TY - GEN
T1 - Secure linear algebra using linearly recurrent sequences
AU - Kiltz, Eike
AU - Mohassel, Payman
AU - Weinreb, Enav
AU - Franklin, Matthew
PY - 2007/1/1
Y1 - 2007/1/1
N2 - In this work we present secure two-party protocols for various core problems in linear algebra. Our main result is a protocol to obliviously decide singularity of an encrypted matrix: Bob holds an n × n matrix, encrypted with Alice's secret key, and wants to learn whether or not the matrix is singular (while leaking nothing further). We give an interactive protocol between Alice and Bob that solves the above problem in O(log n) communication rounds and with overall communication complexity of roughly O(n2) (note that the input size is n2). Our techniques exploit certain nice mathematical properties of linearly recurrent sequences and their relation to the minimal and characteristic polynomial of the input matrix, following [Wiedemann, 1986]. With our new techniques we are able to improve the round complexity of the communication efficient solution of [Nissim and Weinreb, 2006] from O(n0.275) to O(log n). At the core of our results we use a protocol that securely computes the minimal polynomial of an encrypted matrix. Based on this protocol we exploit certain algebraic reductions to further extend our results to the problems of securely computing rank and determinant, and to solving systems of linear equations (again with low round and communication complexity).
AB - In this work we present secure two-party protocols for various core problems in linear algebra. Our main result is a protocol to obliviously decide singularity of an encrypted matrix: Bob holds an n × n matrix, encrypted with Alice's secret key, and wants to learn whether or not the matrix is singular (while leaking nothing further). We give an interactive protocol between Alice and Bob that solves the above problem in O(log n) communication rounds and with overall communication complexity of roughly O(n2) (note that the input size is n2). Our techniques exploit certain nice mathematical properties of linearly recurrent sequences and their relation to the minimal and characteristic polynomial of the input matrix, following [Wiedemann, 1986]. With our new techniques we are able to improve the round complexity of the communication efficient solution of [Nissim and Weinreb, 2006] from O(n0.275) to O(log n). At the core of our results we use a protocol that securely computes the minimal polynomial of an encrypted matrix. Based on this protocol we exploit certain algebraic reductions to further extend our results to the problems of securely computing rank and determinant, and to solving systems of linear equations (again with low round and communication complexity).
KW - Linearly recurrent sequences
KW - Secure linear algebra
KW - Wiedemann's algorithm
UR - http://www.scopus.com/inward/record.url?scp=38049077335&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-70936-7_16
DO - 10.1007/978-3-540-70936-7_16
M3 - Conference contribution
AN - SCOPUS:38049077335
SN - 9783540709350
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 291
EP - 310
BT - Theory of Cryptography - 4th Theory of Cryptography Conference, TCC 2007, Proceedings
PB - Springer Verlag
T2 - 4th Theory of Cryptography Conference, TCC 2OO7
Y2 - 21 February 2007 through 24 February 2007
ER -