Timeline for Is offline secure two party computation possible?
Current License: CC BY-SA 4.0
16 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Oct 7, 2021 at 17:44 | answer | added | Helena | timeline score: 0 | |
| Oct 7, 2021 at 16:58 | answer | added | Ewan | timeline score: 0 | |
| Oct 7, 2021 at 16:01 | history | bumped | CommunityBot | This question has answers that may be good or bad; the system has marked it active so that they can be reviewed. | |
| Jun 9, 2021 at 15:02 | history | bumped | CommunityBot | This question has answers that may be good or bad; the system has marked it active so that they can be reviewed. | |
| May 10, 2021 at 13:50 | answer | added | JimmyJames | timeline score: 1 | |
| May 9, 2021 at 21:39 | comment | added | Sebastian Redl |
For starters, I don't understand what your goal is. To find a suitable function f? What should this function do, besides compute something that may be publicly known? Where does Enc come in? An understandable explanation would be "I want to compute some function f on an untrusted device, without revealing the inputs x and y to the computation." Is that what you want?
|
|
| May 9, 2021 at 19:42 | comment | added | user1937198 |
@Jakob One obvious trivial f that is an issue is f(x, y) = x there is no way that the attacker is not going to know x if it is public.
|
|
| May 9, 2021 at 19:41 | comment | added | user1937198 | @Jakob Homomorphic encryption seems like it would be a good place to start. But if the output of f is public, the security of x and y are also going to depend a lot on the security properties of f. | |
| May 9, 2021 at 18:17 | comment | added | Jakob | @amon so you say this would only be possible for a few functions f(). Would you know one concrete f() that definitely breaks it? | |
| May 9, 2021 at 18:14 | comment | added | Jakob | @SebastianRedl Hmm can you tell me specifically what you find hard to understand? I'm might ask there although I think a question about crypto design belongs here more then on the security stackexchange. | |
| May 9, 2021 at 12:46 | comment | added | Sebastian Redl | You might also want to consider asking at security.stackexchange.com instead. | |
| May 9, 2021 at 12:45 | comment | added | Sebastian Redl | I find your description very hard to understand. Can you maybe try it differently? | |
| May 9, 2021 at 12:34 | history | edited | lennon310 | CC BY-SA 4.0 |
edited body; edited title
|
| May 9, 2021 at 9:45 | comment | added | amon |
The central problem is that the decryption Dec(f(Enc(x), Enc(y))) shall be possible, but Dec(Enc(x)) and Dec(Enc((y)) shall be impossible by the third party. This indicates f() needs some way to re-encrypt the output so that it can be decrypted with a different key, without being able to re-encrypt the inputs. This might indeed be possible for some functions f().
|
|
| May 9, 2021 at 9:40 | review | First posts | |||
| May 9, 2021 at 12:34 | |||||
| May 9, 2021 at 9:33 | history | asked | Jakob | CC BY-SA 4.0 |