MPC for Tech Giants (GMPC): Enabling Gulliver and the Lilliputians to Cooperate Amicably
Authors:
Bar Alon,
Moni Naor,
Eran Omri,
Uri Stemmer
Abstract:
In this work, we introduce the Gulliver multi-party computation model (GMPC). The GMPC model considers a single highly powerful party, called the server or Gulliver, that is connected to $n$ users over a star topology network (alternatively formulated as a full network, where the server can block any message). The users are significantly less powerful than the server, and, in particular, should ha…
▽ More
In this work, we introduce the Gulliver multi-party computation model (GMPC). The GMPC model considers a single highly powerful party, called the server or Gulliver, that is connected to $n$ users over a star topology network (alternatively formulated as a full network, where the server can block any message). The users are significantly less powerful than the server, and, in particular, should have both computation and communication complexities that are polylogarithmic in $n$. Protocols in the GMPC model should be secure against malicious adversaries that may corrupt a subset of the users and/or the server.
Designing protocols in the GMPC model is a delicate task, since users can only hold information about polylog(n) other users (and, in particular, can only communicate with polylog(n) other users). In addition, the server can block any message between any pair of honest parties. Thus, reaching an agreement becomes a challenging task. Nevertheless, we design generic protocols in the GMPC model, assuming that at most $α<1/6$ fraction of the users may be corrupted (in addition to the server). Our main contribution is a variant of Feige's committee election protocol [FOCS 1999] that is secure in the GMPC model. Given this tool we show:
1. Assuming fully homomorphic encryption (FHE), any computationally efficient function with $O\left(n\cdot polylog(n)\right)$-size output can be securely computed in the GMPC model.
2. Any function that can be computed by a circuit of $O(polylog(n))$ depth, $O\left(n\cdot polylog(n)\right)$ size, and bounded fan-in and fan-out can be securely computed in the GMPC model without assuming FHE.
3. In particular, sorting can be securely computed in the GMPC model without assuming FHE. This has important applications for the shuffle model of differential privacy, and resolves an open question of Bell et al. [CCS 2020].
△ Less
Submitted 6 April, 2023; v1 submitted 11 July, 2022;
originally announced July 2022.
Bayesian estimate of position in mobile phone network
Authors:
Aleksey Ogulenko,
Itzhak Benenson,
Itzhak Omer,
Barak Alon
Abstract:
The traditional approach to mobile phone positioning is based on the assumption that the geographical location of a cell tower recorded in a call details record (CDR) is a proxy for a device's location. A Voronoi tessellation is then constructed based on the entire network of cell towers and this tessellation is considered as a coordinate system, with the device located in a Voronoi polygon of a c…
▽ More
The traditional approach to mobile phone positioning is based on the assumption that the geographical location of a cell tower recorded in a call details record (CDR) is a proxy for a device's location. A Voronoi tessellation is then constructed based on the entire network of cell towers and this tessellation is considered as a coordinate system, with the device located in a Voronoi polygon of a cell tower that is recorded in the CDR. If Voronoi-based positioning is correct, the uniqueness of the device trajectory is very high, and the device can be identified based on 3-4 of its recorded locations. We propose and investigate a probabilistic approach to device positioning that is based on knowledge of each antennas' parameters and number of connections, as dependent on the distance to the antenna. The critical difference between the Voronoi-based and the real world layout is in the essential overlap of the antennas' service areas: the device that is located in a cell tower's polygon can be served by a more distant antenna that is chosen by the network system to balance the network load. This overlap is too significant to be ignored. Combining data on the distance distribution of the number of connections available for each antenna in the network, we succeed in resolving the overlap problem by applying Bayesian inference and construct a realistic distribution of the device location. Probabilistic device positioning demands a full revision of mobile phone data analysis, which we discuss with a focus on privacy risk estimates.
△ Less
Submitted 24 July, 2020;
originally announced July 2020.