Secure Multiparty Computation for Cyber Crime Evidence

A Use Case by the South East Regional Organised Crime Unit as part of the H2020 EU SUNFISH Project

The need of Interconnected Cloud systems

Cloud systems are being adopted more and more to offer Public Services. However, the lack of trust on Public Clouds has led Public Bodies to invest on their private, secluded Clouds. In the era where sharing information is paramount, we must be able to interconnect private and heterogeneous Clouds to share data, offer new services, and optimise the utilisation of resources.

Cloud Federation is the answer to this challenge by offering as a service-secured sharing of interconnected Clouds. A Cloud Federation allows forming members in achieving a business goal that each of them would not be able to achieve by itself.

EU H2020 SUNFISH Project

The SUNFISH project designed and implemented FaaS -Federation-as-a-Service, this new and innovative Cloud Federation service is compatible with major Cloud platforms and offers advanced security and privacy-preserving services.

FaaS relies on a first-time use of blockchain technology to underpin the whole federation so as to realise a fully democratic and decentralised federation governance.

FaaS features many Privacy-enhancing Technology, comprising data masking, data anonymization and most of all Secure Multi-Party Computation.

SMC: Secure Multi-party Computation

SMC enables first-time applications on confidential data through the skills it offers, namely:

  • Secret sharing of data: data owners can share private data to perform computation being assured that the actual value is not revealed.
  • Computation on shares of data: a computation on secret shared data can be performed without leaking any private data to the data processors.

SMC is the solution to share and compute data coming from actors who do not want to disclose any private data. This is made possible by using cryptographic techniques whose pillars are

  • Sharing a secret S with N subjects by consigning some data (fragment) to each of them, in a way that none of them knows S and they can reconstruct S (only) by joining the fragments they hold.
  • Create methods for parties to jointly compute a function over their inputs so that certain security properties such as privacy and correctness are preserved throughout the function computation.

These properties are ensured even if some of the participating parties or an external entity maliciously attack the protocol. Generally speaking, privacy and correctness belong to a set of requirements that should be met and held for any secure protocol, and particularly for SMC they are: independence of inputs, guaranteed output delivery, and fairness.

Sharing of Cyber Crime Evidences

The South East ROCU is one of nine Regional Organise Crime Units (ROCUs) operating in UK to fight against cybercrime. One of the main needs is sharing the Crime Evidence among ROCUs without compromising privacy of data and success of ongoing investigations.

The SUNFISH project, by realising a FaaS Cloud Federation among ROCUs and using SMC, made the sharing of data in a fully private and secured way possible!
The SEROCU Use Case

The proposed solution is based on an intelligent index based on SMC that allows each ROCU to search on distributed data sources (i.e., the evidences gathered by other ROCUs) a specific keyword of interest. Each ROCU maintains the control over its own data,

enabling index search among data controlled by different ROCUs, and ensure that no ROCU sees (or learns anything about) the data owned by other ROCUs.

Indeed, by relying on SMC the servers carrying out the search on data will not have any clue on the data they are searching, neither on the keyword of interest for which they are searching. This search functionality is offered to ROCUs’ users according to their assigned privileges; different organisational roles will allow personnel to access different research features.

This intelligent index has been realised thanks to SHAREMIND, an SMC platform by Cybernetica.

SHAREMIND: a programmable SMC platform

An SMC platform by Cybernetica

Sharemind is a practical SMC framework capable of processing secret data without disclosing, based on shared computing. The framework has secure SMC protocols for performing private operations (i.e. private addition, multiplication, comparison) on integers and floating-point numbers. When combined, the protocols can be used for higher level operations like privacy-preserving text search.

The protocols, mentioned before, in fact are designated to be universally composable, which allows running them sequentially and in parallel without compromising security. Particularly, it uses the additive secret-sharing scheme which is proven to give a strong privacy guarantee in the honest-but-curious security model. Currently the system consists of 3 parties, connected over secure asynchronous network channels and tolerates one passive corrupted party.

The following figure depictes the SHAREMIND architecture, where one may notice that confidential data is divided in input-shares and each share is sent to exactly one Miner. Once each Miner made the computation locally, i.e. via SMC on the input-shares it is collected from various input parties, the result-shares coming from each Miner are merged together to obtain final results.

SHAREMIND architecture

SMC usage allows SHAREMIND to collect and store data in an encrypted form, and subsequently, to process them without decrypting. An example of how it works is shown in example below:

Sum operation on SHAREMIND

SMC for Cyber Crime Evidences

Each of the ROCU, federated as part of a secure Cloud Federation, can then share its data to build the intelligent index thanks to SHAREMIND.

Federation-based Intelligent Index

The local data of each ROCU is secretly shared as part of the index, so to ensure full privacy protection on the data.

The logic of the index can then ensure oblivious communication to/from the index (so to avoid any eavesdropping) and mediated access to index data, e.g. according to the vetting level of the personnel and the data clearance. Due to these ensured properties, SMC and the index itself is suitable to also be implemented on a Public Cloud, helping the Public Sector in stepping towards a wider adoption of Cloud technology.

This article was revised by Andrea Margheri