In this paper, three constructions of balanced Boolean functions with optimal algebraic immunity are proposed. It is checked that, at least for small numbers of input variables, these functions have ...good behavior against fast algebraic attacks as well. Other cryptographic properties such as algebraic degree and nonlinearity of the constructed functions are also analyzed. Lower bounds on the nonlinearity are proved, which are similar to the best bounds obtained for known Boolean functions resisting algebraic attacks and fast algebraic attacks. Moreover, it is checked that for the number n of variables with 5 ≤ n ≤ 19, the proposed n -variable Boolean functions have in fact very good nonlinearity.
Vertical Federated Learning (VFL) has many applications in the field of smart healthcare with excellent performance. However, current VFL systems usually primarily focus on the privacy protection ...during model training, while the preparation of training data receives little attention. In real-world applications, like smart healthcare, the process of the training data preparation may involve some participant’s intention which could be privacy information for this participant. To protect the privacy of the model training intention, we describe the idea of Intention-Hiding Vertical Federated Learning (IHVFL) and illustrate a framework to achieve this privacy-preserving goal. First, we construct two secure screening protocols to enhance the privacy protection in feature engineering. Second, we implement the work of sample alignment bases on a novel private set intersection protocol. Finally, we use the logistic regression algorithm to demonstrate the process of IHVFL. Experiments show that our model can perform better efficiency (less than 5min) and accuracy (97%) on Breast Cancer medical dataset while maintaining the intention-hiding goal.
Based on a sufficient condition proposed by Hollmann and Xiang for constructing triple-error-correcting codes, the minimum distance of a binary cyclic code
C
1
,
3
,
13
with three zeros
α,
α
3
, and
...α
13
of length
2
m
−
1
and the weight divisibility of its dual code are studied, where
m
⩾
5
is odd and
α is a primitive element of the finite field
F
2
m
. The code
C
1
,
3
,
13
is proven to have the same weight distribution as the binary triple-error-correcting primitive BCH code
C
1
,
3
,
5
of the same length.
We present several new constructions of differentially 4-uniform permutations over
by modifying the values of the inverse function on some subsets of
. The resulted differentially 4-uniform ...permutations have high nonlinearities and algebraic degrees, which provide more choices for the design of crytographic substitution boxes.
Additively Homomorphic Encryption (AHE) has been widely used in various applications, such as federated learning, blockchain, and online auctions. Elliptic Curve (EC) based AHE has the advantages of ...efficient encryption, homomorphic addition, scalar multiplication algorithms, and short ciphertext length. However, EC-based AHE schemes require solving a small exponential Elliptic Curve Discrete Logarithm Problem (ECDLP) when running the decryption algorithm, i.e., recovering the plaintext m ∈ {0, 1} ℓ from m * G . Therefore, the decryption of EC-based AHE schemes is inefficient when the plaintext length ℓ > 32. This leads to people being more inclined to use RSA-based AHE schemes rather than EC-based ones. This paper proposes an efficient algorithm called FastECDLP for solving the small exponential ECDLP at 128-bit security level. We perform a series of deep optimizations from two points: computation and memory overhead. These optimizations ensure efficient decryption when the plaintext length ℓ is as long as possible in practice. Moreover, we also provide a concrete implementation and apply FastECDLP to some specific applications. Experimental results show that FastECDLP is far faster than the previous works. For example, the decryption can be done in 0.35 ms with a single thread when ℓ = 40, which is about 30 times faster than that of Paillier. Furthermore, we experiment with ℓ from 27 to 54, and the existing works generally only consider ℓ ≤ 32. The decryption only requires 1 second with 16 threads when ℓ = 54. In the practical applications, we can speed up model training of existing vertical federated learning frameworks by 4 to 14 times. At the same time, the decryption efficiency is accelerated by about 140 times in a blockchain financial system (ESORICS 2021) with the same memory overhead.
Demand forecasting (DF) plays an essential role in supply chain management, as it provides an estimate of the goods that customers are expected to purchase in the foreseeable future. While machine ...learning techniques are widely used for building DF models, they also become more susceptible to data poisoning attacks. In this article, we study the vulnerability of targeted poisoning attacks for linear regression DF models, where the attacker controls the behavior of forecasting models on a specific target sample without compromising the overall forecasting performance. We devise a gradient-optimization framework for targeted regression poisoning in white-box settings, and further design a regression value manipulation strategy for targeted poisoning in black-box settings. We also discuss some possible countermeasures to defend against our attacks. Extensive experiments are conducted on two real-world datasets with four linear regression models. The results demonstrate that our attacks are very effective, and can achieve a high prediction deviation with control of less than 1% of the training samples.
Private Set Intersection (PSI) protocols can securely compute the intersection of the private sets on the server and the client without revealing additional data. This work introduces the concept of ...Privacy-Preserving Feature Retrieved Private Set Intersection (<inline-formula> <tex-math notation="LaTeX">\mathsf {P^{2}FRPSI} </tex-math></inline-formula>). In <inline-formula> <tex-math notation="LaTeX">\mathsf {P^{2}FRPSI} </tex-math></inline-formula> protocols, the client can obtain the intersection that satisfies a given predicate without revealing the predicate and additional data. We formally define the <inline-formula> <tex-math notation="LaTeX">\mathsf {P^{2}FRPSI} </tex-math></inline-formula> protocol, including its inputs, outputs, functionality, and security. To achieve the privacy guarantee in <inline-formula> <tex-math notation="LaTeX">\mathsf {P^{2}FRPSI} </tex-math></inline-formula> protocols, a new two-party protocol is designed, namely Secure Secret Shared Retrieval (<inline-formula> <tex-math notation="LaTeX">\mathsf {S^{3}R} </tex-math></inline-formula>), which can be used to securely determine whether each item on the server satisfies the predicate. We construct an <inline-formula> <tex-math notation="LaTeX">\mathsf {S^{3}R} </tex-math></inline-formula> protocol and prove its security in the semi-honest model. On the basis of this, we design an efficient OT-based <inline-formula> <tex-math notation="LaTeX">\mathsf {P^{2}FRPSI} </tex-math></inline-formula> protocol and an easy-to-implement DH-based <inline-formula> <tex-math notation="LaTeX">\mathsf {P^{2}FRPSI} </tex-math></inline-formula> protocol and prove that they are secure in the semi-honest model. Our implementation shows that the OT-based <inline-formula> <tex-math notation="LaTeX">\mathsf {P^{2}FRPSI} </tex-math></inline-formula> protocol can perform the matching for about 1000K items in 3.8 seconds with a single thread. Moreover, the DH-based <inline-formula> <tex-math notation="LaTeX">\mathsf {P^{2}FRPSI} </tex-math></inline-formula> can perform the matching for about 7000K items in one hour with four threads, with communication totaling 1456 MB, while the OT-based <inline-formula> <tex-math notation="LaTeX">\mathsf {P^{2}FRPSI} </tex-math></inline-formula> protocol requires 1673 MB.
This paper proposes a general method to construct 1-resilient Boolean functions by modifying the Tu-Deng and Tang-Carlet-Tang functions. Cryptographic properties such as algebraic degree, ...nonlinearity and algebraic immunity are also considered. A sufficient condition of the modified functions with optimal algebraic degree in terms of the Siegenthaler bound is proposed. The authors obtain a lower bound on the nonlinearity of the Tang-Carlet-Tang functions, which is slightly better than the known result. If the authors do not break the “continuity” of the support and zero sets, the functions constructed in this paper have suboptimal algebraic immunity. Finally, four specific classes of 1-resilient Boolean functions constructed from this construction and with the mentioned good cryptographic properties are proposed. Experimental results show that there are many 1-resilient Boolean functions have higher nonlinearities than known 1-resilient functions modified by Tu-Deng and Tang-Carlet-Tang functions.
In this paper, two constructions of Boolean functions with optimal algebraic immunity are proposed. They generalize previous ones respectively given by Rizomiliotis (IEEE Trans Inf Theory ...56:4014–4024,
2010
) and Zeng et al. (IEEE Trans Inf Theory 57:6310–6320,
2011
) and some new functions with desired properties are obtained. The functions constructed in this paper can be balanced and have optimal algebraic degree. Further, a new lower bound on the nonlinearity of the proposed functions is established, and as a special case, it gives a new lower bound on the nonlinearity of the Carlet-Feng functions, which is slightly better than the best previously known ones. For
n
≤
19
, the numerical results reveal that among the constructed functions in this paper, there always exist some functions with nonlinearity higher than or equal to that of the Carlet-Feng functions. These functions are also checked to have good behavior against fast algebraic attacks at least for small numbers of input variables.