Secure Supply Chain Collaboration

1
Secure Supply Chain Collaboration

• Chris Clifton

2
Supply Chain Information Security

• Making the supply chain work requires information
• Need to keep the information secure
• What does this mean?
• Nobody sees anything they shouldnt
• What you see is correct
• You get what you need in time

3
Example Order Planning

• Goal Reduce inefficiency by reducing inventory,
  out of stock
• Inventory costs (interest, storage) significant
• Information sharing can solve the problem
• Walmart demands everyones information
• Result improved efficiency ? lower prices
• Who wins?
• We need fair knowledge sharing

4
Tradeoff Vertical Integration

• Vertical integration solves the information
  sharing problem
• All participants have the same bottom line
• Common authority/purpose
• But comes at a cost
• Loss of flexibility
• Lost opportunities for economies of scale
• Can we get both?

5
Goal Share Capacitywithout sharing information

• Large Corporations achieve economies of scale
• Lots of capacity
• Lots of work
• Enables smoothing out the rough spots
• Smaller entities could collaborate to do the same
• Share capacity and workload information
• But knowledge is power (competitive advantage)
• We face a tradeoffrevealing secrets vs.
  enhanced efficiency
• Or do we?

6
Confidential Computation

• Idea Many parties have components of the input
  to a function
• Want to get the function result
• But not reveal your input component
• Preserves confidentiality of the data
• Unless disclosure inherent in the result
• Example Secure Sum

7
Gold StandardTrusted Third Party
8
Secure Multiparty Computation

• Collaboration beneficial
• But information disclosure has costs
• Goal Collaboration without Disclosure
• Trusted third-party model

9
Secure Multiparty ComputationIt can be done!

• Goal Compute function when each party has some
  of the inputs
• Yaos Millionaires problem (Yao 86)
• Secure computation possible if function can be
  represented as a circuit
• Idea Securely compute gate
• Continue to evaluate circuit
• Works for multiple parties as well (Goldreich,
  Micali, and Wigderson 87)

10
Others you should talk to

• Mike Atallah (ComputerScience /CERIAS)
• Ananth Iyer (Krannert)

• VinayakDeshpande(Krannert)
• Lee Schwarz (Krannert)

11
Routes of Great Eastern
Routes of Western Trucking
Chicago
South Bend
Western Trucking
Gary
Great Eastern
Ft. Wayne
12
Example Transportation

• Two trucking companies wish to share deliveries
• Swap deliveries so each gets a shorter route
• But dont want to reveal customers
• What is the minimum that must be disclosed?
• Swapped customers!
• Can we do this without revealing more?

13
Traveling Salespeople
14
After swapping customers
New route of A
New route of B
Original customers of A
Original customers of B
New customers of A (swapped from B)
New customers of B (swapped from A)
15
Space Filling Curve Approach

• For each customer, via a space filling curve,
  calculate a corresponding position on an
  interval.
• Securely find the median on the interval.
• Salesman A doesnt know how may customers
  salesman B has and vice versa.
• They only know the customers swapped and
  additional information induced from the traded
  customers.
• Swap customers so that all customers of A are on
  one side of the median and all customers of B on
  the other side of the median.
• Find a route for each salesman via the same space
  filling curve.

16
Space-Filling Curve
Median
17
For each customer of salesman A, calculate a
corresponding position on an interval.
1
2
6
5
3
4
8
7
9
14
13
10
12
15
11
16
18
For each customer of salesman B, calculate a
corresponding position on an interval
19
lbound 0, ubound
i 1
lbound 1, ubound
i 2
lbound 2, ubound
i 4
lbound 2, ubound 4
i 3
lbound 3, ubound 4
i 3
1
11
13
15
3
20
lbound 0, ubound
i 1
lbound 1, ubound
i 2
lbound 2, ubound
i 4
lbound 2, ubound 4
i 3
lbound 3, ubound 4
i 3
1
5
7
9
11
13
15
3
21
i 1
i 2
i 4
Lbound 2, ubound 4
i 3
Lbound 3, ubound 4
22
(No Transcript)
23
Algorithm One Dimensional Secure Relative
Outlier Detection
24
Oblivious Transfer

• What is it?
• A has inputs ai
• B makes choice
• A doesnt know choice, B only sees chosen value.
• How?
• A sends public key p to B
• B selects k random values b
• encrypts (only) bchoice with fp, sends all to A
• A decrypts all with private key, sends to B ci
  ai ? e(fp-1(bi))
• B outputs cchoice ? e(bchoice) achoice ?
  e(fp-1(fp(bchoice))) ? e(bchoice)
• Slightly more complicated if B might cheat
• E.g., B encrypts all with fp,

25
Oblivious Transfer

• ? generates and publishes three numbers
• p a large prime number (all randoms in 1, ,
  p-1)
• C a random number
• g the generator of ps multiplicative group,
  i.e., every number between 1 and p-1 can be
  written as gk mod p for some k
• ? picks random k sets Ps gk P1-s C/Ps
• sends P0 to ?
• ? sets P1 C/P0 chooses random r0, r1 sets
• E0 (gr0, H((P0)r0) ? B0)
• E1 (gr1, H((P1)r1) ? B1)
• sends E0, E1 to ?
• ? computes Bs H(Ps)rs) ? Es

26
Oblivious Transfer

• What is it?
• A has inputs ai
• B makes choice
• A doesnt know choice, B only sees chosen value.
• How?
• A sends public key p to B
• B selects 4 random values b
• encrypts (only) bchoice with fp, sends all to A
• A decrypts all with private key, sends to B ci
  ai ? e(fp-1(bi))
• B outputs cchoice ? e(bchoice) achoice ?
  e(fp-1(fp(bchoice))) ? e(bchoice)

27
(No Transcript)
28
Is it Secure?

• Oblivious transfer secure even in malicious
  model
• Extends to comparison
• Full protocol
• Given final result, result of each comparison
  known
• Is this enough?
• No!
• But neither is trusted third party / malicious
  model
• Dishonest party falsifies input

29
SolutionIncentive Compatibility

• Cheating party will be worse off than being
  honest
• True if cheating results in
• Longer travel for cheater
• Getting caught
• Protocol gives optimal answer

30
Incentive Compatible (cont.)

• Protocol gives optimal answer
• If cheating gives different comparison, cant
  arrive at optimal answer
• If cheating gives same comparison, no knowledge
  gained
• Protocol is incentive compatible!

31
Does it Work?Trials on Actual Logistics Data
32
Does it Work?Trials on Actual Logistics Data
33
Ideas

• Reha Assymetry small suppliers, large
  customers
• Needs to be easy to use for suppliers
• Subcontractors
• Need to ascertain process
• Process improvements possible?
• Vendor-managed inventory
• Customer only gets combined information
• Vendors dont see each others information
• Avoid disclosing promotions at different levels
  of supply chain
• Issue Repetitive work may reveal information
  will this only work for one-time issues?
• Sales through third-party distributors likely
  market
• Reluctance to share with distributors and
  vice-versa
• How to get information to customer, and from
  customer?
• Sharing distribution facilities / cross-docking
  without revealing customers

34
Secure Multiparty ComputationIt can be done!

• Goal Compute function when each party has some
  of the inputs
• Yaos Millionaires problem (Yao 86)
• Secure computation possible if function can be
  represented as a circuit
• Idea Securely compute gate
• Continue to evaluate circuit
• Works for multiple parties as well (Goldreich,
  Micali, and Wigderson 87)

35
How does it work?
b1
a1
b2
a2
Aa1a2
Bb1b2

• Each side has input, knows circuit to compute
  function
• Add random value to your input, give to other
  side
• Each side has share of all inputs
• Compute share of output
• Add results at end
• XOR gate just add locally
• AND gate send your share encoded in truth table
• Oblivious transfer allows other side to get only
  correct value out of truth table

Circuit
c1
c2
Cc1c2
36
Oblivious Transfer

• What is it?
• A has inputs ai
• B makes choice
• A doesnt know choice, B only sees chosen value.
• How?
• A sends public key p to B
• B selects 4 random values b
• encrypts (only) bchoice with fp, sends all to A
• A decrypts all with private key, sends to B ci
  ai ? e(fp-1(bi))
• B outputs cchoice ? e(bchoice) achoice ?
  e(fp-1(fp(bchoice))) ? e(bchoice)

37
Challenges

• Extend secure multiparty computation to
  real-world problems
• Need to identify the problems!
• Business models to utilize the technology
• What is fair sharing?
• Moving this to industry
• VICS (Voluntary Intraindustry Commerce Standards)
  Association
• CCSI (Collaborative Commerce Standards Institute)

38
Related ideas

• Rapid Product Realization
• Customer-driven design
• Must share details between supply chain
  components
• Protect proprietary information
• Secure Multiparty Computation allows both!
• Talk to Prof. Ramani for more

39
How is this related to Infrastructure Protection?

• Critical Infrastructure not monolithic
• Telecommunications / power interrelated
• Multiple ISPs
• Protecting the infrastructure requires sharing
  information
• Attack identification and isolation
• Competitors reluctant to share
• Need data analysis without data disclosure!

40
Next Steps

• What are real-world applications?
• Logistics
• Manufacturing
• ?
• Who would be willing to try this out?
• Are you using a broker today?
• Do you give the broker all relevant information?
• Is this safe?
• Develop algorithms/tools and try them out

Want to participate? Contact me
(clifton_at_purdue.edu) orProf. Mike Atallah
(mja_at_cs.purdue.edu)