Non-Interactive Anonymous Router

被引:7
|
作者
Shi, Elaine [1 ]
Wu, Ke [1 ]
机构
[1] Carnegie Mellon Univ, Pittsburgh, PA 15213 USA
基金
美国国家科学基金会;
关键词
FUNCTIONAL ENCRYPTION; PRIVACY;
D O I
10.1007/978-3-030-77883-5_17
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Anonymous routing is one of the most fundamental online privacy problems and has been studied extensively for decades. Almost all known approaches for anonymous routing (e.g., mix-nets, DC-nets, and others) rely on multiple servers or routers to engage in some interactive protocol; and anonymity is guaranteed in the threshold model, i.e., if one or more of the servers/routers behave honestly. Departing from all prior approaches, we propose a novel non-interactive abstraction called a Non-Interactive Anonymous Router (NIAR), which works even with a single untrusted router. In a NIAR scheme, suppose that n senders each want to talk to a distinct receiver. A one-time trusted setup is performed such that each sender obtains a sending key, each receiver obtains a receiving key, and the router receives a token that "encrypts" the permutation mapping the senders to receivers. In every time step, each sender can encrypt its message using its sender key, and the router can use its token to convert the n ciphertexts received from the senders to n transformed ciphertexts. Each transformed ciphertext is delivered to the corresponding receiver, and the receiver can decrypt the message using its receiver key. Imprecisely speaking, security requires that the untrusted router, even when colluding with a subset of corrupt senders and/or receivers, should not be able to compromise the privacy of honest parties, including who is talking to who, and the message contents. We show how to construct a communication-efficient NIAR scheme with provable security guarantees based on the standard Decision Linear assumption in suitable bilinear groups. We show that a compelling application of NIAR is to realize a Non-Interactive Anonymous Shuffler (NIAS), where an untrusted server or data analyst can only decrypt a permuted version of the messages coming from n senders where the permutation is hidden. NIAS can be adopted to construct privacy-preserving surveys, differentially private protocols in the shuffle model, and pseudonymous bulletin boards. Besides this main result, we also describe a variant that achieves fault tolerance when a subset of the senders may crash. Finally, we further explore a paranoid notion of security called full insider protection, and show that if we additionally assume sub-exponentially secure Indistin-guishability Obfuscation and as sub-exponentially secure one-way functions, one can construct a NIAR scheme with paranoid security.
引用
收藏
页码:489 / 520
页数:32
相关论文
共 50 条
  • [31] Towards Non-interactive Witness Hiding
    Kuykendall, Benjamin
    Zhandry, Mark
    [J]. THEORY OF CRYPTOGRAPHY, TCC 2020, PT I, 2020, 12550 : 627 - 656
  • [32] Non-interactive proofs for integer multiplication
    Damgard, Ivan
    Thorbek, Rune
    [J]. ADVANCES IN CRYPTOLOGY - EUROCRYPT 2007, 2007, 4515 : 412 - +
  • [33] On Non-Interactive Simulation of Joint Distributions
    Kamath, Sudeep
    Anantharam, Venkat
    [J]. IEEE TRANSACTIONS ON INFORMATION THEORY, 2016, 62 (06) : 3419 - 3435
  • [34] Robust non-interactive oblivious transfer
    Mu, Y
    Zhang, JQ
    Varadharajan, V
    Lin, YX
    [J]. IEEE COMMUNICATIONS LETTERS, 2003, 7 (04) : 153 - 155
  • [35] Proactive RSA with non-interactive signing
    Jarecki, Stanislaw
    Olsen, Josh
    [J]. FINANCIAL CRYPTOGRAPHY AND DATA SECURITY, 2008, 5143 : 215 - 230
  • [36] Short non-interactive cryptographic proofs
    Boyar, J
    Damgård, I
    Peralta, R
    [J]. JOURNAL OF CRYPTOLOGY, 2000, 13 (04) : 449 - 472
  • [37] Non-interactive Mimblewimble Transactions, Revisited
    Fuchsbauer, Georg
    Orru, Michele
    [J]. ADVANCES IN CRYPTOLOGY- ASIACRYPT 2022, PT I, 2022, 13791 : 713 - 744
  • [38] Succinct Non-interactive Secure Computation
    Morgan, Andrew
    Pass, Rafael
    Polychroniadou, Antigoni
    [J]. ADVANCES IN CRYPTOLOGY - EUROCRYPT 2020, PT II, 2020, 12106 : 216 - 245
  • [39] Jackpot: Non-interactive Aggregatable Lotteries
    Fleischhacker, Nils
    Hall-Andersen, Mathias
    Simkin, Mark
    Wagner, Benedikt
    [J]. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), (365-397):
  • [40] Short Non-Interactive Cryptographic Proofs
    Joan Boyar
    Ivan Damgård
    René Peralta
    [J]. Journal of Cryptology, 2000, 13 : 449 - 472