nach oben

Erschienen in:

2017 | OriginalPaper | Buchkapitel

Confidential Benchmarking Based on Multiparty Computation

verfasst von : Ivan Damgård, Kasper Damgård, Kurt Nielsen, Peter Sebastian Nordholt, Tomas Toft

Erschienen in: Financial Cryptography and Data Security

Verlag: Springer Berlin Heidelberg

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

We report on the design and implementation of a system that uses multiparty computation to enable banks to benchmark their customers’ confidential performance data against a large representative set of confidential performance data from a consultancy house. The system ensures that both the banks’ and the consultancy house’s data stays confidential, the banks as clients learn nothing but the computed benchmarking score. In the concrete business application, the developed prototype helps Danish banks to find the most efficient customers among a large and challenging group of agricultural customers with too much debt. We propose a model based on linear programming for doing the benchmarking and implement it using the SPDZ protocol by Damgård et al., which we modify using a new idea that allows clients to supply data and get output without having to participate in the preprocessing phase and without keeping state during the computation. We ran the system with two servers doing the secure computation using a database with information on about 2500 users. Answers arrived in about 25 s.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel VD-PSI: Verifiable Delegated Private Set Intersection on Outsourced Private Datasets

Nächstes Kapitel Efficiently Making Secure Two-Party Computation Fair

The banks are typically the lenders with the utmost priority in case of default.

An early stage demo version of the software has been tested and resulted in valuable feedback for the development of the prototype.

In [JNO14], a generic client solution was proposed that works for any MPC protocol, but it requires the client to keep state. In principle, one can always store client state info on the servers, but since our servers are malicious it needs to be authenticated and secret shared or encrypted, and this adds further complications to the implementation.

This is actually the notion of a strong AMD code [CDF+08], the construction we give here is slightly different from previous ones, though, and fits better into our protocol.

This problem does not occur in the original SPDZ protocol, since there the values that are opened are public.

In theory, Danzig’s rule can lead to a cycle, so that the algorithm will not terminate, but this is rare in practice, and never occurred in our testing.

Alternatively, one could let each bank control their own secure computation server communicating directly with the consultancy house controlled server. This setup up was used for the initial demo system, but the current setup was deemed more scalable as it only requires two secure computation servers.

https://github.com/aicis/fresco.

[ABT05]

Agrell, P.J., Bogetoft, P., Tind, J.: DEA and dynamic yardstick competition in Scandinavian electricity distribution. J. Prod. Anal. 23(2), 173–201 (2005)CrossRef

[ANB12]

Asmild, M., Nielsen, K., Bogetoft, P.: Are high labour costs destroying the competitiveness of Danish dairy farmers? Evidence from an international benchmarking analysis. MSAP Working Paper Series (2012)

[BCc84]

Banker, R.D., Charnes, A., Cooper, W.W.: Some models for estimating technical and scale inefficiencies in data envelopment analysis. Manage. Sci. 30, 1078–1092 (1984)CrossRefMATH

[BN08]

Bogetoft, P., Nielsen, K.: DEA based auctions. Eur. J. Oper. Res. 184, 685–700 (2008)CrossRefMATH

[BO11]

Bogetoft, P., Otto, L.: Benchmarking with DEA, SFA, and R. Springer, New York (2011)CrossRefMATH

[BOGW88]

Ben-Or, M., Goldwasser, S., Wigderson, A.:. Completeness theorems for non-cryptographic fault-tolerant distributed computation (extended abstract). In: Proceedings of the 20th ACM STOC, Chicago, Illinois, USA, 2–4 May, pp. 1–10. ACM Press (1988)

[CCD88]

Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols (extended abstract). In: Proceedings of the 20th ACM STOC, Chicago, Illinois, USA, 2–4 May, pp. 11–19. ACM Press (1988)

[CcR78]

Charnes, A., Cooper, W.W., Rhodes, E.: Measuring the efficiency of decision making units. Eur. J. Oper. Res. 2, 429–444 (1978)MathSciNetCrossRefMATH

[CcR79]

Charnes, A., Cooper, W.W., Rhodes, E.: Short communication: measuring the efficiency of decision making units. Eur. J. Oper. Res. 3, 339 (1979)CrossRefMATH

[Cd10]

Catrina, O., de Hoogh, S.: Secure multiparty linear programming using fixed-point arithmetic. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 134–150. Springer, Heidelberg (2010). doi:10.1007/978-3-642-15497-3_9 CrossRef

[CDF+08]

Cramer, R., Dodis, Y., Fehr, S., Padró, C., Wichs, D.: Detection of algebraic manipulation with applications to robust secret sharing and fuzzy extractors. In: Smart, N. (ed.) EUROCRYPT 2008. LNCS, vol. 4965, pp. 471–488. Springer, Heidelberg (2008). doi:10.1007/978-3-540-78967-3_27 CrossRef

[CPV04]

Cielen, A., Peeters, L., Vanhoof, K.: Bankruptcy prediction using a data envelopment analysis. Eur. J. Oper. Res. 154(2), 526–532 (2004)CrossRefMATH

[CST07]

Cooper, W.W., Seiford, L.M., Tone, K.: Data Envelopment Analysis: A Comprehensive Text with Models, Applications, References and DEA-Solver Software, 2nd edn. Springer, New York (2007)MATH

[DFK+06]

Damgård, I., Fitzi, M., Kiltz, E., Nielsen, J.B., Toft, T.: Unconditionally secure constant-rounds multi-party computation for equality, comparison, bits and exponentiation. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 285–304. Springer, Heidelberg (2006). doi:10.1007/11681878_15 CrossRef

[DKL+13]

Damgård, I., Keller, M., Larraia, E., Pastro, V., Scholl, P., Smart, N.P.: Practical covertly secure MPC for dishonest majority – or: breaking the SPDZ limits. In: Crampton, J., Jajodia, S., Mayes, K. (eds.) ESORICS 2013. LNCS, vol. 8134, pp. 1–18. Springer, Heidelberg (2013). doi:10.1007/978-3-642-40203-6_1 CrossRef

[DPSZ12]

Damgård, I., Pastro, V., Smart, N., Zakarias, S.: Multiparty computation from somewhat homomorphic encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 643–662. Springer, Heidelberg (2012). doi:10.1007/978-3-642-32009-5_38 CrossRef

[EPT08]

Emrouznejad, A., Parker, B.R., Tavares, G.: Evaluation of research in efficiency and productivity: a survey and analysis of the first 30 years of scholarly literature in DEA. Socio-Econ. Plann. Sci. 42, 151–157 (2008)CrossRef

[GMW87]

Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: Aho, A., (ed.) Proceedings of the 19th ACM STOC, New York City, New York, USA, 25–27 May, pp. 218–229. ACM Press (1987)

[JNO14]

Jakobsen, T.P., Nielsen, J.B., Orlandi, C.: A framework for outsourcing of secure computation. In: Proceedings of the 6th edition of the ACM Workshop on Cloud Computing Security, pp. 81–92. ACM (2014)

[Ker08a]

Kerschbaum, F.: Building a privacy-preserving benchmarking enterprise system. Enterp. IS 2(4), 421–441 (2008)CrossRef

[Ker08b]

Kerschbaum, F.: Practical privacy-preserving benchmarking. In: Jajodia, S., Samarati, P., Cimato, S. (eds.) SEC 2008. ITIFIP, vol. 278, pp. 17–31. Springer, Boston, MA (2008). doi:10.1007/978-0-387-09699-5_2 CrossRef

[KSZ+11]

Kerschbaum, F., Schröpfer, A., Zilli, A., Pibernik, R., Catrina, O., de Hoogh, S., Schoenmakers, B., Cimato, S., Damiani, E.: Secure collaborative supply-chain management. IEEE Comput. 44(9), 38–43 (2011)CrossRef

[KT06]

Kerschbaum, F., Terzidis, O.: Filtering for private collaborative benchmarking. In: Müller, G. (ed.) ETRICS 2006. LNCS, vol. 3995, pp. 409–422. Springer, Heidelberg (2006). doi:10.1007/11766155_29 CrossRef

[Mes97]

Mester, L.J.: What’s the point of credit scoring? Bus. Rev. 3, 3–16 (1997)

[NT07]

Nielsen, K., Toft, T.: Secure relative performance scheme. In: Deng, X., Graham, F.C. (eds.) WINE 2007. LNCS, vol. 4858, pp. 396–403. Springer, Heidelberg (2007). doi:10.1007/978-3-540-77105-0_44 CrossRef

[PAS04]

Paradi, J.C., Asmild, M., Simak, P.C.: Using DEA and worst practice DEA in credit risk evaluation. J. Prod. Anal. 21(2), 153–165 (2004)CrossRef

[PBS09]

Premachandra, I.M., Bhabra, G.S., Sueyoshi, T.: DEA as a tool for bankruptcy assessment: a comparative study with logistic regression technique. Eur. J. Oper. Res. 193(2), 412–424 (2009)CrossRefMATH

[Tof09a]

Toft, T.: Constant-rounds, almost-linear bit-decomposition of secret shared values. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 357–371. Springer, Heidelberg (2009). doi:10.1007/978-3-642-00862-7_24 CrossRef

[Tof09b]

Toft, T.: Solving linear programs using multiparty computation. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 90–107. Springer, Heidelberg (2009). doi:10.1007/978-3-642-03549-4_6 CrossRef

[Yao82]

Yao, A.C.-C.: Protocols for secure computations (extended abstract). In: Proceedings of the 23rd FOCS, Chicago, Illinois, 3–5 November, pp. 160–164. IEEE Computer Society Press (1982)

Titel: Confidential Benchmarking Based on Multiparty Computation
verfasst von: Ivan Damgård
Kasper Damgård
Kurt Nielsen
Peter Sebastian Nordholt
Tomas Toft
Verlag: Springer Berlin Heidelberg
Buch: Financial Cryptography and Data Security
Print ISBN: 978-3-662-54969-8

Electronic ISBN: 978-3-662-54970-4

Copyright-Jahr: 2017
DOI: https://doi.org/10.1007/978-3-662-54970-4_10

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"