MN
M. Nateghizad
info
Please Note
<p>This page displays the records of the person named above and is not linked to a unique person identifier. This record may need to be merged to a profile.</p>
12 records found
1
SET-OT
A Secure Equality Testing Protocol Based on Oblivious Transfer
We propose a new secure equality testing (SET) protocol, namely SET-OT, for two-party setting by using a recently introduced Private Set Membership Protocol (PSM) based on Oblivious Transfer (OT) as a building block. We designed our equality test in such a way that the test result will not be revealed in clear text, which is desired in several cryptographic protocols. The advantage of using OT is that with the help of OT Extension (OTE) protocols, the cost of asymmetric operations per OT operations reduces when the number of OT executions increases. This makes our protocol competitive especially for the cases where the number of equality tests to be invoked is high. When the number of equality test increases, the time complexity of SET-OT converges to one asymmetric key decryption operation, this operation is the dominant part in terms of computational cost. SET-OT has a better performance in terms of the communication rounds and data transmission cost than state-of-the-art solutions: three communication rounds and 2.9 KB of data transmission are the communication costs of performing equality testing protocol for 20-bit string pairs. In addition to our complexity analysis, we also present test results to validate our claim on performance.
...
We propose a new secure equality testing (SET) protocol, namely SET-OT, for two-party setting by using a recently introduced Private Set Membership Protocol (PSM) based on Oblivious Transfer (OT) as a building block. We designed our equality test in such a way that the test result will not be revealed in clear text, which is desired in several cryptographic protocols. The advantage of using OT is that with the help of OT Extension (OTE) protocols, the cost of asymmetric operations per OT operations reduces when the number of OT executions increases. This makes our protocol competitive especially for the cases where the number of equality tests to be invoked is high. When the number of equality test increases, the time complexity of SET-OT converges to one asymmetric key decryption operation, this operation is the dominant part in terms of computational cost. SET-OT has a better performance in terms of the communication rounds and data transmission cost than state-of-the-art solutions: three communication rounds and 2.9 KB of data transmission are the communication costs of performing equality testing protocol for 20-bit string pairs. In addition to our complexity analysis, we also present test results to validate our claim on performance.
A novel approach for data packing
Using trapdoor knapsack
Processing encrypted data is a well-known solution when protecting privacy-sensitive data from untrusted processing units. However, data expansion, as a result of data encryption, makes undesired computational and communicational overheads in the cryptographic applications. Data packing is one of the useful tools to minimize the overheads. In this work, we introduce a novel approach for packing encrypted data based on the subset sum problem. We show that our data packing achieve high performance in reducing the overheads and it is significantly more efficient than existing techniques. Moreover, we show that our approach perfectly matches with secure searching protocols for secure data retrieval.
...
Processing encrypted data is a well-known solution when protecting privacy-sensitive data from untrusted processing units. However, data expansion, as a result of data encryption, makes undesired computational and communicational overheads in the cryptographic applications. Data packing is one of the useful tools to minimize the overheads. In this work, we introduce a novel approach for packing encrypted data based on the subset sum problem. We show that our data packing achieve high performance in reducing the overheads and it is significantly more efficient than existing techniques. Moreover, we show that our approach perfectly matches with secure searching protocols for secure data retrieval.
In order to achieve practical e-healthcare systems, five requirements should be addressed, namely 1) availability, 2) integrity, 3) accuracy, 4) confidentiality, and 5) efficiency. Using remote computer storage and processing services satisfies availability, integrity, and efficiency. However, it introduces privacy concerns regarding the leakage of private medical data to unauthorized parties, which violates GDPR. Data encryption is one of the widely used techniques to address those privacy concerns in e-healthcare systems. Although data encryption provides data confidentiality, while the accuracy and integrity of the data are preserved, it introduces computation and communication overheads that downgrade the efficiency of the e-healthcare systems.
To precisely find the bottlenecks in achieving privacy-preserving e-healthcare systems, we design three real-life e-healthcare scenarios. The scenarios are different in terms of the number of parties used in the system, the way that data are stored (centralized or distributed), and encryption key setting (single-key or multiple-key). Then, we identify the challenges and required cryptographic protocols for each scenario. Afterward, we investigate the performance of several applications that are using the same identified cryptographic protocols. We show that the existing cryptographic protocols, which are required for our scenarios, are dominating the computation and communication costs of the applications.
To address the challenges in the single-key setting, we improve the existing core building blocks, comparison, and equality testing, and develop new protocols to mitigate the overall costs of e-healthcare systems. We show that data filtering and retrieval protocols are still highly resource demanding, even though efficient building blocks are used. Thus, we develop a new secure indexing protocol that reduces the data filtering cost significantly. Moreover, we develop a novel data packing technique to achieve an efficient data retrieval protocol by using our indexing protocol. For themultiple-key setting, we introduce a homomorphic proxy re-encryption scheme. Our encryption scheme
has several properties such as an unlimited number of re-encryption, supporting homomorphism after each re-encryption, one-direction re-encryption, and non-interactive re-encryption key generation. Afterward, we use our encryption scheme for data filtering in the multiple-key setting and evaluate its performance.
The results of the performance analysis of our protocols show that improving core building blocks can significantly decrease both computation and communication costs of the cryptographic applications. Moreover, we show that developing techniques such as data packing and indexing can limit the number of homomorphic operations considerably, and consequently, mitigate the overall computation and communication costs of the cryptographic applications.
...
In order to achieve practical e-healthcare systems, five requirements should be addressed, namely 1) availability, 2) integrity, 3) accuracy, 4) confidentiality, and 5) efficiency. Using remote computer storage and processing services satisfies availability, integrity, and efficiency. However, it introduces privacy concerns regarding the leakage of private medical data to unauthorized parties, which violates GDPR. Data encryption is one of the widely used techniques to address those privacy concerns in e-healthcare systems. Although data encryption provides data confidentiality, while the accuracy and integrity of the data are preserved, it introduces computation and communication overheads that downgrade the efficiency of the e-healthcare systems.
To precisely find the bottlenecks in achieving privacy-preserving e-healthcare systems, we design three real-life e-healthcare scenarios. The scenarios are different in terms of the number of parties used in the system, the way that data are stored (centralized or distributed), and encryption key setting (single-key or multiple-key). Then, we identify the challenges and required cryptographic protocols for each scenario. Afterward, we investigate the performance of several applications that are using the same identified cryptographic protocols. We show that the existing cryptographic protocols, which are required for our scenarios, are dominating the computation and communication costs of the applications.
To address the challenges in the single-key setting, we improve the existing core building blocks, comparison, and equality testing, and develop new protocols to mitigate the overall costs of e-healthcare systems. We show that data filtering and retrieval protocols are still highly resource demanding, even though efficient building blocks are used. Thus, we develop a new secure indexing protocol that reduces the data filtering cost significantly. Moreover, we develop a novel data packing technique to achieve an efficient data retrieval protocol by using our indexing protocol. For themultiple-key setting, we introduce a homomorphic proxy re-encryption scheme. Our encryption scheme
has several properties such as an unlimited number of re-encryption, supporting homomorphism after each re-encryption, one-direction re-encryption, and non-interactive re-encryption key generation. Afterward, we use our encryption scheme for data filtering in the multiple-key setting and evaluate its performance.
The results of the performance analysis of our protocols show that improving core building blocks can significantly decrease both computation and communication costs of the cryptographic applications. Moreover, we show that developing techniques such as data packing and indexing can limit the number of homomorphic operations considerably, and consequently, mitigate the overall computation and communication costs of the cryptographic applications.
Conference paper
(2019)
-
Mina Sheikhalishahi, Majid Nateghizad, Fabio Martinelli, Zekeriya Erkin, Marco Loog
Adversarial instances are malicious inputs designed to fool machine learning models. In particular, motivated and sophisticated attackers intentionally design adversarial instances to evade classifiers which have been trained to detect security violation, such as malware detection. While the existing approaches provide effective solutions in detecting and defending adversarial samples, they fail to detect them when they are encrypted. In this study, a novel framework is proposed which employs statistical test to detect adversarial instances, when data under analysis are encrypted. An experimental evaluation of our approach shows its practical feasibility in terms of computation cost.
...
Adversarial instances are malicious inputs designed to fool machine learning models. In particular, motivated and sophisticated attackers intentionally design adversarial instances to evade classifiers which have been trained to detect security violation, such as malware detection. While the existing approaches provide effective solutions in detecting and defending adversarial samples, they fail to detect them when they are encrypted. In this study, a novel framework is proposed which employs statistical test to detect adversarial instances, when data under analysis are encrypted. An experimental evaluation of our approach shows its practical feasibility in terms of computation cost.
The significant growth of medical data has necessitated the development of secure health-care recommender systems to assist people with their health-being effectively. Unfortunately, there is still a considerable gap between the performance of secure recommender systems and normal versions. In this work, we develop a privacy-preserving health-care recommendation algorithm to reduce that gap. The main strength of our contribution lies in providing a highly efficient solution, while the sensitive medical data are kept confidential. Our studies show that the runtime of our protocol is 81,5% faster than the existing implementation for small bit-lengths, and even more so for large bit-lengths.
...
The significant growth of medical data has necessitated the development of secure health-care recommender systems to assist people with their health-being effectively. Unfortunately, there is still a considerable gap between the performance of secure recommender systems and normal versions. In this work, we develop a privacy-preserving health-care recommendation algorithm to reduce that gap. The main strength of our contribution lies in providing a highly efficient solution, while the sensitive medical data are kept confidential. Our studies show that the runtime of our protocol is 81,5% faster than the existing implementation for small bit-lengths, and even more so for large bit-lengths.
The availability of wearable devices such as smartwatches and fitness trackers are a recent development. Among other things, these devices can measure the activity and vital signs of their wearers. As the types of data these devices are able to gather increases the potential for them to be used as a source of data grows. This calls for a secure method of controlling the digital exchange of medical data between wearables and healthcare providers, and healthcare providers in general. By enforcing the exchange of data to go through a central authority, a patient can be given more control over who is able to access his medical data. This central authority is then given the task of monitoring access and ensuring that all access requirements are met. Though effective, this solution relies on a highly trusted central authority. In this work, we propose a scheme using Polymorphic Encryption and Pseudonomysation and Secret Sharing to provide anonymous data storage and data exchange. Our propos al removes the need for a central authority, and instead uses a group of authorities, of which a quorum is needed to facilitate the exchange of data.
...
The availability of wearable devices such as smartwatches and fitness trackers are a recent development. Among other things, these devices can measure the activity and vital signs of their wearers. As the types of data these devices are able to gather increases the potential for them to be used as a source of data grows. This calls for a secure method of controlling the digital exchange of medical data between wearables and healthcare providers, and healthcare providers in general. By enforcing the exchange of data to go through a central authority, a patient can be given more control over who is able to access his medical data. This central authority is then given the task of monitoring access and ensuring that all access requirements are met. Though effective, this solution relies on a highly trusted central authority. In this work, we propose a scheme using Polymorphic Encryption and Pseudonomysation and Secret Sharing to provide anonymous data storage and data exchange. Our propos al removes the need for a central authority, and instead uses a group of authorities, of which a quorum is needed to facilitate the exchange of data.
Protocols for securely testing the equality of two encrypted integers are common building blocks for a number of proposals in the literature that aim for privacy preservation. Being used repeatedly in many cryptographic protocols, designing efficient equality testing protocols is important in terms of computation and communication overhead. In this work, we consider a scenario with two parties where party A has two integers encrypted using an additively homomorphic scheme and party B has the decryption key. Party A would like to obtain an encrypted bit that shows whether the integers are equal or not but nothing more. We propose three secure equality testing protocols, which are more efficient in terms of communication, computation or both compared to the existing work. To support our claims, we present experimental results, which show that our protocols achieve up to 99% computation-wise improvement compared to the state-of-the-art protocols in a fair experimental set-up
...
Protocols for securely testing the equality of two encrypted integers are common building blocks for a number of proposals in the literature that aim for privacy preservation. Being used repeatedly in many cryptographic protocols, designing efficient equality testing protocols is important in terms of computation and communication overhead. In this work, we consider a scenario with two parties where party A has two integers encrypted using an additively homomorphic scheme and party B has the decryption key. Party A would like to obtain an encrypted bit that shows whether the integers are equal or not but nothing more. We propose three secure equality testing protocols, which are more efficient in terms of communication, computation or both compared to the existing work. To support our claims, we present experimental results, which show that our protocols achieve up to 99% computation-wise improvement compared to the state-of-the-art protocols in a fair experimental set-up
It is astonishing to see more and more services built on user-oriented data, providing numerous tools to improve ones daily life. Nowadays, data collected from numerous sources is being used to monitor daily activities, i.e., monitoring patients. These innovations allow for more cost-efficient and scalable solutions. Nevertheless, these types of services can pose a threat to the privacy of individuals due to the possibility of leaking highly privacy-sensitive data. Therefore, it is essential to design such systems in a privacy-preserving manner. Inspired by a real-life project in the health-care domain, we propose to secure the data using encryption, while enabling the involved parties to run queries directly on this encrypted data. A vital component of such a system is searching for specific data entries within a large dataset. In this work, we present two cryptographic protocols that complete such a query by creating an encrypted vector in a simulation secure way. These vectors cons ist of a 1 for intended database entry, whereas other items would be represented as a 0. By creating index tables before the execution of the queries, it has become possible to execute a search query with high performance. As we show in our analyses, it takes less than one second to find the matching encrypted data-entry within a database with 100K records. Our proposal is generic, can be applied to several application domains, and practically compared to similar works.
...
It is astonishing to see more and more services built on user-oriented data, providing numerous tools to improve ones daily life. Nowadays, data collected from numerous sources is being used to monitor daily activities, i.e., monitoring patients. These innovations allow for more cost-efficient and scalable solutions. Nevertheless, these types of services can pose a threat to the privacy of individuals due to the possibility of leaking highly privacy-sensitive data. Therefore, it is essential to design such systems in a privacy-preserving manner. Inspired by a real-life project in the health-care domain, we propose to secure the data using encryption, while enabling the involved parties to run queries directly on this encrypted data. A vital component of such a system is searching for specific data entries within a large dataset. In this work, we present two cryptographic protocols that complete such a query by creating an encrypted vector in a simulation secure way. These vectors cons ist of a 1 for intended database entry, whereas other items would be represented as a 0. By creating index tables before the execution of the queries, it has become possible to execute a search query with high performance. As we show in our analyses, it takes less than one second to find the matching encrypted data-entry within a database with 100K records. Our proposal is generic, can be applied to several application domains, and practically compared to similar works.
Many countries around the globe are investing on e-healthcare increasingly, which offers tremendous benefits to all stakeholders in healthcare. Nevertheless, this technology introduces unprecedented privacy concerns toward patients and raise more uncertainty among them to use e-healthcare for monitoring their vital signs. These concerns necessitate finding scientific solutions, which enable e-healthcare systems to process and analyze privacy-sensitive information, and offer services to the patients without violating their privacy. One of the approaches to address the privacy concerns is utilizing cryptographic techniques, which provide us tools to create Privacy-by-Design e-healthcare systems. Moreover, cryptographic solutions allow to process patients’ private information, while they are kept confidential and only known to the patients. Although using cryptographic technique is effective in providing privacy and processing private information, it results in high computational and communicational overhead. In fact, the current cryptographic building-blocks are not efficient enough for processing encrypted data in large-scale databases. In this paper, we address one of the highly used cryptographic building-blocks, which is checking the equality of two encrypted values. We investigate through the performance of the state-of-the-art secure equality tests and propose novel techniques to reduce their costs in terms of computation and communication. Then, through the complexity analysis and experimental results, we show 99% improvements in terms of computation is achieved. These improvements make the e-healthcare systems more attractive in terms of efficiency and in reach of practical applicability.
...
Many countries around the globe are investing on e-healthcare increasingly, which offers tremendous benefits to all stakeholders in healthcare. Nevertheless, this technology introduces unprecedented privacy concerns toward patients and raise more uncertainty among them to use e-healthcare for monitoring their vital signs. These concerns necessitate finding scientific solutions, which enable e-healthcare systems to process and analyze privacy-sensitive information, and offer services to the patients without violating their privacy. One of the approaches to address the privacy concerns is utilizing cryptographic techniques, which provide us tools to create Privacy-by-Design e-healthcare systems. Moreover, cryptographic solutions allow to process patients’ private information, while they are kept confidential and only known to the patients. Although using cryptographic technique is effective in providing privacy and processing private information, it results in high computational and communicational overhead. In fact, the current cryptographic building-blocks are not efficient enough for processing encrypted data in large-scale databases. In this paper, we address one of the highly used cryptographic building-blocks, which is checking the equality of two encrypted values. We investigate through the performance of the state-of-the-art secure equality tests and propose novel techniques to reduce their costs in terms of computation and communication. Then, through the complexity analysis and experimental results, we show 99% improvements in terms of computation is achieved. These improvements make the e-healthcare systems more attractive in terms of efficiency and in reach of practical applicability.
In recent years we have seen a rise in the amount of fitness tracking and self monitoring devices. These devices which often work in conjunction with a smartphone are becoming more accurate and are becoming widely adopted. This trend goes hand in hand with Electronic Health Care (e-health): the shift of health care to the digital domain. E-health would allow patients to measure their medical condition at home, allowing a diagnosis to be made based on measurements taken over a longer period of time, while reducing the work performed by a doctor. Measurements are tored in the cloud, simplifying the way in which they can be shared with healthcare providers and possibly research nstitutions. Modernizing healthcare this way should give the patient more insight and control over his/her healthcare and medical data. Furthermore the amount of visits required to the hospital can be reduced, an endeavor which can be demanding for many less fit for elderly individuals.
However, handling medical data this way causes concern for privacy. Often the data handled by these devices is very sensitive and could easily be used to identify the user and monitor many of their behaviours. In order to achieve privacy there are several approaches. One way is to enforce involved parties through legislation to use the data for specific purposes only. However, this relies on the party being semi-trusted and does not guarantee safety in case of a data-breach.
In this work the way in which the integration of wearables into the medical domain is currently taking place and how privacy and security is handled will be explored. Furthermore we will show the current state of research regarding improving this security. ...
However, handling medical data this way causes concern for privacy. Often the data handled by these devices is very sensitive and could easily be used to identify the user and monitor many of their behaviours. In order to achieve privacy there are several approaches. One way is to enforce involved parties through legislation to use the data for specific purposes only. However, this relies on the party being semi-trusted and does not guarantee safety in case of a data-breach.
In this work the way in which the integration of wearables into the medical domain is currently taking place and how privacy and security is handled will be explored. Furthermore we will show the current state of research regarding improving this security. ...
In recent years we have seen a rise in the amount of fitness tracking and self monitoring devices. These devices which often work in conjunction with a smartphone are becoming more accurate and are becoming widely adopted. This trend goes hand in hand with Electronic Health Care (e-health): the shift of health care to the digital domain. E-health would allow patients to measure their medical condition at home, allowing a diagnosis to be made based on measurements taken over a longer period of time, while reducing the work performed by a doctor. Measurements are tored in the cloud, simplifying the way in which they can be shared with healthcare providers and possibly research nstitutions. Modernizing healthcare this way should give the patient more insight and control over his/her healthcare and medical data. Furthermore the amount of visits required to the hospital can be reduced, an endeavor which can be demanding for many less fit for elderly individuals.
However, handling medical data this way causes concern for privacy. Often the data handled by these devices is very sensitive and could easily be used to identify the user and monitor many of their behaviours. In order to achieve privacy there are several approaches. One way is to enforce involved parties through legislation to use the data for specific purposes only. However, this relies on the party being semi-trusted and does not guarantee safety in case of a data-breach.
In this work the way in which the integration of wearables into the medical domain is currently taking place and how privacy and security is handled will be explored. Furthermore we will show the current state of research regarding improving this security.
However, handling medical data this way causes concern for privacy. Often the data handled by these devices is very sensitive and could easily be used to identify the user and monitor many of their behaviours. In order to achieve privacy there are several approaches. One way is to enforce involved parties through legislation to use the data for specific purposes only. However, this relies on the party being semi-trusted and does not guarantee safety in case of a data-breach.
In this work the way in which the integration of wearables into the medical domain is currently taking place and how privacy and security is handled will be explored. Furthermore we will show the current state of research regarding improving this security.
Secure equality testing of two private values is one of the fundamental building blocks of many cryptographic protocols designed for Signal Processing in the Encrypted Domain (SPED). Existing protocols introduce significant amount of computation and computational overhead, which makes it essential to search for new and novel, efficient equality tests for the design of SPED algorithms. In this paper, we first describe the state-of-The-Art equality tests, and then propose two cryptographic protocols which are significantly more efficient than the existing work. Our proposals achieve high performance due to algorithmic changes and successful deployment of data packing. Furthermore, we also present a novel secure exponentiation protocol as a part of our first equality test. Complexity and performance analyses clearly indicate the high efficiency of our protocols in terms of computation cost.
...
Secure equality testing of two private values is one of the fundamental building blocks of many cryptographic protocols designed for Signal Processing in the Encrypted Domain (SPED). Existing protocols introduce significant amount of computation and computational overhead, which makes it essential to search for new and novel, efficient equality tests for the design of SPED algorithms. In this paper, we first describe the state-of-The-Art equality tests, and then propose two cryptographic protocols which are significantly more efficient than the existing work. Our proposals achieve high performance due to algorithmic changes and successful deployment of data packing. Furthermore, we also present a novel secure exponentiation protocol as a part of our first equality test. Complexity and performance analyses clearly indicate the high efficiency of our protocols in terms of computation cost.
In smart grids, providing power consumption statistics to the customers and generating recommendations for managing electrical devices are considered to be effective methods that can help to reduce energy consumption. Unfortunately, providing power consumption statistics and generating recommendations rely on highly privacy-sensitive smart meter consumption data. From the past experience, we see that it is essential to find scientific solutions that enable the utility providers to provide such services for their customers without damaging customers’ privacy. One effective approach relies on cryptography, where sensitive data is only given in the encrypted form to the utility provider and is processed under encryption without leaking content. The proposed solutions using this approach are very effective for privacy protection but very expensive in terms of computation and communication. In this paper, we focus on an essential operation for designing a privacy-preserving recommender system for smart grids, namely comparison, that takes two encrypted values and outputs which one is greater than the other one. We improve the state-of-the-art comparison protocol based on Homomorphic Encryption in terms of computation and communication by 56 and 25 %, respectively, by introducing algorithmic changes and data packing. As the smart meters are very limited devices, the overall improvement achieved is promising for the future deployment of such cryptographic protocols for enabling privacy enhanced services in smart grids.
...
In smart grids, providing power consumption statistics to the customers and generating recommendations for managing electrical devices are considered to be effective methods that can help to reduce energy consumption. Unfortunately, providing power consumption statistics and generating recommendations rely on highly privacy-sensitive smart meter consumption data. From the past experience, we see that it is essential to find scientific solutions that enable the utility providers to provide such services for their customers without damaging customers’ privacy. One effective approach relies on cryptography, where sensitive data is only given in the encrypted form to the utility provider and is processed under encryption without leaking content. The proposed solutions using this approach are very effective for privacy protection but very expensive in terms of computation and communication. In this paper, we focus on an essential operation for designing a privacy-preserving recommender system for smart grids, namely comparison, that takes two encrypted values and outputs which one is greater than the other one. We improve the state-of-the-art comparison protocol based on Homomorphic Encryption in terms of computation and communication by 56 and 25 %, respectively, by introducing algorithmic changes and data packing. As the smart meters are very limited devices, the overall improvement achieved is promising for the future deployment of such cryptographic protocols for enabling privacy enhanced services in smart grids.