58 Hits in 2.5 sec

CryptoDSPs for Cloud Privacy [chapter]

Juan Ramón Troncoso-Pastoriza, Fernando Pérez-González
2011 Lecture Notes in Computer Science  
Signal processing governs almost every audiovisual stimuli that we receive from electronic sources. Recently, concerns about privacy of the processed signals (especially biomedical signals) has been raised, as it has been traditionally overlooked. This fact, together with the advent of Cloud computing and the growing tendency to outsource not only the storage but also the processing of data has created a fundamental need for privacy preserving techniques that protect signals at the Cloud. We
more » ... vide a landscape of technologies brought up by the novel discipline of Signal Processing in the Encrypted Domain (SPED), and we show their application to solve Cloud Computing privacy issues, introducing the concept of virtualized CryptoDSPs, as an architecture for implementing SPED technologies on Cloud scenarios.
doi:10.1007/978-3-642-24396-7_34 fatcat:j3oo4fergzeqrnejmwfutfexva

Multivariate Cryptosystems for Secure Processing of Multidimensional Signals [article]

Alberto Pedrouzo-Ulloa, Juan Ramón Troncoso-Pastoriza, Fernando Pérez-González
2017 arXiv   pre-print
Multidimensional signals like 2-D and 3-D images or videos are inherently sensitive signals which require privacy-preserving solutions when processed in untrustworthy environments, but their efficient encrypted processing is particularly challenging due to their structure, dimensionality and size. This work introduces a new cryptographic hard problem denoted m-RLWE (multivariate Ring Learning with Errors) which generalizes RLWE, and proposes several relinearization-based techniques to
more » ... y convert signals with different structures and dimensionalities. The proposed hard problem and the developed techniques give support to lattice cryptosystems that enable encrypted processing of multidimensional signals and efficient conversion between different structures. We show an example cryptosystem and prove that it outperforms its RLWE counterpart in terms of security against basis-reduction attacks, efficiency and cipher expansion for encrypted image processing, and we exemplify some of the proposed transformation techniques in critical and ubiquitous block-based processing applications
arXiv:1712.00848v1 fatcat:qvwgu44yeffyxf3p46k6jruzsa

Multiparty Homomorphic Encryption: From Theory to Practice [article]

Christian Mouchet, Juan Ramón Troncoso-Pastoriza, Jean-Pierre Hubaux
2020 IACR Cryptology ePrint Archive  
We propose and evaluate a secure-multipartycomputation (MPC) solution in the semi-honest model with dishonest majority that is based on multiparty homomorphic encryption (MHE). To support our solution, we introduce a multiparty version of the Brakerski-Fan-Vercauteren homomorphic cryptosystem and implement it in an open-source library. MHEbased MPC solutions have several advantages: Their transcript is public, their offline phase is compact, and their circuit-evaluation procedure is
more » ... ive. By exploiting these properties, the communication complexity of MPC tasks is reduced from quadratic to linear in the number of parties, thus enabling secure computation among potentially thousands of parties and in a broad variety of computing paradigms, from the traditional peer-to-peer setting to cloud-outsourcing and smart-contract technologies. MHE-based approaches can also outperform the state-of-the-art solutions, even for a small number of parties. We demonstrate this for three circuits: private input selection with application to private-information retrieval, component-wise vector multiplication with application to private-set intersection, and Beaver multiplication triples generation. For the first circuit, privately selecting one input among eight thousand parties' (of 32 KB each) requires only 1.31 MB of communication per party and completes in 61.7 seconds. For the second circuit with eight parties, our approach is 8.6 times faster and requires 39.3 times less communication than the current methods. For the third circuit and ten parties, our approach generates 20 times more triples per second while requiring 136 times less communication per-triple than an approach based on oblivious transfer. We implemented our scheme in the Lattigo library and open-sourced the code at
dblp:journals/iacr/MouchetTH20 fatcat:ohv7rl7crzapnd3e3ld57vzroe

Secure Adaptive Filtering

Juan Ramón Troncoso-Pastoriza, Fernando Perez-Gonzalez
2011 IEEE Transactions on Information Forensics and Security  
Troncoso-Pastoriza is with the Signal DRAFT 2 Processing needs to go further, resorting to adaptive filtering algorithms, due to their greater flexibility, higher responsiveness when tracking the changes  ... 
doi:10.1109/tifs.2011.2109385 fatcat:leoc4tkqfnbvvp4voozr5w7vzu

Number Theoretic Transforms for Secure Signal Processing [article]

Alberto Pedrouzo-Ulloa, Juan Ramón Troncoso-Pastoriza, Fernando Pérez-González
2018 arXiv   pre-print
Multimedia contents are inherently sensitive signals that must be protected whenever they are outsourced to an untrusted environment. This problem becomes a challenge when the untrusted environment must perform some processing on the sensitive signals; a paradigmatic example is Cloud-based signal processing services. Approaches based on Secure Signal Processing (SSP) address this challenge by proposing novel mechanisms for signal processing in the encrypted domain and interactive secure
more » ... s to achieve the goal of protecting signals without disclosing the sensitive information they convey. This work presents a novel and comprehensive set of approaches and primitives to efficiently process signals in an encrypted form, by using Number Theoretic Transforms (NTTs) in innovative ways. This usage of NTTs paired with appropriate signal pre- and post-coding enables a whole range of easily composable signal processing operations comprising, among others, filtering, generalized convolutions, matrix-based processing or error correcting codes. The main focus is on unattended processing, in which no interaction from the client is needed; for implementation purposes, efficient lattice-based somewhat homomorphic cryptosystems are used. We exemplify these approaches and evaluate their performance and accuracy, proving that the proposed framework opens up a wide variety of new applications for secured outsourced-processing of multimedia contents.
arXiv:1607.05229v2 fatcat:mrlorcxrrrg7lbfr7khn7mr2xq

Computing across Trust Boundaries using Distributed Homomorphic Cryptography [article]

Christian Mouchet, Juan Ramón Troncoso-Pastoriza, Jean-Pierre Hubaux
2019 IACR Cryptology ePrint Archive  
In this work, we advance the conceptual and technical aspects of Secure Multiparty Computation (SMC). We approach SMC as a computational problem and propose a novel formulation of this problem in terms of trust boundaries. From this formulation, we derive a general framework that enables a more comprehensive characterization of both the SMC problem and its solutions. Existing SMC solutions are commonly seen as diametrically different and incompatible, but we show how they can be mapped to
more » ... ular instances of our framework, hence enabling their analysis under a common and unified basis. In this framework, the core component of an SMC solution is a distributed homomorphic cryptosystem. We show that the features this cryptosystem provides determine the need for interaction and overall efficiency of the corresponding SMC solutions. Based on this analysis, we introduce a practical instantiation of our framework by proposing a distributed version of the Brakerski-Fan-Vercauteren (BFV) lattice-based homomorphic cryptosystem. We analyze the security, noise overhead, and computational costs of this scheme. Due to its conceptual simplicity and efficiency, our solution has great potential for addressing highly relevant scenarios, such as secure data-sharing and machine-learning. Hence, this work constitutes a step forward in secure computation, by enabling computation across trust boundaries.
dblp:journals/iacr/MouchetTH19 fatcat:ueaxwchh7ndyhl7q3nmlolkgim

Efficient PRNU Matching in the Encrypted Domain

Alberto Pedrouzo-Ulloa, Miguel Masciopinto, Juan Ramón Troncoso-Pastoriza, Fernando Pérez-González
2019 Proceedings (MDPI)  
Photoresponse Non-Uniformity (PRNU) is becoming particularly relevant within digital media forensics, as a means to effectively determine the source camera of a given image. Most of the practical applications in digital media forensics involve dealing with highly sensitive data whose content must be protected. In this context, several secure frameworks have been proposed to perform PRNU-based camera attribution while preserving the privacy of both the testing images and the PRNU fingerprint.
more » ... two most recent and relevant ones, independently proposed in 2018, are (a) Mohanty et al.'s, who combine the use of a trusted environment (ARM TrustZone) to compute the PRNU fingerprint, with the Boneh-Goh-Nissim (BGN) cryptosystem to perform the matching, and (b) Pedrouzo-Ulloa et al.'s, who propose a more flexible solution which can be fully implemented on a general purpose architecture and does not require access to a trusted environment. In this work, we revisit the existing frameworks and propose a general formulation for PRNU matching based on lattice cryptosystems which improves on the BGN-based solution in terms of efficiency, flexibility and privacy.
doi:10.3390/proceedings2019021017 fatcat:bsstnnb23zcaxdoxdxxww2nhqm

SoK: Privacy-Preserving Collaborative Tree-based Model Learning [article]

Sylvain Chatel, Apostolos Pyrgelis, Juan Ramon Troncoso-Pastoriza, Jean-Pierre Hubaux
2021 arXiv   pre-print
Tree-based models are among the most efficient machine learning techniques for data mining nowadays due to their accuracy, interpretability, and simplicity. The recent orthogonal needs for more data and privacy protection call for collaborative privacy-preserving solutions. In this work, we survey the literature on distributed and privacy-preserving training of tree-based models and we systematize its knowledge based on four axes: the learning algorithm, the collaborative model, the protection
more » ... echanism, and the threat model. We use this to identify the strengths and limitations of these works and provide for the first time a framework analyzing the information leakage occurring in distributed tree-based model learning.
arXiv:2103.08987v2 fatcat:3c6axws5zbeptn5q3bjomusbg4

A secure multidimensional point inclusion protocol

Juan Ramón Troncoso-Pastoriza, Stefan Katzenbeisser, Mehmet Celik, Aweke Lemma
2007 Proceedings of the 9th workshop on Multimedia & security - MM&Sec '07  
Signal processing in the encrypted domain combines typical signal processing operations and cryptographic primitives to ensure security in applications involving mutually distrusting participants. Several such applications reduce to a multidimensional point inclusion problem where two participants decide whether a point known to the first lies inside a region specified by the second. In a secure solution, neither party gains knowledge about the other's input. For instance, in biometric
more » ... ation the client can prove his identity without disclosing his biometric. In this paper, we present a new primitive for securely solving the multidimensional point inclusion problem. Using this primitive, we first propose an efficient and provably secure protocol that solves the problem for an N -dimensional convex region bounded with hyperplanes. We subsequently extend the protocol to inclusion in multiple hyperellipsoidal regions. Considering possible reduction strategies such as input packing, we analyze the complexity of both protocols.
doi:10.1145/1288869.1288884 dblp:conf/mmsec/Troncoso-PastorizaKCL07 fatcat:z7ltdyh6qfgzjja43uhgtudroi

GenoShare: Supporting Privacy-Informed Decisions for Sharing Individual-Level Genetic Data

Jean Louis Raisaro, Juan Ramón Troncoso-Pastoriza, Yamane El-Zein, Mathias Humbert, Carmela Troncoso, Jacques Fellay, Jean-Pierre Hubaux
2020 Studies in Health Technology and Informatics  
One major obstacle to developing precision medicine to its full potential is the privacy concerns related to genomic-data sharing. Even though the academic community has proposed many solutions to protect genomic privacy, these so far have not been adopted in practice, mainly due to their impact on the data utility. We introduce GenoShare, a framework that enables individual citizens to understand and quantify the risks of revealing genome-related privacy-sensitive attributes (e.g., health
more » ... s, kinship, physical traits) from sharing their genomic data with (potentially untrusted) third parties. GenoShare enables informed decision-making about sharing exact genomic data, by jointly simulating genome-based inference attacks and quantifying the risk stemming from a potential data disclosure.
doi:10.3233/shti200158 pmid:32570382 fatcat:3vw3bjp3zvfqfmalhv2dcmmxhy

SoK: Privacy-Preserving Collaborative Tree-based Model Learning

Sylvain Chatel, Apostolos Pyrgelis, Juan Ramón Troncoso-Pastoriza, Jean-Pierre Hubaux
2021 Proceedings on Privacy Enhancing Technologies  
Tree-based models are among the most efficient machine learning techniques for data mining nowadays due to their accuracy, interpretability, and simplicity. The recent orthogonal needs for more data and privacy protection call for collaborative privacy-preserving solutions. In this work, we survey the literature on distributed and privacy-preserving training of tree-based models and we systematize its knowledge based on four axes: the learning algorithm, the collaborative model, the protection
more » ... echanism, and the threat model. We use this to identify the strengths and limitations of these works and provide for the first time a framework analyzing the information leakage occurring in distributed tree-based model learning.
doi:10.2478/popets-2021-0043 fatcat:zjlt2fgmpfcw7modhaddyqc46i

Efficient Bootstrapping for Approximate Homomorphic Encryption with Non-Sparse Keys [article]

Jean-Philippe Bossuat, Christian Mouchet, Juan Ramón Troncoso-Pastoriza, Jean-Pierre Hubaux
2020 IACR Cryptology ePrint Archive  
We present a bootstrapping procedure for the full-RNS variant of the approximate homomorphic-encryption scheme of Cheon et al., CKKS (Asiacrypt 17, SAC 18). Compared to the previously proposed procedures (Eurocrypt 18 & 19" our bootstrapping procedure is more precise, more efficient (in terms of CPU cost and number of consumed levels), and is more reliable and 128-bit-secure. Unlike the previous approaches, it does not require the use of sparse secret-keys. Therefore, to the best of our
more » ... e, this is the first procedure that enables a highly efficient and precise bootstrapping with a low probability of failure for parameters that are 128-bit-secure under the most recent attacks on sparse R-LWE secrets. We achieve this efficiency and precision by introducing three novel contributions: (i) We propose a generic algorithm for homomorphic polynomialevaluation that takes into account the approximate rescaling and is optimal in level consumption. (ii) We optimize the key-switch procedure and propose a new technique for linear transformations (double hoisting). (iii) We propose a systematic approach to parameterize the bootstrapping, including a precise way to assess its failure probability. We implemented our improvements and bootstrapping procedure in the open-source Lattigo library. For example, bootstrapping a plaintext in C 32768 takes 18 seconds, has an output coefficient modulus of 505 bits, a mean precision of 19.1 bits, and a failure probability of 2 −15.58 . Hence, we achieve 14.1× improvement in bootstrapped throughput (plaintextbit per second), with respect to the previous best results, and we have a failure probability 468× smaller and ensure 128-bit security.
dblp:journals/iacr/BossuatMTH20 fatcat:pa3j4vv5ubgvnli6nyikveqdcu

ORide: A Privacy-Preserving yet Accountable Ride-Hailing Service

Anh Pham, Italo Dacosta, Guillaume Endignoux, Juan Ramón Troncoso-Pastoriza, Kévin Huguenin, Jean-Pierre Hubaux
2017 USENIX Security Symposium  
In recent years, ride-hailing services (RHSs) have become increasingly popular, serving millions of users per day. Such systems, however, raise significant privacy concerns, because service providers are able to track the precise mobility patterns of all riders and drivers. In this paper, we propose ORide (Oblivious Ride), a privacypreserving RHS based on somewhat-homomorphic encryption with optimizations such as ciphertext packing and transformed processing. With ORide, a service provider can
more » ... atch riders and drivers without learning their identities or location information. ORide offers riders with fairly large anonymity sets (e.g., several thousands), even in sparsely populated areas. In addition, ORide supports key RHS features such as easy payment, reputation scores, accountability, and retrieval of lost items. Using real data-sets that consist of millions of rides, we show that the computational and network overhead introduced by ORide is acceptable. For example, ORide adds only several milliseconds to ride-hailing operations, and the extra driving distance for a driver is less than 0.5 km in more than 75% of the cases evaluated. In short, we show that a RHS can offer strong privacy guarantees to both riders and drivers while maintaining the convenience of its services.
dblp:conf/uss/PhamDETHH17 fatcat:q4obxx7bjzgdnp2jfrvek7u5gq

Zero-knowledge watermark detector robust to sensitivity attacks

Juan Ramón Troncoso-Pastoriza, Fernando Pérez-González
2006 Proceeding of the 8th workshop on Multimedia and security - MM&Sec '06  
Current zero-knowledge watermark detectors are based on a linear correlation between the asset features and a given secret sequence. This detection function is susceptible of being attacked by sensitivity attacks, for which zero-knowledge does not provide protection. In this paper a new zero-knowledge watermark detector robust to sensitivity attacks is presented, using the Generalized Gaussian Maximum Likelihood (ML) detector as basis. The inherent robustness that this detector presents against
more » ... sensitivity attacks, together with the security provided by the zero-knowledge protocol that conceals the keys that could be used to remove the watermark or to produce forged assets, results in a robust and secure protocol. Additionally, two new zero-knowledge proofs for modulus and square root calculation are presented; they serve as building blocks for the zero-knowledge implementation of the Generalized Gaussian ML detector, and also open new possibilities in the design of high level protocols.
doi:10.1145/1161366.1161383 dblp:conf/mmsec/Troncoso-PastorizaP06 fatcat:up43vd2xmfgnbkhanffhgv3imi

Efficient protocols for secure adaptive filtering

Juan Ramon Troncoso-Pastoriza, Fernando Perez-Gonzalez
2011 2011 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP)  
The field of Signal Processing in the Encrypted Domain (SPED) has emerged in order to provide efficient and secure solutions for preserving privacy of signals that are processed by untrusted agents. In this work, we study the privacy problem of adaptive filtering, one of the most important and ubiquitous blocks in signal processing nowadays. We examine several use cases along with their privacy characteristics, constraints and requirements, that differ in several aspects from those of the
more » ... y tackled linear filtering and classification problems. Due to the impossibility of using a strategy based solely on current homomorphic encryption systems, we propose novel secure protocols for a privacy-preserving execution of the BLMS (Block Least Mean Squares) algorithm, combining different SPED techniques, and paying special attention to the trade-off between computational complexity, bandwidth, and the error produced due to finite-precision implementations.
doi:10.1109/icassp.2011.5947694 dblp:conf/icassp/Troncoso-PastorizaP11 fatcat:j5j44emt4nc2lnggesm4yp4zma
« Previous Showing results 1 — 15 out of 58 results