Public Verifiability in the Covert Model (Almost) for Free

  • Kolesnikov V.
  • Malozemoff A.

Abstract. The covert security model (Aumann and Lindell, TCC 2007) offers an extremely important security/efficiency trade-off: a covert player may arbitrarily cheat, but will be caught with a certain fixed probability, called the deterrence factor. This permits much more efficient protocols than the malicious setting while still giving meaningful security guarantees. However, one drawback is that cheating cannot be proven, which prevents the use of covert protocols in many practical settings. In ASI-ACRYPT 2012, Asharov and Orlandi (AO) enhanced the covert model by allowing the honest player to generate a proof of cheating, checkable by any third party. Their model, which we here abbreviate PVC (publicly verifiable covert), offers a very compelling trade-off. Asharov and Orlandi propose a practical protocol in the PVC model, which, however, relies on a specific expensive oblivious transfer (OT) protocol incompatible with OT extension. In this work, we greatly improve the performance of the PVC model by constructing a PVC-compatible OT extension as well as making several important practical improvements to the AO protocol. We work in the random oracle model, which is slightly stronger than what is needed for standard OT extension and free-XOR. Our construction is truly efficient. As compared to the state-of-the-art OT extension-based two-party covert protocol, our PVC protocol adds relatively little: four signatures and an ≈ 67% wider OT extension matrix. This is a significant improvement over the AO protocol, which requires public key-based OTs per input bit. We present detailed estimates showing (up to orders of magnitude) concrete performance improvements over the AO protocol and the best known malicious protocol.

View Original Article

Recent Publications

August 09, 2017

A Cloud Native Approach to 5G Network Slicing

  • Francini A.
  • Miller R.
  • Sharma S.

5G networks will have to support a set of very diverse and often extreme requirements. Network slicing offers an effective way to unlock the full potential of 5G networks and meet those requirements on a shared network infrastructure. This paper presents a cloud native approach to network slicing. The cloud ...

August 01, 2017

Modeling and simulation of RSOA with a dual-electrode configuration

  • De Valicourt G.
  • Liu Z.
  • Violas M.
  • Wang H.
  • Wu Q.

Based on the physical model of a bulk reflective semiconductor optical amplifier (RSOA) used as a modulator in radio over fiber (RoF) links, the distributions of carrier density, signal photon density, and amplified spontaneous emission photon density are demonstrated. One of limits in the use of RSOA is the lower ...

July 12, 2017

PrivApprox: Privacy-Preserving Stream Analytics

  • Chen R.
  • Christof Fetzer
  • Le D.
  • Martin Beck
  • Pramod Bhatotia
  • Thorsten Strufe

How to preserve users' privacy while supporting high-utility analytics for low-latency stream processing? To answer this question: we describe the design, implementation and evaluation of PRIVAPPROX, a data analytics system for privacy-preserving stream processing. PRIVAPPROX provides three properties: (i) Privacy: zero-knowledge privacy (ezk) guarantees for users, a privacy bound tighter ...