Abstract: Byzantine Fault Tolerant protocols in the synchronous setting have often been considered impractical due to the strong synchrony assumption. On the flip side, synchronous protocols can be used to tolerate up to one-half Byzantine faults. In this talk, I will explain my journey towards improving synchronous protocols, both in theory and practice.

Abstract: Decentralized Identity Foundation (DIF) is a collection of international organizations that focuses on building an open ecosystem for self-owned decentralized identity (DID). Microsoft is an important member of DIF and is working on building protocols, infrastructure and open source libraries for the DID ecosystem. As a part of this effort, I worked on building a self owned cryptographic key management scheme and a zero-knowledge credentials scheme. The key management library has already been open sourced. For this talk, I will spend most of time discussing the key management scheme and the wonderful collaborative effort in it that brought together developers, cryptography and security researchers and standards people. Then I will briefly talk about the zero knowledge credentials project highlighting the new requirements and challenges that the DID ecosystem brings out in using traditional zero-knowledge credential schemes.

Abstract: Blockchain is a shared, replicated, immutable transaction ledger which is maintained by a distributed network of nodes. The transactions in the ledger are grouped into blocks that includes a hash that binds the block to its preceding block, thus creating an immutable chain of blocks. Blockchain networks can be primarily categorized into Permissionless and Permissioned networks. In a Permissionless blockchain all the participants are anonymous and hence do not have trust in each other. The only source of trust is that the state of the blockchain, prior to a certain depth, is immutable. On the other hand Permissioned blockchain operates amongst a set of known and identified participants operating under a governance model, which provides a certain degree of trust. This talk will provide a technical deep dive on Hyperledger Fabric, which is an enterprise grade permissioned distributed ledger framework for developing solutions and applications. Hyperledger Fabric has a highly modular and configurable architecture, enabling innovation, versatility and optimization for a broad range of industry use cases including banking, finance, insurance, health care etc. Hyperledger Fabric is the first distributed ledger platform to support smart contracts authored in general-purpose programming languages such as Java, Go and Node.js, rather than constrained domain-specific languages (DSL). Hyperledger Fabric introduces a new architecture for transactions i.e. execute-order-validate, which addresses the resiliency, flexibility, scalability, performance and confidentiality challenges faced by the order-execute model. Hyperledger fabric takes a unique approach to consensus which enables performance and scalability while preserving privacy.

Abstract: Blockchain technology provides greater transparency and security in carrying out business transactions by maintaining immutable transaction records within a distributed network of mutually untrusting entities. A secure distributed consensus protocol is used for maintaining the ledger and blockchain has a framework for automatically executing smart contracts based on the state of the distributed ledger. Blockchain technology has been seen as a very promising technology in supply chain as well as financial services industry. Applications related to product traceability, international trade finance, paperless trade, etc. are the initial ones that have gone into production. This talk will provide an overview of blockchain solutions we have developed for various industries. We will also discuss some of the recent trends and interesting research problems in this space.

Abstract: The issue of scalability has been restricting blockchain from its widespread adoption. The current transaction rate of bitcoin is around 7 tx/sec while its size has crossed the 300 GB mark. Although many approaches propose different ways to scale blockchain, e.g., sharding, lightning network, etc., we focus our analysis on methods utilizing ideas from coding theory. We first consider POLYSHARD, which introduces the notion of coded-sharding. However innovative, POLYSHARD requires decoding of Reed-Solomon codes over large fields for block verification in real-world settings, making it computationally intensive and less practical. We propose replacing the decoding phase with verifiable computing, which reduces the bottleneck and makes the system practical for light verification functions. The other work we examine is Sef, a blockchain archiving architecture utilizing LT codes to reduce storage constraints per node up to 1000x. Sef enables full nodes to store only a small number of encoded blocks or droplets instead of an entire blockchain. Although efficient in the average case, the architecture sometimes requires large bandwidth (many droplets) to reconstruct blockchain. While other rate-less coding strategies utilizing two encoding levels are proven better than LT codes, we investigate their suitability in the proposed architecture. We propose and simulate three techniques about how to incorporate these coding strategies. The results show that precode based rate-less coding schemes provide similar storage savings with reduced bandwidth variance for recovery.

Abstract: Performing ML computation on private data while maintaining data privacy, aka Privacy-preserving Machine Learning (PPML), is an emergent field of research. Recently, PPML has seen a visible shift towards the adoption of the Secure Outsourced Computation (SOC) paradigm due to the heavy computation that it entails. In the SOC paradigm, computation is outsourced to a set of powerful and specially equipped servers that provide service on a pay-per-use basis. In this work, we propose SWIFT, a robust PPML framework for a range of ML algorithms in SOC setting, that guarantees output delivery to the users irrespective of any adversarial behaviour. Robustness, a highly desirable feature, evokes user participation without the fear of denial of service. At the heart of our framework lies a highly-efficient, maliciously-secure, three-party computation (3PC) over rings that provides guaranteed output delivery (GOD) in the honest majority setting. To the best of our knowledge, SWIFT is the first robust and efficient PPML framework in the 3PC setting. SWIFT is as fast as (and is strictly better in some cases than) the best-known 3PC framework BLAZE (Patra et al. NDSS’20), which only achieves fairness. We extend our 3PC framework for four parties (4PC). In this regime, SWIFT is as fast as the best known fair 4PC framework Trident (Chaudhari et al. NDSS’20) and twice faster than the best-known robust 4PC framework FLASH (Byali et al. PETS’20). We demonstrate our framework’s practical relevance by benchmarking popular ML algorithms such as Logistic Regression and deep Neural Networks such as VGG16 and LeNet, both over a 64-bit ring in a WAN setting. For deep NN, our results testify to our claims that we provide improved security guarantee while incurring no additional overhead for 3PC and obtaining 2× improvement for 4PC.

Abstract: Secure Multi-party Computation (MPC) allows a set of mutually distrusting parties to jointly evaluate a function on their private inputs while maintaining input privacy. In this work, we improve semi-honest secure two-party computation (2PC) over rings, with a focus on the efficiency of the online phase. We propose an efficient mixed-protocol framework, outperforming the state-of-the-art 2PC framework of ABY. Moreover, we extend our techniques to multi- input multiplication gates without inflating the online communication, i.e., it remains independent of the fan-in. Along the way, we construct efficient protocols for several primitives such as scalar product, matrix multiplication, comparison, maxpool, and equality testing. The online communication of our scalar product is two ring elements irrespective of the vector dimension, which is a feature achieved for the first time in the 2PC literature. The practicality of our new set of protocols is showcased with four applications: i) AES S-box, ii) Circuit-based Private Set Intersection, iii) Biometric Matching, and iv) Privacy- preserving Machine Learning (PPML). Most notably, for PPML, we implement and benchmark training and inference of Logistic Regression and Neural Networks over LAN and WAN networks. For training, we improve online runtime (both for LAN and WAN) over SecureML (Mohassel et al., IEEE S&P’17) in the range 1.5x-6.1x, while for inference, the improvements are in the range of 2.5x-754.3x.

Abstract: The classical notion of multiparty computation (MPC) defines security by modeling distrust as a centralized adversary corrupting parties, while considering the rest of the parties purely honest. It does not consider an honest party learning private inputs of others, either as a part of the protocol specification or due to a malicious party’s unspecified messages, as a potential breach. Although several works in the literature have exploited this seemingly minor loophole to achieve the strongest security of guaranteed output delivery (GOD), it nullifies the actual purpose of MPC. In many real-world scenarios such as privacy-preserving Machine Learning (PPML), such an information leak is arguably undesirable. The recent notion of Friends and Foes (FaF) security (CRYPTO 2020) accounts for such unwanted leakage towards the honest parties, by modeling them to be under the control of a semi-honest adversary (friend) that does not collude with the malicious adversary (foe) and by requiring security against both separately. Since this notion models practical scenarios closely, it is imperative to design protocols conforming to this notion, especially for the rapidly growing area of MPC with small number of parties and application domains such as PPML.

In this work, we present QuadSquad, a ring-based 4PC protocol, which achieves GOD in the FaF security model, with an optimal corruption of 1 malicious and 1 semi-honest party. To the best of our knowledge, QuadSquad is the first practically-efficient protocol in the FaF model. Our base construction offers fairness, which is then extended to GOD using additional techniques. QuadSquad has performance comparable to the state-of-the-art dishonest majority protocols while improving the security guarantee from abort to GOD. Further, QuadSquad elevates the security (by tackling stronger adversarial model) over the state-of-the-art honest-majority protocols, while offering a comparable performance for the input-dependent computation part. We demonstrate the practicality of QuadSquad by benchmarking PPML inference for Neural Networks over a WAN setting and using a 64-bit ring.

Topic: Social Network Analysis using MPC

Abstract: In order to disseminate information in a social network, it is important to first identify the influential spreaders in the network. Using them as the seed spreaders, the aim is to ensure that the information is cascaded throughout the network. The traditional approach to identifying influential nodes is to determine the top-r ranked nodes in accordance with various ranking methods such as PageRank, k-Shell decomposition, ClusterRank and VoteRank. In the current work, we study the problem of ranking the nodes when the underlying graph is distributedly held by a set of individuals, who consider their share of the data as private information. In particular, we design efficient secure multiparty computation (MPC) protocols for k-Shell decomposition, PageRank and VoteRank. For improved efficiency, we employ the oblivious RAM construct in conjunction with efficient data-oblivious graph data structures. We are the first to propose a secure variant of the VoteRank algorithm. We prove that the proposed protocols are asymptotically more efficient and have lower runtime in practice than the previous best known MPC protocols for computing k-Shell decomposition and PageRank centrality scores.