Is Information-Theoretic Topology-Hiding Computation Possible?

Marshall Ball; Elette Boyle; Ran Cohen; Tal Malkin; Tal Moran

doi:10.1007/978-3-030-36030-6_20

Is Information-Theoretic Topology-Hiding Computation Possible?

Marshall Ball, Elette Boyle, Ran Cohen, Tal Malkin, Tal Moran

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Topology-hiding computation (THC) is a form of multi-party computation over an incomplete communication graph that maintains the privacy of the underlying graph topology. Existing THC protocols consider an adversary that may corrupt an arbitrary number of parties, and rely on cryptographic assumptions such as DDH. In this paper we address the question of whether information-theoretic THC can be achieved by taking advantage of an honest majority. In contrast to the standard MPC setting, this problem has remained open in the topology-hiding realm, even for simple “privacy-free” functions like broadcast, and even when considering only semi-honest corruptions. We uncover a rich landscape of both positive and negative answers to the above question, showing that what types of graphs are used and how they are selected is an important factor in determining the feasibility of hiding topology information-theoretically. In particular, our results include the following. We show that topology-hiding broadcast (THB) on a line with four nodes, secure against a single semi-honest corruption, implies key agreement. This result extends to broader classes of graphs, e.g., THB on a cycle with two semi-honest corruptions.On the other hand, we provide the first feasibility result for information-theoretic THC: for the class of cycle graphs, with a single semi-honest corruption. Given the strong impossibilities, we put forth a weaker definition of distributional-THC, where the graph is selected from some distribution (as opposed to worst-case). We present a formal separation between the definitions, by showing a distribution for which information theoretic distributional-THC is possible, but even topology-hiding broadcast is not possible information-theoretically with the standard definition.We demonstrate the power of our new definition via a new connection to adaptively secure low-locality MPC, where distributional-THC enables parties to “reuse” a secret low-degree communication graph even in the face of adaptive corruptions.

Original language	English (US)
Title of host publication	Theory of Cryptography - 17th International Conference, TCC 2019, Proceedings
Editors	Dennis Hofheinz, Alon Rosen
Publisher	Springer
Pages	502-530
Number of pages	29
ISBN (Print)	9783030360290
DOIs	https://doi.org/10.1007/978-3-030-36030-6_20
State	Published - 2019
Event	17th International Conference on Theory of Cryptography, TCC 2019 - Nuremberg, Germany Duration: Dec 1 2019 → Dec 5 2019

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	11891 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	17th International Conference on Theory of Cryptography, TCC 2019
Country/Territory	Germany
City	Nuremberg
Period	12/1/19 → 12/5/19

ASJC Scopus subject areas

Theoretical Computer Science
Computer Science(all)

Access to Document

10.1007/978-3-030-36030-6_20

Cite this

Ball, M., Boyle, E., Cohen, R., Malkin, T., & Moran, T. (2019). Is Information-Theoretic Topology-Hiding Computation Possible? In D. Hofheinz, & A. Rosen (Eds.), Theory of Cryptography - 17th International Conference, TCC 2019, Proceedings (pp. 502-530). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11891 LNCS). Springer. https://doi.org/10.1007/978-3-030-36030-6_20

Is Information-Theoretic Topology-Hiding Computation Possible? / Ball, Marshall; Boyle, Elette; Cohen, Ran et al.
Theory of Cryptography - 17th International Conference, TCC 2019, Proceedings. ed. / Dennis Hofheinz; Alon Rosen. Springer, 2019. p. 502-530 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11891 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Ball, M, Boyle, E, Cohen, R, Malkin, T & Moran, T 2019, Is Information-Theoretic Topology-Hiding Computation Possible? in D Hofheinz & A Rosen (eds), Theory of Cryptography - 17th International Conference, TCC 2019, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11891 LNCS, Springer, pp. 502-530, 17th International Conference on Theory of Cryptography, TCC 2019, Nuremberg, Germany, 12/1/19. https://doi.org/10.1007/978-3-030-36030-6_20

Ball M, Boyle E, Cohen R, Malkin T, Moran T. Is Information-Theoretic Topology-Hiding Computation Possible? In Hofheinz D, Rosen A, editors, Theory of Cryptography - 17th International Conference, TCC 2019, Proceedings. Springer. 2019. p. 502-530. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-36030-6_20

Ball, Marshall ; Boyle, Elette ; Cohen, Ran et al. / Is Information-Theoretic Topology-Hiding Computation Possible?. Theory of Cryptography - 17th International Conference, TCC 2019, Proceedings. editor / Dennis Hofheinz ; Alon Rosen. Springer, 2019. pp. 502-530 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{e32d15d0c8cb40ebaee84a2fd8266a6e,

title = "Is Information-Theoretic Topology-Hiding Computation Possible?",

abstract = "Topology-hiding computation (THC) is a form of multi-party computation over an incomplete communication graph that maintains the privacy of the underlying graph topology. Existing THC protocols consider an adversary that may corrupt an arbitrary number of parties, and rely on cryptographic assumptions such as DDH. In this paper we address the question of whether information-theoretic THC can be achieved by taking advantage of an honest majority. In contrast to the standard MPC setting, this problem has remained open in the topology-hiding realm, even for simple “privacy-free” functions like broadcast, and even when considering only semi-honest corruptions. We uncover a rich landscape of both positive and negative answers to the above question, showing that what types of graphs are used and how they are selected is an important factor in determining the feasibility of hiding topology information-theoretically. In particular, our results include the following. We show that topology-hiding broadcast (THB) on a line with four nodes, secure against a single semi-honest corruption, implies key agreement. This result extends to broader classes of graphs, e.g., THB on a cycle with two semi-honest corruptions.On the other hand, we provide the first feasibility result for information-theoretic THC: for the class of cycle graphs, with a single semi-honest corruption. Given the strong impossibilities, we put forth a weaker definition of distributional-THC, where the graph is selected from some distribution (as opposed to worst-case). We present a formal separation between the definitions, by showing a distribution for which information theoretic distributional-THC is possible, but even topology-hiding broadcast is not possible information-theoretically with the standard definition.We demonstrate the power of our new definition via a new connection to adaptively secure low-locality MPC, where distributional-THC enables parties to “reuse” a secret low-degree communication graph even in the face of adaptive corruptions.",

author = "Marshall Ball and Elette Boyle and Ran Cohen and Tal Malkin and Tal Moran",

note = "Funding Information: M. Ball{\textquoteright}s research supported by an IBM Research PhD Fellowship. Part of this work was completed while M. Ball was visiting IDC Herzliya{\textquoteright}s FACT center. M. Ball and T. Malkin{\textquoteright}s research is based upon work supported in part by the Office of the Director of National Intelligence (ODNI), Intelligence Advanced Research Projects Activity (IARPA) via Contract No. 2019-1902070006. E. Boyle{\textquoteright}s research supported by ISF grant 1861/16 and AFOSR Award FA9550-17-1-0069. R. Cohen{\textquoteright}s research supported by the Northeastern University Cybersecurity and Privacy Institute Post-doctoral fellowship, NSF grant TWC-1664445, NSF grant 1422965, and by the NSF MACS project. This work was supported in part by the Intelligence Advanced Research Project Activity (IARPA) under contract number 2019-19-020700009. T. Moran{\textquoteright}s research supported by the Bar-Ilan Cyber Center. The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of ODNI, IARPA, DoI/NBC, or the U.S. Government. The U.S. Government is authorized to reproduce and distribute reprints for Governmental purposes notwithstanding any copyright annotation thereon. Publisher Copyright: {\textcopyright} 2019, International Association for Cryptologic Research.; 17th International Conference on Theory of Cryptography, TCC 2019 ; Conference date: 01-12-2019 Through 05-12-2019",

year = "2019",

doi = "10.1007/978-3-030-36030-6_20",

language = "English (US)",

isbn = "9783030360290",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer",

pages = "502--530",

editor = "Dennis Hofheinz and Alon Rosen",

booktitle = "Theory of Cryptography - 17th International Conference, TCC 2019, Proceedings",