Secure Two-party Computation Technology For Mobile Internet

With the rapid popularization of mobile intelligent terminal devices and the increasing diversification of mobile applications,mobile Internet has gradually penetrated into every field of human's daily life,such as work,social contact,medical treatment,travel and so on.Nevertheless,the mobile Internet not only brings convenience to human,but also introduces increasingly prominent network and information security problems.Firstly,mobile Internet has integrated a large number of smart devices and wireless networks,resulting in increasingly blurred network boundaries and more vulnerable to the eavesdropping and tampering attacks over wireless networks compared with traditional Internet.Secondly,as more and more applications are developed in the mobile Internet,the network structure becomes more complex,leading to higher risks of abuse of mobile services and illegal access of user data.Last but not least,the explosive growth of mobile devices has spawned the era of mobile big data,so that mobile users have to face the contradiction between data value mining and privacy preservation.However,the convenience and mobility of mobile devices limit the deployment of high-security but complex systems to a certain extent,making the security protection mechanism of traditional Internet no longer fully applicable to mobile Internet.As a result,mobile devices are more vulnerable to the remote or physical attacks by adversaries,which directly cause the leakage of users' private keys and other sensitive information.Therefore,it is necessary to explore new security and privacy protection technologies to ensure the healthy development of mobile Internet.Secure multi-party computation(SMPC)aims to solve the jointly computing problem for two or more non-trusted entities on the premise of ensuring the correct calculation results and not disclosing their private information.Currently,SMPC has gradually developed from theoretical researches to practical application research for realistic problems,and plays a significant role in key protection,data privacy-preserving computation and other applications.Secure two-party computation as a special form of SMPC,has obvious advantages in performance and user experience,and it can be widely applied in many realistic scenarios.Starting from the security and privacy requirements of the mobile Internet,this thesis explores the researches on the mobile Internet-oriented secure two-party computation schemes and their applications.Specifically,combining the authentication and key agreement,digital signature,homomorphic encryption,multiplication triples and other cryptography technologies,the thesis designed three secure and privacy-preserving schemes for mobile Internet as follows:1.For the security of network access and data transmissions in mobile Internet,this thesis presents a two-device collaboratively anonymous authentication and key agreement scheme.First,based on the multiplicative secret sharing,the long-term private key of a mobile user is converted into two random shares that dispersedly stored on different devices,so as to realize the secure storage of the key and prevent the key from single point of failure attack.Then,based on the Paillier homomorphic encryption technology,the secure two-party computation between the two devices is designed to avoid the key reconstruction during the process of user anonymous authentication and key agreement,which ensures the secure usage of the key and realizes more reliable mobile user anonymous authentication and key agreement.Compared with the existing authenticated key agreement schemes,this scheme solves the problem that mobile users' keys are apt to leak,and thus improves the security of mobile Internet network access and the confidentiality of transmitted data.2.For the security of access control for mobile services and data in mobile Internet,this thesis presents a secure and effective two-party digital signature scheme.The scheme constructs a new and efficient two-party ECDSA signing protocol based on the one-time-pad Beaver's multiplicative triples,which avoids the use of expensive homomorphic encryption and oblivious transfer protocols.It not only effectively alleviates the threat of mobile service abuse or application data illegal access due to the leakage of signature private key or the over-concentration signing rights,but also significantly improves the running efficiency of collaborative signature.In addition,the online overhead of the two-party signature is reduced by pre-computing enough multiplication triples in offline manner.When compared with the existing schemes,the proposed scheme has improved the computational efficiency by at least 76.84% and reduced the communication overhead by at least 21.74%.3.For privacy preservation and utilization of the mobile big data,this thesis presents a privacy-preserving dual-cloud collaborative outsourced machine learning model training scheme.First,based on distributed double-trapdoor homomorphic encryption algorithm,the scheme design some secure and efficient two-party outsourced computation protocols,including the integer/floating-point computation protocols,comparison protocol,and the floating-point precision control protocol,which not only achieves the privacy-preserving outsourced data computation,but also solves plaintext overflow problem under the ciphertext domain that most existing outsourced schemes suffer from.Then,based on the proposed secure two-party computation protocols,a privacy-preserving outsourced linear support vector machine model training scheme that supporting multi-user and multi-key settings is designed,which eliminates the computing overhead of mobile users,and balances the contradiction between privacy preservation and value mining of mobile big data.In a summary,starting from the needs of network access security,service security and data privacy preservation in the mobile Internet,and focusing on the key protection and data privacy preservation,this thesis presents three cryptographic solutions based on the secure two-party computation,which can enhance the security of network access,the confidentiality of transmitted data,the reliability of service authorization,the balance of privacy preservation and utilization of mobile big data.