The framework facilitates building efficient secure two-party computation applications. The code is available via github. The software pack also includes four example uses of the framework in building Secure AES, Secure Hamming distance, and Privacy-preserving Edit Distance and Smith-Waterman Scores.
Selected uses of this framework include:
Circuit Structures for Improving Efficiency of Security and Privacy Tools, by University of Virginia, IEEE Security & Privacy Symposium 2013.
Zero-Knowledge Using Garbled Circuits: How To Prove Non-Algebraic Statements Efficiently, by SAP Research and Aarhus University, ACM CCS 2013.
Secure Two-Party Computation in Sublinear (Amortized) Time, by Columbia University, Applied Communication Sciences, University of Maryland, Bell Labs and AT&T, ACM CCS 2012.
A Private Set Intersection protocol computes the intersection of secret sets supplied by two mutually-untrusted parties. It can be a useful primitive in many secure protocols such as privacy-preserving joint database query. (Q: Why not have the parties exchange the hashes of their private elements and compute the intersection over the hashes? A: It is not secure because the hashes leak information on the secret elements even if cryptographically strong hashing is used. E.g., given hashes of a set, an attacker can make membership queries on the set for an arbitrary element of his choice.)
The CommonContacts app allows two people to discover that mutual contacts while protecting the rest of their contact list. We use an efficient private set intersection scheme that we developed that we have dubbed Sort-Compare-Shuffle (SCS). At the end of the protocol, both devices display the matching contacts.
Document editing and managing tools are going online, as evidenced from Google Docs, Microsoft OfficeLive, and Mozilla Bespin, etc. However, these benefits come somehow at the cost of security, since users have to fully trust the cloud service provider with their data. I developed an Firefox extension to enable private editing using Google Documents such that document contents submitted by the user are incrementally encrypted.