Presentation about the paper "Privacy-Preserving Search for Chemical Compound Databases"*.
This presentation is based on the uploader's understanding of the paper and may contain inaccurate interpretations.
A summary of the paper is available at: https://mshcruz.wordpress.com/2016/09/02/summary-privacy-preserving-search-for-chemical-compound-databases/
*Shimizu et al.: "Privacy-Preserving Search for Chemical Compound Databases". BMC Bioinformatics 2015.
4. Introduction Method Experiments Conclusion
OVERVIEW
Protocol for searching chemical databases
Checks if items are similar
Tversky index
Encrypt items to preserve privacy
Additive-homomorphic encryption
1 / 11
5. Introduction Method Experiments Conclusion
SECURITY REQUIREMENTS
User privacy
The database shouldn’t learn about the query
Database privacy
The user shouldn’t learn about the DB contents
The similarity value cannot be disclosed
Allows regression attacks
2 / 11
6. Introduction Method Experiments Conclusion
MODEL
The user is a private chemical compound
holder, and the server is a private database
holder. The user learns nothing but the number
of similar compounds in the server’s database,
and the server learns nothing about the user’s
query compound.
3 / 11
7. Introduction Method Experiments Conclusion
PROPOSAL
Secure similar compounds counter
Tolerant against regression attacks
Efficient
Computation
Communication
Scalable
4 / 11
9. Introduction Method Experiments Conclusion
SIMILARITY CALCULATION
Compounds are modeled as p ∈ {0, 1}
Bit array of size
Similarity given by Tversky index
TI1,1 gives the Jaccard Index
TI1/2,1/2 gives the Dice Index
TIα,β(p, q) = |p∩q|
|p∩q|+α|pq|+β|qp|
5 / 11
10. Introduction Method Experiments Conclusion
PROTOCOL OVERVIEW
Assume there is only p in the database
Two party protocol
Client Alice holds query item p
Server Bob holds q
Objective
Check if TI(p, q) ≥ θ
Security issues
Alice should not know what is q
Bob should not know what is p
6 / 11
12. Introduction Method Experiments Conclusion
PROTOCOL STEPS
1 Alice generates (pk, sk) pair
2 Alice sends cA, Γ, µa, µb, θn to Bob
cA := Enc(pk, p)
3 Bob encrypts q
cB,q := Enc(pk, q)
4 Bob calculates cTI and sends it to Alice
cTI := ΓcB,∩ − θn(µacB,p + µbcB,q)
5 Alice decrypts cTI and checks TI(p, q) ≥ 0
T := Dec(sk, cTI)
8 / 11
13. Introduction Method Experiments Conclusion
IMPROVING SECURITY
Alice should not know T := TI(p, q)
Insert encrypted dummies to the result
c1, . . . , cd
Shuffled with the result cTI
Send shuffled set to Alice
Also sends Np,dummy
– Number of non-negative dummies
Alice...
Decrypts ciphertexts
Count non-negative values: Np,all
If Np,all − Np,dummy = 1 then TI(p, q) ≥ 0
9 / 11
17. Introduction Method Experiments Conclusion
SUMMARY
Checks similarities between compounds
Operate over encrypted data
Low computation and communication
Faster than MPC and FHE
Multi-party Computation
Fully Homomorphic Encryption
11 / 11