Nan Cheng
Thumbnail Image
Last Name
Cheng
First name
Nan
Email
nan.cheng@unisg.ch
ORCID

Filters

5
Reset filters

Settings
Now showing 1 - 5 of 5
  • Publication
    Constant-Round Private Decision Tree Evaluation for Secret Shared Data
    (PoPETS, 2024)
    Nan Cheng orcid-logo
    ;
    Naman Gupta
    ;
    Aikaterini Mitrokotsa
    ;
    Hiraku Morita
    ;
    Kazunari Tozawa
    Decision tree evaluation is extensively used in machine learning to construct accurate classification models. Often in the cloud-assisted communication paradigm cloud servers execute remote evaluations of classification models using clients' data. In this setting, the need for private decision tree evaluation (PDTE) has emerged to guarantee no leakage of information for the client's input nor the service provider's trained model i.e., decision tree. In this paper, we propose a private decision tree evaluation protocol based on the three-party replicated secret sharing (RSS) scheme. This enables us to securely classify inputs without any leakage of the provided input or the trained decision tree model. Our protocol only requires constant rounds of communication among servers, which is useful in a network with longer delays.Ma et al. (NDSS 2021) presented a lightweight PDTE protocol with sublinear communication cost with linear round complexity in the size of the input data. This protocol works well in the low latency network such as LAN while its total execution time is unfavourably increased in the WAN setting. In contrast, Tsuchida et al. (ProvSec 2020) constructed a constant round PDTE protocol at the cost of communication complexity, which works well in the WAN setting. Although their construction still requires 25 rounds, it showed a possible direction on how to make constant round PDTE protocols. Ji et al. (IEEE Transactions on Dependable and Secure Computing) presented a simplified PDTE with constant rounds using the function secret sharing (FSS) at the cost of communication complexity. Our proposed protocol only requires five rounds among the employed three servers executing secret sharing schemes, which is comparable to previously proposed protocols that are based on garbled circuits and homomorphic encryption. To further demonstrate the efficiency of our protocol, we evaluated it using real-world classification datasets. The evaluation results indicate that our protocol provides better concrete performance in the WAN setting that has a large network delay.
    Type: journal article
    Volume: 2024
    Issue: 1
    URL: https://petsymposium.org/popets/2024/popets-2024-0023.php
    DOI: https://doi.org/10.56553/popets-2024-0023
    URI: https://www.alexandria.unisg.ch/handle/20.500.14171/119902
  • Publication
    Efficient Two-Party Secure Aggregation via Incremental Distributed Point Function
    ( 2024)
    Nan Cheng orcid-logo
    ;
    Katerina Mitrokotsa
    ;
    Feng Zhang
    ;
    Frank Hartmann
    Computing the maximum from a list of secret inputs is a widely-used functionality that is employed either indirectly as a building block in secure computation frameworks, such as ABY (NDSS'15) or directly used in multiple applications that solve optimisation problems, such as secure machine learning or secure aggregation statistics. Incremental distributed point function (I-DPF) is a powerful primitive (IEEE S&P'21) that significantly reduces the clientto-server communication and are employed to efficiently and securely compute aggregation statistics. In this paper, we investigate whether I-DPF can be used to improve the efficiency of secure two-party computation (2PC) with an emphasis on computing the maximum value and the k-th (with k unknown to the computing parties) ranked value from a list of secret inputs. Our answer is affirmative, and we propose novel secure 2PC protocols that use I-DPF as a building block, resulting in significant efficiency gains compared to the state-of-the-art. More precisely, our contributions are: (i) We present two new secure computation frameworks that efficiently compute secure aggregation statistics bit-wisely or batch-wisely; (ii) we propose novel protocols to compute the maximum value, the k-th ranked value from a list of secret inputs; (iii) we provide variations of the proposed protocols that can perform batch computations and thus provide further efficiency improvements; and (iv) we provide an extensive performance evaluation for all proposed protocols. Our protocols have a communication complexity that is independent of the number of secret inputs and linear to the length of the secret input domain. Our experimental results show enhanced efficiency over state-of-the-art solutions, particularly notable when handling large-scale inputs. For instance, in scenarios involving an input set of five million elements with an input domain size of 31 bits, our protocol Π Max achieves an 18% reduction in online execution time and a 67% decrease in communication volume compared to the most efficient existing solution.
    Type: conference paper
    URI: https://www.alexandria.unisg.ch/handle/20.500.14171/120248
  • Publication
    Nomadic: Normalising Maliciously-Secure Distance with Cosine Similarity for Two-Party Biometric Authentication
    (ACM Asia Conference on Computer and Communications Security (ASIA CCS ’24), 2024)
    Nan Cheng orcid-logo
    ;
    Melek Önen
    ;
    Aikaterini Mitrokotsa
    ;
    Oubaïda Chouchane
    ;
    Massimiliano Todisco
    ;
    Alberto Ibarrondo
    Computing the distance between two non-normalized vectors $\mathbfit{x}$ and $\mathbfit{y}$, represented by $\Delta(\mathbfit{x},\mathbfit{y})$ and comparing it to a predefined public threshold $\tau$ is an essential functionality used in privacy-sensitive applications such as biometric authentication, identification, machine learning algorithms ({\em e.g.,} linear regression, k-nearest neighbors, etc.), and typo-tolerant password-based authentication. Tackling a widely used distance metric, {\sc Nomadic} studies the privacy-preserving evaluation of cosine similarity in a two-party (2PC) distributed setting. We illustrate this setting in a scenario where a client uses biometrics to authenticate to a service provider, outsourcing the distance calculation to two computing servers. In this setting, we propose two novel 2PC protocols to evaluate the normalising cosine similarity between non-normalised two vectors followed by comparison to a public threshold, one in the semi-honest and one in the malicious setting. Our protocols combine additive secret sharing with function secret sharing, saving one communication round by employing a new building block to compute the composition of a function $f$ yielding a binary result with a subsequent binary gate. Overall, our protocols outperform all prior works, requiring only two communication rounds under a strong threat model that also deals with malicious inputs via normalisation. We evaluate our protocols in the setting of biometric authentication using voice, and the obtained results reveal a notable efficiency improvement compared to existing state-of-the-art works.
    Type: conference paper
    URL: https://doi.org/10.1145/3634737.3657022
    DOI: https://doi.org/10.1145/3634737.3657022
    URI: https://www.alexandria.unisg.ch/handle/20.500.14171/119901
  • Publication
    Efficient Three-party Boolean-to-Arithmetic Share Conversion
    (IEEE, 2023)
    Nan Cheng orcid-logo
    ;
    Feng Zhang
    ;
    Aikaterini Mitrokotsa
    The advantage of mixed-protocol multi-party secure computation frameworks lies in their ability to utilize different sharing types optimally for diverse tasks. A key module in these frameworks are Boolean-to-arithmetic secret sharing conversion protocols, which transfer a secret value from Boolean secret sharing to arithmetic secret sharing. This conversion process can either take in the Boolean secret sharing of a bit or a secret binary string. In this work, we suggest the application of an innovative correlated random tuple for this task in the semi-honest three-party (3PC) setting. This tuple provides the basis for building Boolean-to-arithmetic share conversion protocols. Specifically, we propose two such protocols in the semi-honest 3PC setting, the first protocol takes as input the Boolean secret sharing of a bit, and the second protocol takes as input the Boolean secret sharing of a secret binary string. When it comes to concrete efficiency, the first protocol shows superior performance compared to the existing state-of-the-art in ABY3 (CCS '18). It achieves this by reducing the total required communication from $2\ell$ bits per party to $4\ell/3+1$ bits (including $4\ell/3$ bits in the setup phase, and $1$ bit in the online phase) per party, while maintaining a single round of optimized communication. On the other hand, the second protocol involves two rounds of online communication and its communication cost is comparable to that of ABY2.0 (USENIX'21) that relies on correlated oblivious transfer.
    Type: conference paper
    URL: https://ieeexplore.ieee.org/document/10320199
    DOI: 10.1109/PST58708.2023.10320199
    URI: https://www.alexandria.unisg.ch/handle/20.500.14171/118633
  • Publication
    Type: conference speech
    URI: https://www.alexandria.unisg.ch/handle/20.500.14171/117642