Paper 2020/1392

Function Secret Sharing for Mixed-Mode and Fixed-Point Secure Computation

Elette Boyle, Nishanth Chandran, Niv Gilboa, Divya Gupta, Yuval Ishai, Nishant Kumar, and Mayank Rathee

Abstract

Boyle et al. (TCC 2019) proposed a new approach for secure computation in the preprocessing model building on function secret sharing (FSS), where a gate $g$ is evaluated using an FSS scheme for the related offset family $g_r(x)=g(x+r)$. They further presented efficient FSS schemes based on any pseudorandom generator (PRG) for the offset families of several useful gates $g$ that arise in "mixed-mode'' secure computation. These include gates for zero test, integer comparison, ReLU, and spline functions. The FSS-based approach offers significant savings in online communication and round complexity compared to alternative techniques based on garbled circuits or secret sharing. In this work, we improve and extend the previous results of Boyle et al. by making the following three kinds of contributions: - Improved Key Size: The preprocessing and storage costs of the FSS-based approach directly depend on the FSS key size. We improve the key size of previous constructions through two steps. First, we obtain roughly 4x reduction in key size for Distributed Comparison Function (DCF), i.e., FSS for the family of functions $f^<_a_,_b(x)$ that output $b$ if $x < a$ and $0$ otherwise. DCF serves as a central building block in the constructions of Boyle et al. Second, we improve the number of DCF instances required for realizing useful gates $g$. For example, whereas previous FSS schemes for ReLU and $m$-piece spline required 2 and $2m$ DCF instances, respectively, ours require only a single instance of DCF in both cases. This improves the FSS key size by 6-22x for commonly used gates such as ReLU and sigmoid. - New Gates: We present the first PRG-based FSS schemes for arithmetic and logical shift gates, as well as for bit-decomposition where both the input and outputs are shared over $Z_N$ for $N = 2^n$. These gates are crucial for many applications related to fixed-point arithmetic and machine learning. - A Barrier: The above results enable a 2-round PRG-based secure evaluation of "multiply-then-truncate,'' a central operation in fixed-point arithmetic, by sequentially invoking FSS schemes for multiplication and shift. We identify a barrier to obtaining a 1-round implementation via a single FSS scheme, showing that this would require settling a major open problem in the area of FSS: namely, a PRG-based FSS for the class of bit-conjunction functions.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Keywords
Secure computationcorrelated randomnessfunction secret sharing
Contact author(s)
eboyle @ alum mit edu
nichandr @ microsoft com
niv gilboa @ gmail com
divya gupta @ microsoft com
yuval ishai @ gmail com
nkumar13 @ illinois edu
t-may @ microsoft com
History
2020-11-10: received
Short URL
https://ia.cr/2020/1392
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/1392,
      author = {Elette Boyle and Nishanth Chandran and Niv Gilboa and Divya Gupta and Yuval Ishai and Nishant Kumar and Mayank Rathee},
      title = {Function Secret Sharing for Mixed-Mode and Fixed-Point Secure Computation},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/1392},
      year = {2020},
      url = {https://eprint.iacr.org/2020/1392}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.