JOURNAL OF COMPUTING, VOLUME 4, ISSUE 4, APRIL 2012, ISSN 2151-9617 https://sites.google.com/site/journalofcomputing WWW.JOURNALOFCOMPUTING.

ORG

109

SIMULATION OF SECURE SUM PROTOCOLS

Apeksha Garg, Harshit Lahoti, Jyotsana Choubey, Rashid Sheikh
Abstract Secure multiparty computation (SMC) is a subfield of cryptography. The goal of SMC is to enable parties to jointly compute a
function of their inputs while keeping these inputs private. It allows parties to know the result of cooperative computation while preserving privacy of individual data. Secure sum computation is an important application of SMC. In all the proposed protocols parties are allowed to compute the sum while keeping their individual data secret with increased computation complexity for hacking individual data. The Secure Sum Protocols are simulated using .NET Framework 4.0 using c#. We get communication and computation complexities. We show the comparative probabilities of data leakage for these protocols. In this paper, we have simulated secure sum protocols proposed by Sheikh et al. and Clifton et al. Index Terms Computation Complexity, Privacy, Secure Multiparty Computation, Simulation .

1 INTRODUCTION

owadays we need to secure our conversation and data, many practical situations arises when privacy of data becomes a concern. On the other hand knowing the result of common computation is their mutual interest. The growth of the Internet has triggered tremendous opportunities for cooperative computation Where people are jointly conducting computation task based on private input they each supplies, this computation can occur between mutually entrusted parties, or even between two competitors. For example customers might send to a remote database queries that contain private information. Two competitive financial organizations may invest in a project that must satisfy both organizations private and valuable constraints. One entity must usually know the input from all the parties. However what if nobody is trusted enough to know all the inputs then privacy becomes a primary concern. Here SMC introduced to secure individuals data. SMC allows parties to know the result of cooperative computation while keeping the privacy of individual data. Secure sum computation is an important application of SMC. In the proposed protocols parties are allowed to communicate and compute the sum while keeping their data secret with increased computation complexity for hacking individual data. SMC concept was introduced by Yao [1] where he gave the solution to millionaires problem. Each of the millionaires wants to know who is richer without

disclosing individual wealth. This idea was further extended by Goldreich [2]. In all these we have studied theoretical concept of SMC. After this the SMC has many branches. Privacy preserving secure sum computation is a best and easily understood example of SMC given by Clifton [3]. In Privacy preserving k-secure sum protocol [4] the data of each party is partitioned into a fixed number of segments. There are some protocols like Secure Sum Protocol [3], k-Secure Sum Protocol [4], extended k-Secure Sum protocol [4], distributed k-Secure Sum Protocol [5], changing neighbor k-Secure Sum Protocol [6] and modified ck-Secure Sum Protocol [7]. In this paper, we propose to simulate all the above protocols. Our simulation application is aimed to result in the visual display of data segments flowing and partial sum displayed. It will also provide some data like number of rounds, computation and communication complexity for further analysis. In general it refers to computation system in which multiple parties wish to jointly compute some values based on individual held secret values of information but do not wish to reveal their secret to one another in the process. For example two individual who each possess some secret information x and y respectively may wish to jointly compute some function f(x,y) without revealing any information about x and y other than what can be reasonably deduced by knowing the actual value of function of x and y. The primary motivation for studying methods of secure computation is to design systems that allow for minimum utility of information without Apeksha Garg is with Shri Venkteshwar Institute of Technology, Indore, compromising with their privacy. In this paper, we are India.. Harshit Lahoti is with Shri Venkteshwar Institute of Technology, Indore, simulating the work done by Sheikh et al. and Clifton et al. The simulation is aimed to visual display of all the India. Jyotsana Choubey is with Shri Venkteshwar Institute of Technology, protocols without compromising with individual privacy Indore, India. of data.
Rashid Sheikh is with Shri Venkteshwar Institute of Technology, Indore, India.

JOURNAL OF COMPUTING, VOLUME 4, ISSUE 4, APRIL 2012, ISSN 2151-9617 https://sites.google.com/site/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG

110

3 PROPOSED ARCHITECTURE AND PROTOCOLS DESCRIPTION The concept of SMC was introduced by Yao in 1982 when
2 he gave solution to the millionaires problem in which two millionaires wanted to know who was richer without disclosing their property [1]. The solution given by him was for semi honest party, in semi honest party the two parties want to compute the sum but simultaneously wanted to extract some other information. The concept was extended by Goldreich et al. [2]. They used circuit evaluation protocols for secure computation. Many real life applications of SMC emerged like Private Information Retrieval (PIR) [9, 10], Privacy-preserving data mining [11, 12], Privacy-preserving geometric computation [13], Privacy-preserving scientific computation [14], Privacypreserving statistical analysis [15] etc. Further review of SMC is provided by Du et al. in [16] where they developed a framework for problem discovery. A study of SMC problem with focus on telecommunication system is provided by Oleshchuk el al. [17] anonymity enable solution was proposed by Mishra et al. [18] where the identities of the parties were hidden for privacy. An exhaustive literature survey and guidelines for future research in SMC are provided by Sheikh et al. [8]. In a paper, Clifton et al. proposed a toolkit of component for solution to SMC problems. The secure sum protocol proposed by Clifton et al. [2] used random number for privacy of individual data inputs. After this Sheikh et al. has proposed the secure sum protocols. They have studied the concept of Yao, Goldreich et al., and Clifton et al. [1, 2, 3] and further extended the concept of Clifton et al. [3]. Firstly they have proposed the k-secure sum protocol [4]. In which multiple parties want to compute the sum while keeping their data secret. In both protocols the data can be leaked if two neighbor parties behave maliciously. Further he has extended the concept and proposed extended ksecure sum protocol in which each round of segment summation using a random number. In both the above protocols the data leakage probability is significantly reduced. To overcome this problem the next protocol is proposed distributed k-secure sum protocol [5]. In this protocol the data leakage probability is reduced to zero, only for two parties. But computation complexity is very high due to shuffling the segments. To reduce the communication complexity the he has proposed the next protocol which is changing neighbor k-secure sum [6]. In which each neighbors are changed in each round of computation. This protocol is further extended to modified ck-secure sum [7].This protocol is motivated by ck-secure sum.

RELATED WORK

3.1 Secure Sum Protocol

In secure sum protocol proposed by Clifton et al. [4], the parties are allowed to communicate with each other by passing the values. There are four parties who want to compute the sum of their digits. To start the communication an initiator is selected. Now the initiator passes the value with adding a random digit to next party, and the process continues till all the parties have added their digit. At the end last computation is delivered to the initiator party and the final sum is calculated. For the final sum the initiator subtracts the random digit and announces the result. At the end all the parties know the final result computed but none of them knows the actual data of each party.

3.1.1 Steps of Simulation

In the main form by clicking on the data entry, we can enter the values. In the data entry form four parties have to enter their data to compute the sum. All the six protocols are listed and we can choose any one of them as per our requirement.

Fig 1 Data entry form

Now the data of each party is displayed on the screen. There is a show button by clicking on this we can see the simulation process of secure sum protocol. An indicator is provided in the form which enables the random value.

JOURNAL OF COMPUTING, VOLUME 4, ISSUE 4, APRIL 2012, ISSN 2151-9617 https://sites.google.com/site/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG

111

Result displayed on the screen.

Fig 3 k-Secure Sum Protocol Fig 2 Secure Sum Protocol

3.2 k-Secure Sum Protocol

The k- secure sum protocol was proposed by Sheikh et al. [5], in this protocol the data of each party is divided into four segments. Thus each party in this protocol must have capability to break the data block into segments an capacity to store each segments. Suppose P0 is selected as the protocol initiator. Than this party will start the protocol by sending the first segment of its data block. The flow of partial sum will follow a unidirectional ring. The resulting sum is announced by the protocol initiator.

3.2.1 Steps of Simulation

In the main form by clicking on the data entry, we can enter the values. In the data entry form four parties have to enter their data to compute the sum. All the six protocols are listed and we can choose any one of them as per our requirement. Now the data of each party is displayed on the screen. By clicking on show button we can see that the data is divided into four segments. Four cycles are listed each cycles shows the completion of one round. After completion of all rounds the result is displayed on the screen.

Fig 4 Final Computation of k-Secure Sum Protocol

The performance of this protocol is good, but the data leakage probability compromised due to following cases. 1. When all parties are honest than the protocol runs in a smooth fashion, but if any one of them behaves dishonestly than the probability of data leakage probability is increased. 2. When the protocol initiator becomes malicious than also the data leakage probability is increased. 3. When two adjacent parties turn malicious than also the data leakage probability is increased. 4. In this protocol k- rounds of computations are performed; defiantly it is time consuming and costly technique.

JOURNAL OF COMPUTING, VOLUME 4, ISSUE 4, APRIL 2012, ISSN 2151-9617 https://sites.google.com/site/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG

112

3.3 Extended k-Secure Sum Protocol

The extended k-secure sum protocol [5] is the extension of k-secure sum protocol. In this protocol the data block of each party is partitioned into four segments. All segments are similar to k-secure sum protocol but each round of segment summation uses a random digit. The performance of extended k-Secure Sum Protocol is better from previous protocols. The communication and computation complexities are significantly reduced as compare to k-Secure Sum Protocol. Hence this protocol performs better if two mutual parties do not behave maliciously.

3.3.1 Steps of Simulation

The process of simulation of extended k-secure sum protocol is same as k-secure sum protocol. There are also four rounds for computing the final result. In each round of computation a random value is added. Only the difference lies is that each round of summation uses a random value.

Fig 6 Final Computation of Extended k-Secure Sum Protocol

3.4 Distributed k-Secure Sum Protocol

In dk-secure sum protocol [6] we have assumed four parties have their secret data. Each party break its data into four segments, each party keeps any one segment with it and distributes remaining three segments to other parties such that one segment is distributed to one party.

3.4.1 Steps of Simulation

The process of entering the data is same as previous protocol.

Fig 5 Extended k-Secure Sum Protocol

The final result announced by the protocol initiator by subtracting the sum of all random values.

Fig 7 Distributed k-Secure Sum Protocol

JOURNAL OF COMPUTING, VOLUME 4, ISSUE 4, APRIL 2012, ISSN 2151-9617 https://sites.google.com/site/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG

113

The shuffle button is provided with the form by clicking on this the data of each party shuffled.

3.5 Changing Neighbor k-Secure Sum Protocol

In ck-secure sum protocol [7], the parties are arranged in a ring. Each party break their data into three segments which is equal to (n-1) where n stands for no. of parties. For example four parties break their data block into three segments. Initially the parties are arranged sequentially as P0, P1 Pn. in the next round of the computation P1 exchanges its position with P2 and in subsequent rounds P1 exchanges its position with P3 and so on until Pn is reached.

3.5.1 Steps of Simulation

The process of entering the data is same as previous protocols. The data block of each party is portioned into three segments. Initiator (P0) does not change their position.

Fig 8 dk-Secure Sum Protocol after Shuffling

Four cycles are listed each cycles shows the completion of one round. Finally the result announced by the protocol initiator.

Fig 10 ck-Secure Sum Protocol

And there are three cycles for each for one round.

Fig 9 Final Result of Distributed k-Secure Sum Protocol

This protocol performs satisfactory due to many reasons; the segmentation of the data block of a party is done by the party in its own way. Secondly the party randomly selects any one of the segment and keep with it, reaming segments are distributed to the other parties randomly. The data leakage probability is zero when majority of parties are honest.

Fig 11 Rounds of ck-Secure Sum Protocol [6]

Result displayed on the screen.

JOURNAL OF COMPUTING, VOLUME 4, ISSUE 4, APRIL 2012, ISSN 2151-9617 https://sites.google.com/site/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG

114

Fig 12 Final Result of ck-Secure Sum Protocol

The protocol guarantees that a party will not have same two neighbors in all the rounds of the computation. The neighbors are changed at least once during secure sum computation. Thus any two neighbors of a middle party cannot know all the segments of a party. The semi honest party cannot learn more information than the result thus the probability if data leakage is zero.

Fig 13 Modified ck-Secure Sum Protocol

And there are four cycles for each for one round. In each round parties change their position with the initiator.

3.6 Modified ck-Secure Sum Protocol

The modified ck- secure sum protocol [8] is an extension of ck-secure sum protocol and is based on changing neighbor in each round of segment computation. The party P0 is selected as a protocol initiator party which starts the computation by sending the first data segment. The party P0 traverses toward Pn in the each round of the computation. The no. of parties for these protocols must be four or more. When all the rounds of segments summation are completed the sum is announced.

3.6.1 Steps of Simulation

The process of entering the data is same as previous protocols. The data block of each party is portioned into four segments.
Fig 14 Rounds of modified ck-Secure Sum Protocol [7]

JOURNAL OF COMPUTING, VOLUME 4, ISSUE 4, APRIL 2012, ISSN 2151-9617 https://sites.google.com/site/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG

115

Result displayed on the screen

4.2 Communication Complexity Graph

Communication Complexity
30 25 20 15 10 5 0
dk-Secure Sum Modified ckSecure Sum Communication Complexity

For n=4, k=4

Protocol

Fig 17 Communication Complexity Graph

Fig 15 Final Result of Modified ck-Secure Sum Protocol

This protocol provides zero data leakage probability because if two colliding parties try to know the data of the middle party, they cannot do so because the protocol does not allow any two parties to be neighbor of a party for all the rounds of the computation. That is why this protocol provides maximum security.

The graph shows the communication complexity between three protocols listed as distributed k- secure sum, changing neighbor k-secure sum protocol, modify k-secure sum protocol. In changing neighbor k-secure sum protocol the data of each party is divided into three segments.

5 CONCLUSION
SMC protocols are used to get the sum of private data belonging to all parties providing lower probability of data leakage. The probability analysis shows that this is an appreciable improvement over secure sum protocols. It provides excellent security. When we simulate all protocols we get more acquainted about these protocols which can help in making other protocol with lesser probability of data leakage for enhancing the data security. Simulation of secure sum protocol is an important phenomenon through which we can know and analyze the concept of secure sum protocols. With the help of simulation we can analyze the working of each protocol. The simulation is aimed to achieve high security hence it is very important phenomenon in industries, banking, data mining, and data privacy.

4 RESULT AND ANALYSIS

4.1 Data Leakage Probability Graph

Probability
0.25 Probability 0.2 0.15 0.1 0.05 0
k-Secure Sum Protocol Extended kSecure Sum Protocol

For n=4,k=4

REFERENCES
[1] A. C. Yao, protocol for secure computations, in proceedings of the 23rd annual IEEE symposium on foundation of computer science, pages 160-164, Nov.1982. O. Goldreich, S. Micali, and A. Wigderson, "How to play any mental game," in STOC '87: Proceedings of the nineteenth annual ACM conference on Theory of computing, New York, NY, USA: ACM, pages 218-229 1987. C. Clifton, M. Kantarcioglu, J. Vaidya, X. Lin, and M. Y. Zhu, Tools for Privacy-Preserving Distributed Data Mining, J. SIGKDD Explorations, Newsletter, vol.4, no.2, ACM Press, pages 28-34, Dec. 2002. R. Sheikh, B. Kumar and D. K. Mishra, Privacy-Preserving k-

[2] Fig 16 Probability Graph

This graph shows the probability of data leakage between three protocols listed as secure sum-secure sum, extended k-secure sum, in secure sum protocol there are no segments (k) and data leakage probability is 0.6.

[3]

[4]

JOURNAL OF COMPUTING, VOLUME 4, ISSUE 4, APRIL 2012, ISSN 2151-9617 https://sites.google.com/site/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG

116

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]

[18]

Secure Sum Protocol. In International Journals of Computer Science and Information Security, Vol.6 No.2, page 184-188, USA, Nov. 2009. R. Sheikh, B. Kumar and D. K. Mishra, A Distributed k-Secure Sum Protocol for Secure Multi-Party Computation, Journal of Computing, USA, Vol. 2, Issue 3, pages 68-72, Mar. 2010. R. Sheikh, B. Kumar and D. K. Mishra, Changing Neighbors k-Secure Sum Protocol for Secure Multi-Party Computation, in International Journal of Computer Science and Information Security, Vol 7 No. 1, Pages 239-243, USA, Jan. 2010. R. Sheikh, B. Kumar and D. K. Mishra, A Modified ck-Secure Sum Protocol for Multi-party Computation, Journal of Computing, USA, Vol. 2, Issue 2, page 62-65, Feb. 2010. R. Sheikh, B. Kumar and D. K. Mishra, Secure Multi-party Computation: From Millionaires Problem to Anonymizer, in Information Security Journal: A Global Perspective, Vol 20, Issue 1,Pages 25-33, USA, 2011. B. Chor and N. Gilbao. Computationally Private Information Retrieval (Extended Abstract), In proceedings of 29th annual ACM Symposium on Theory of Computing, El Paso, TX USA, May 1997. B. Chor, E. Kushilevitz, O. Goldreich, and M. Sudan, Private Information Retrieval, In proceedings of the 36th Annual IEEE Symposium on Foundations of Computer Science, Milwaukee WI, pp. 41-50, Oct. 1995. Y. Lindell and Pinkas,Privacy preserving data mining, in advance in cryptogrophy-crypo2000, lecture notes in computer science, Vol. 1880, 2000. R. Agrawal and R. Srikant. Privacy-Preserving Data Mining, In proceedings of Seventh SIGMOD on management of data , Dallas, TX USA, pp. 439 450, May 15-18-2000. M. J. Atallah and W. Du. Secure Multiparty Computation Geometry, In proceedings of Seventh International Workshop on Algorithm and Data Structure(WADS2001). Providence, Rhode Island, USA, pp. 165-179, Aug. 8-10, 2001. W. Du and M. J. Atallah. Privacy-Preserving Cooperative Scientific Computations. In 14th IEEE Computer Security Foundations Workshop, Nova Scotia, Canada, pp.273-282, Jun. 1113, 2001. W. Du and M. J. Atallah, Privacy-Preserving Statistical Analysis, In proceedings of the 17th Annual Computer Security Applications Conference, New Orleans, Louisiana, USA, pp. 102110, Dec. 10-14 2001. W. Du and M. J. Atallah,Secure Multiparty Computation Problems and their Application: A Review and Open Problems.In proceedings of new security paradigm workshop, Cloudcroft, New Mexico, USA, pp. 11-20, Sep. 11-13, 2001. V. Oleshchuk, and V. Zadorozhny,Secure Multi-Party Computations and Privacy preservation: Results and Open Problems, Telektronikk: Telenors Journal of Technology, Vol. 103, no. 2, 2007. D. K. Mishra, M. Chandwani. Extended Protocol for Secure Multiparty Computation using Ambiguous Identity. WSEAS Transaction on Computer Research, vol. 2, issue 2, Feb, 2007.

AUTHORS PROFILE
APEKSHA GARG Ph. +91 8305423574

Apeksha Garg is pursuing Bachelor of Engineering in Computer Science branch from Shri Venkteshwar Institute of Technology, Indore, India.
HARSHIT LAHOTI Ph. +91 9691888777

Harshit Lahoti is pursuing Bachelor of Engineering in Computer Science branch from Shri Venkteshwar Institute of Technology, Indore, India.
JYOTSANA CHOUBEY Ph. +91 9713275437

Jyotsana Choubey is pursuing Bachelor of Engineering in Computer Science branch from Shri Venkteshwar Institute of Technology, Indore, India.

JOURNAL OF COMPUTING, VOLUME 4, ISSUE 4, APRIL 2012, ISSN 2151-9617 https://sites.google.com/site/journalofcomputing WWW.JOURNALOFCOMPUTING.ORG

117

RASHID SHEIKH Ph. +91 9826024087

Rashid Sheikh has received B.E. (Bachelor of Engineering) degree in Electronics and Telecommunication Engineering from Shri Govindram Seksaria Institute of Technology and Science, Indore, India in 1994 and M.Tech. (Master of Technology) in Computer Science and Engg. From RGPV Bhopal, India in 2010. He is pursuing PhD on Design of Secure Multiparty Computation Protocols for Privacy Preservation. He has 18 years of teaching experience. He is the reviewer of International Journal of Advanced Computer Science and Applications, USA. He is the program committee member of international conferences WOCN2012 and CONSEG2012. He has been listed in the world known Database Systems and Logic Programming (DBLP) Project, Germany. He is the senior member of IEEE and executive committee member IEEE MP Subsection. His subjects of interest include Computer Architecture, Computer Networking, Operating Systems, Network Security and Assembly Language Programming. He has published nine research papers in International Conferences and Journals and ten research papers in National conferences. His research areas are Secure Multiparty Computation and Mobile Ad hoc Networks and Network Security. He is the author of ten books on Computer Organization and Architecture. Presently he is working as Professor (CSE) and Dean (R & D) at Shri Venkteshwar Institute of Technology, Indore, India.