Jakob Pagter

Secure Multiparty Computation Goes Live

In this note, we report on the first large-scale and practical application of secure multiparty computation, which took place in January 2008. We also report on the novel cryptographic protocols that were used.

A practical implementation of secure auctions based on multiparty integer computation

In this paper we consider the problem of constructing secure auctions based on techniques from modern cryptography. We combine knowledge from economics, threshold cryptography and security engineering to implement secure auctions for practical real-world problems.

Optimal time-space trade-offs for sorting

We study the fundamental problem of sorting in a sequential model of computation and in particular consider the time-space trade-off (product of time and space) for this problem. P. Beame (1991) has shown a lower bound of /spl Omega/(n/sup 2/) for this product leaving a gap of a logarithmic factor up to the previously best known upper bound of O(n/sup 2/ log n) due to G.N. Frederickson (1987). Since then, no progress has been made towards tightening this gap. The main contribution of this paper is a comparison based sorting algorithm which closes the gap by meeting the lower bound of Beame. The time-space product O(n/sup 2/) upper bound holds for the full range of space bounds between log n and n/log n. Hence in this range our algorithm is optimal for comparison based models as well as for the very powerful general models considered by Beame.

Location privacy via actively secure private proximity testing

We present a solution which improves the level of privacy possible in location based services (LBS). A core component of LBS is proximity testing of users. Alice wants to know if she is near to Bob (or generally some location). The presented solution support private proximity testing and is actively secure meaning it prevents a number of attacks possible in existing protocols for private proximity testing. We demonstrate that the improved security provided only implies a factor of two penalty on execution time compared to an existing passively secure protocol. We also provide a security analysis and discuss the relevance of secure multiparty computation for location based services.

Secure Key Management in the Cloud

We consider applications involving a number of servers in the cloud that go through a sequence of online periods where the servers communicate, separated by offline periods where the servers are idle. During the offline periods, we assume that the servers need to securely store sensitive information such as cryptographic keys. Applications like this include many cases where secure multiparty computation is outsourced to the cloud, and in particular a number of online auctions and benchmark computations with confidential inputs. We consider fully autonomous servers that switch between online and offline periods without communicating with anyone from outside the cloud, and semi-autonomous servers that need a limited kind of assistance from outside the cloud when doing the transition. We study the levels of security one can --- and cannot --- obtain in this model, propose light-weight protocols achieving maximal security, and report on their practical performance.

A sense of security in pervasive computing: is the light on when the refrigerator door is closed?

In this paper, we investigate how existing theoretical contributions on usable security can serve to guide the design of a specific system. We illustrate how going through this theoretically informed, concrete design process, also provides the basis for complementing existing theoretical contributions. The system we have designed is a system taking advantage of pervasive computing technology to offer hotel guests access to their personal, digital materials while in a hotel room. The design is based on two ideas novel to usable security, namely falsification and the singleton invariant.

Using Compilers to Enhance Cryptographic Product Development

Developing high-quality software is hard in the general case, and it is significantly more challenging in the case of cryptographic software. A high degree of new skill and understanding must be learnt and applied without error to avoid vulnerability and inefficiency. This is often beyond the financial, manpower or intellectual resources avail-able. In this paper we present the motivation for the European funded CACE (Computer Aided Cryptography Engineering) project The main objective of CACE is to provide engineers (with limited or no expertise in cryptography) with a toolbox that allows them to generate robust and efficient implementations of cryptographic primitives. We also present some preliminary results already obtained in the early stages of this project, and discuss the relevance of the project as perceived by stakeholders in the mobile device arena.

From Keys to Databases—Real-World Applications of Secure Multi-Party Computation

We discuss the widely increasing range of applications of a cryptographic technique called Multi-Party Computation. For many decades this was perceived to be of purely theoretical interest, but now it has started to find application in a number of use cases. We highlight in this paper a number of these, ranging from securing small high value items such as cryptographic keys, through to securing an entire database.