Secure linear algebra using linearly recurrent sequences
In this work we present secure two-party protocols for various core problems in linear algebra. Our main building block is a protocol to obliviously decide singularity of an encrypted matrix: Bob holds an n × n matrix M, encrypted with Alice's secret key, and wants to learn whether the matrix is singular or not (and nothing beyond that). We give an interactive protocol between Alice and Bob that solves the above problem with optimal communication complexity while at the same time achieving low round complexity. More precisely, the number of communication rounds in our protocol is polylog(n) and the overall communication is roughly O(n2) (note that the input size is n2). At the core of our protocol we exploit some nice mathematical properties of linearly recurrent sequences and their relation to the characteristic polynomial of the matrix M, following [Wiedemann, 1986]. With our new techniques we are able to improve the round complexity of the communication efficient solution of [Nissim and Weinreb, 2006] from n0.275to polylog(n). Based on our singularity protocol we further extend our result to the problems of securely computing the rank of an encrypted matrix and solving systems of linear equations.
|Dagstuhl Seminar Proceedings|
|Complexity of Boolean Functions 2006|
|Organisation||Centrum Wiskunde & Informatica, Amsterdam (CWI), The Netherlands|
Kiltz, E, & Weinreb, E. (2006). Secure linear algebra using linearly recurrent sequences. In Dagstuhl Seminar Proceedings. doi:10.4230/DagSemProc.06111.16