Cybersecurity and Data Privacy in the Digital Age

The COVID-19 pandemic has brought to the fore a number of issues regarding digital technologies, including a heightened focus on cybersecurity and data privacy. This chapter examines two aspects of this phenomenon. First, as businesses explore creative approaches to operate in the “new normal,” the security implications of the deployment of new technologies are often not considered, especially in small businesses, which often possess limited IT knowledge and resources. Second, issues relating to security and data privacy in monitoring the pandemic are examined, and different privacy-preserving data-sharing techniques, including federated learning, secure multiparty computation, and blockchain-based techniques, are assessed. A new privacy-preserving data-sharing framework, which addresses current limitations of these techniques, is then put forward and discussed. The chapter concludes that although the worst of the pandemic may soon be over, issues regarding cybersecurity will be with us for far longer and require vigilant management and the development of creative solutions.

Private identity agreement for private set functionalities

Private set intersection and related functionalities are among the most prominent real-world applications of secure multiparty computation. While such protocols have attracted significant attention from the research community, other functionalities are often required to support a PSI application in practice. For example, in order for two parties to run a PSI over the unique users contained in their databases, they might first invoke a support functionality to agree on the primary keys to represent their users. This paper studies a secure approach to agreeing on primary keys. We introduce and realize a functionality that computes a common set of identifiers based on incomplete information held by two parties, which we refer to as private identity agreement, and we prove the security of our protocol in the honest-but-curious model. We explain the subtleties in designing such a functionality that arise from privacy requirements when intending to compose securely with PSI protocols. We also argue that the cost of invoking this functionality can be amortized over a large number of PSI sessions, and that for applications that require many repeated PSI executions, this represents an improvement over a PSI protocol that directly uses incomplete or fuzzy matches.

Quantum randomized encoding, verification of quantum computing, no-cloning, and blind quantum computing

Randomized encoding is a powerful cryptographic primitive with various applications such as secure multiparty computation, verifiable computation, parallel cryptography, and complexity lower bounds. Intuitively, randomized encoding $\hat{f}$ of a function $f$ is another function such that $f(x)$ can be recovered from $\hat{f}(x)$, and nothing except for $f(x)$ is leaked from $\hat{f}(x)$. Its quantum version, quantum randomized encoding, has been introduced recently [Brakerski and Yuen, arXiv:2006.01085]. Intuitively, quantum randomized encoding $\hat{F}$ of a quantum operation $F$ is another quantum operation such that, for any quantum state $\rho$, $F(\rho)$ can be recovered from $\hat{F}(\rho)$, and nothing except for $F(\rho)$ is leaked from $\hat{F}(\rho)$. In this paper, we show three results. First, we show that if quantum randomized encoding of BB84 state generations is possible with an encoding operation $E$, then a two-round verification of quantum computing is possible with a classical verifier who can additionally do the operation $E$. One of the most important goals in the field of the verification of quantum computing is to construct a verification protocol with a verifier as classical as possible. This result therefore demonstrates a potential application of quantum randomized encoding to the verification of quantum computing: if we can find a good quantum randomized encoding (in terms of the encoding complexity), then we can construct a good verification protocol of quantum computing. Our second result is, however, to show that too good quantum randomized encoding is impossible: if quantum randomized encoding for the generation of even simple states (such as BB84 states) is possible with a classical encoding operation, then the no-cloning is violated. Finally, we consider a natural modification of blind quantum computing protocols in such a way that the server gets the output like quantum randomized encoding. We show that the modified protocol is not secure.

Randomized Oblivious Transfer for Secure Multiparty Computation in the Quantum Setting

Secure computation is a powerful cryptographic tool that encompasses the evaluation of any multivariate function with arbitrary inputs from mutually distrusting parties. The oblivious transfer primitive serves is a basic building block for the general task of secure multi-party computation. Therefore, analyzing the security in the universal composability framework becomes mandatory when dealing with multi-party computation protocols composed of oblivious transfer subroutines. Furthermore, since the required number of oblivious transfer instances scales with the size of the circuits, oblivious transfer remains as a bottleneck for large-scale multi-party computation implementations. Techniques that allow one to extend a small number of oblivious transfers into a larger one in an efficient way make use of the oblivious transfer variant called randomized oblivious transfer. In this work, we present randomized versions of two known oblivious transfer protocols, one quantum and another post-quantum with ring learning with an error assumption. We then prove their security in the quantum universal composability framework, in a common reference string model.

Minimum Round Card-Based Cryptographic Protocols Using Private Operations

This paper shows new card-based cryptographic protocols with the minimum number of rounds, using private operations under the semi-honest model. Physical cards are used in card-based cryptographic protocols instead of computers to achieve secure multiparty computation. Operations that a player executes in a place where the other players cannot see are called private operations. Using three private operations—private random bisection cuts, private reverse cuts, and private reveals—the calculations of two variable Boolean functions and copy operations were realized with the minimum number of cards. Though the number of cards has been discussed, the efficiency of these protocols has not been discussed. This paper defines the number of rounds to evaluate the efficiency of the protocols, using private operations. Most of the meaningful calculations using private operations need at least two rounds. This paper presents a new two-round committed-input, committed-output logical XOR protocol, using four cards. Then, we show new two-round committed-input, committed-output logical AND and copy protocols, using six cards. Even if private reveal operations are not used, logical XOR, logical AND, and copy operations can be executed with the minimum number of rounds. Protocols for general n-variable Boolean functions and protocols that preserve an input are also shown. Lastly, protocols with asymmetric cards are shown.