputs of separate entities. Sometimes these computations may occur between mutually untrusted entities. The problem is trivial if the context allows the conduct of these computations by a trusted entity that would know the inputs from all the participants; however if the context disallows this then the techniques of secure multiparty computation become very relevant and can provide useful solutions. Statistic analysis is a widely used computation in real life, but the known methods usually require one to know the whole data set; little work has been conducted to investigate how statistical analysis could be performed in a cooperative environment, where the participants want to conduct statistical analysis on the joint data set, but each participant is concerned about the confidentiality of its own data. In this paper we have developed protocols for conducting the statistic analysis in such kind of cooperative environment based on a data perturbation technique and cryptography primitives.
Secure multiparty computational geometry
 INTERNATIONAL WORKSHOP ON ALGORITHMS AND DATA STRUCTURES
, 2001
"... The general secure multiparty computation problem is when multiple parties (say, Alice and Bob) each have private data (respectively, a and b) and seek to compute some function f(a; b) without revealing to each other anything unintended (i.e., anything other than what can be inferred from knowing f ..."
Abstract

Cited by 67 (9 self)
 Add to MetaCart
(Show Context)
The general secure multiparty computation problem is when multiple parties (say, Alice and Bob) each have private data (respectively, a and b) and seek to compute some function f(a; b) without revealing to each other anything unintended (i.e., anything other than what can be inferred from knowing f(a; b)). It is well known that, in theory, the general secure multiparty computation problem is solvable using circuit evaluation protocols. While this approach is appealing in its generality, the communication complexity of the resulting protocols depend on the size of the circuit that expresses the functionality to be computed. As Goldreich has recently pointed out [6], using the solutions derived from these general results to solve specic problems can be impractical; problemspeci c solutions should be developed, for eciency reasons. This paper is a rst step in this direction for the area of computational geometry. We give simple solutions to some specic geometric problems, and in doing so we develop some building blocks that we believe will be useful in the solution of other geometric and combinatorial problems as well.
Oblivious Transfer with Adaptive Queries
 Proc. CRYPTO, Springer LNCS
, 1999
"... . We provide protocols for the following twoparty problem: One party, the sender, has N values and the other party, the receiver, would like to learn k of them, deciding which ones in an adaptive manner (i.e. the ith value may depend on the first i \Gamma 1 values). The sender does not want the rec ..."
Abstract

Cited by 62 (2 self)
 Add to MetaCart
(Show Context)
. We provide protocols for the following twoparty problem: One party, the sender, has N values and the other party, the receiver, would like to learn k of them, deciding which ones in an adaptive manner (i.e. the ith value may depend on the first i \Gamma 1 values). The sender does not want the receiver to obtain more than k values. This is a variant of the well known Oblivious Transfer (OT) problem and has applications in protecting privacy in various settings. We present efficient protocols for the problem that require an O(N) computation in the preprocessing stage and fixed computation (independent of k) for each new value the receiver obtains. The online computation involves roughly log N invocations of a 1out2 OT protocol. The protocols are based on a new primitive, sum consistent synthesizers. 1 Introduction Oblivious Transfer (abbrev. OT) refers to several types of twoparty protocols where at the beginning of the protocol one party, the Sender (or sometimes Bob or B), has ...
Randomizing Polynomials: A New Representation with Applications to RoundEfficient Secure Computation
 In Proc. 41st FOCS
, 2000
"... Motivated by questions about secure multiparty computation, we introduce and study a new natural representation of functions by polynomials, which we term randomizing polynomials. "Standard" lowdegree polynomials over a finite field are easy to compute with a small number of communicatio ..."
Abstract

Cited by 61 (20 self)
 Add to MetaCart
Motivated by questions about secure multiparty computation, we introduce and study a new natural representation of functions by polynomials, which we term randomizing polynomials. "Standard" lowdegree polynomials over a finite field are easy to compute with a small number of communication rounds in virtually any setting for secure computation. However, most Boolean functions cannot be evaluated by a polynomial whose degree is smaller than their input size. We get around this barrier by relaxing the requirement of evaluatingf into a weaker requirement of randomizing f: mapping the inputs of f along with independent random inputs into a vector of outputs, whose distribution depends only on the value of f . We show that degree3 polynomials are sufficient to randomize any function f , relating the efficiency of such a randomization to the branching program size of f . On the other hand, by characterizing the exact class of Boolean functio...
Selective private function evaluation with applications to private statistics
 In Proceedings of Twentieth ACM Symposium on Principles of Distributed Computing (PODC
, 2001
"... Motivated by the application of private statistical analysis of large databases, we consider the problem of selective private function evaluation (SPFE). In this problem, a client interacts with one or more servers holding copies of a database z = zt,...,z, in order to compute f(z~t,...,z~,,,) , fo ..."
Abstract

Cited by 56 (9 self)
 Add to MetaCart
(Show Context)
Motivated by the application of private statistical analysis of large databases, we consider the problem of selective private function evaluation (SPFE). In this problem, a client interacts with one or more servers holding copies of a database z = zt,...,z, in order to compute f(z~t,...,z~,,,) , for some function f and indices i = it,...,i, ~ chosen by the client. Ideally, the client must learn nothing more about the database than f(zit,..., zi,,~), and the servers should learn nothing. Generic solutions for this problem, based on standard techniques for secure function evaluation, incur communication complexity that is at least linear in n, making them prohibitive for large databases even when f is relatively simple and m is small. We present various approaches for constructing sublinearcommunication $PFE protocols, both for the general problem and for special cases of interest. Our solutions not only offer sublinear communication complexity, but are also practical in many scenarios. 1.
Secure and Private Sequence Comparisons
 In WPES’03: Proceedings of the 2003 ACM workshop on Privacy in the electronic society
, 2003
"... We give an e#cient protocol for sequence comparisons of the editdistance kind, such that neither party reveals anything about their private sequence to the other party (other than what can be inferred from the edit distance between their two sequences  which is unavoidable because computing that ..."
Abstract

Cited by 54 (9 self)
 Add to MetaCart
(Show Context)
We give an e#cient protocol for sequence comparisons of the editdistance kind, such that neither party reveals anything about their private sequence to the other party (other than what can be inferred from the edit distance between their two sequences  which is unavoidable because computing that distance is the purpose of the protocol). The amount of communication done by our protocol is proportional to the time complexity of the bestknown algorithm for performing the sequence comparison.
Protocols For Secure Remote Database Access With Approximate Matching
, 2000
"... Suppose that Bob has a database D and that Alice wants to perform a search query q on D (e.g., “is q in D?”). Since Alice is concerned about her privacy, she does not want Bob to know the query or the response to the query. How could this be done? There are elegant cryptographic techniques for solvi ..."
Abstract

Cited by 53 (10 self)
 Add to MetaCart
Suppose that Bob has a database D and that Alice wants to perform a search query q on D (e.g., “is q in D?”). Since Alice is concerned about her privacy, she does not want Bob to know the query or the response to the query. How could this be done? There are elegant cryptographic techniques for solving this problem under various constraints (such as “Bob should know neither nor the answer to the query ” and “Alice should learn nothing about D other than the answer to the query”), while optimizing various performance criteria (e.g., amount of communication). We consider the version of this problem where the query is of the type “is approximately in �? ” for a number of different notions of “approximate”, some of which arise in image processing and template matching, while others are of the stringedit type that arise in biological sequence comparisons. New techniques are needed in this framework of approximate searching, because each notion of “approximate equality” introduces its own set of difficulties; using encryption is more problematic in this framework because the items that are approximately equal cease to be so after encryption or cryptographic hashing. Practical protocols for solving such problems make possible new forms of ecommerce between proprietary database owners and customers who seek to query the database, with privacy.
SECURE OUTSOURCING OF SEQUENCE COMPARISONS
"... Largescale problems in the physical and life sciences are being revolutionized by Internet computing technologies, like grid computing, that make possible the massive cooperative sharing of computational power, bandwidth, storage, and data. A weak computational device, once connected to such a grid ..."
Abstract

Cited by 51 (7 self)
 Add to MetaCart
Largescale problems in the physical and life sciences are being revolutionized by Internet computing technologies, like grid computing, that make possible the massive cooperative sharing of computational power, bandwidth, storage, and data. A weak computational device, once connected to such a grid, is no longer limited by its slow speed, small amounts of local storage, and limited bandwidth: It can avail itself of the abundance of these resources that is available elsewhere on the network. An impediment to the use of “computational outsourcing” is that the data in question is often sensitive, e.g., of national security importance, or proprietary and containing commercial secrets, or to be kept private for legal requirements such as the HIPAA legislation, GrammLeachBliley, or similar laws. This motivates the design of techniques for computational outsourcing in a privacypreserving manner, i.e., without revealing to the remote agents whose computational power is being used, either one’s data or the outcome of the computation on the data. This paper investigates such secure outsourcing for widely applicable sequence comparison problems, and gives an efficient protocol for a