ABSTRACT
On the one hand, compilers for secure computation protocols, such as FairPlay or FairPlayMP, have significantly simplified the development of such protocols. On the other hand, optimized protocols with high performance for special problems demand manual development and security verification. The question considered in this paper is: Can we construct a compiler that produces optimized protocols? We present an optimization technique based on logic inference about what is known from input and output. Using the example of median computation we can show that our program analysis and rewriting technique translates a FairPlay program into an equivalent -- in functionality and security -- program that corresponds to the protocol by Aggarwal et al. Nevertheless our technique is general and can be applied to optimize a wide variety of secure computation protocols.
- G. Aggarwal, N. Mishra, and B. Pinkas. Secure computation of the k-th ranked element. In EUROCRYPT'04: Advances in Cryptology, 2004.Google ScholarCross Ref
- R. Agrawal and R. Srikant. Privacy-preserving data mining. ACM SIGMOD Record, 29(2), 2000. Google ScholarDigital Library
- A. Banerjee. A joint economic-lot-size model for buyer and supplier. Decision Sciences, 17, 1986.Google Scholar
- D. Beaver, S. Micali, and P. Rogaway. The round complexity of secure protocols. In STOC'90: Proceedings of the 22nd ACM Symposium on Theory of Computing, 1990. Google ScholarDigital Library
- B. Beckert and R. Gore. In CADE'98: Proceedings of the International Conference on Automated Deduction, 1998.Google Scholar
- A. Ben-David, N. Nisan, and B. Pinkas. Fairplaymp: a system for secure multi-party computation. In CCS'08: Proceedings of the 15th ACM Conference on Computer and Communications Security, 2008. Google ScholarDigital Library
- M. Ben-Or, S. Goldwasser, and A. Wigderson. Completeness theorems for non-cryptographic fault-tolerant distributed computation. In STOC'88: Proceedings of the 20th ACM Symposium on Theory of Computing, 1988. Google ScholarDigital Library
- D. Bogdanov, S. Laur, and J. Willemson. Sharemind: a framework for fast privacy-preserving computations. In ESORICS'08: Proceedings of the 13th European Symposium on Research in Computer Security, 2008. Google ScholarDigital Library
- R. Cytron, J. Ferrante, B. K. Rosen, M. N. Wegman, and F. K. Zadeck. Efficiently computing static single assignment form and the control dependence graph. ACM Transactions Programming Languages and Systems, 13(4), 1991. Google ScholarDigital Library
- I. Damgård, M. Geisler, M. Krøigaard, and J. B. Nielsen. Asynchronous multiparty computation: theory and implementation. In PKC'09: Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography, 2009. Google ScholarDigital Library
- S. Even, O. Goldreich, and A. Lempel. A randomized protocol for signing contracts. Communications of the ACM, 28(8), 1985. Google ScholarDigital Library
- C. Fournet, G. L. Guernic, and T. Rezk. A security-preserving compiler for distributed programs: from information-flow policies to cryptographic mechanisms. In CCS'09: Proceedings of the 16th ACM Conference on Computer and Communications Security, 2009. Google ScholarDigital Library
- C. Gentry and Z. Ramzan. Single-database private information retrieval with constant communication rate. In ICALP'05: Proceedings of the 32nd International Colloquium on Automata, Languages and Programming, 2005. Google ScholarDigital Library
- O. Goldreich. Foundations of Cryptography, volume 2. Cambridge University Press, 2004. Google ScholarDigital Library
- O. Goldreich, S. Micali, and A. Wigderson. How to play any mental game. In STOC'87: Proceedings of the 19th ACM Symposium on Theory of Computing, 1987. Google ScholarDigital Library
- J. Y. Halpern. Reasoning about knowledge: a survey. In D. M. Gabbay, C. J. Hogger, and J. A. Robinson, editors, Handbook of Logic in Artificial Intelligence and Logic Programming, volume 4. Oxford University Press, 1995. Google ScholarDigital Library
- W. Henecka, S. Kögl, A.-R. Sadeghi, T. Schneider, and I. Wehrenberg. Tasty: tool for automating secure two-party computations. In CCS'10: Proceedings of the 17th ACM Conference on Computer and Communications Security, 2010. Google ScholarDigital Library
- Y. Huang, D. Evans, J. Katz, and L. Malka. Faster secure two-party computation using garbled circuits. In Proceedings of the 20th USENIX Security Symposium, 2011. Google ScholarDigital Library
- J. Kilian. Founding crytpography on oblivious transfer. In STOC'88: Proceedings of the 20th ACM Symposium on Theory of Computing, 1988. Google ScholarDigital Library
- S. Kripke. A semantic analysis of modal logic i: normal modal propositional calculi. Zeitschrift für Mathematische Logik und Grundlagen der Mathematik, 9, 1963.Google Scholar
- Y. Lindell and B. Pinkas. Privacy-preserving data mining. In CRYPTO'00: Advances in Cryptology, 2000. Google ScholarDigital Library
- H. Lipmaa. An oblivious transfer protocol with log-squared communication. In ISC'05: Proceedings of the 8th International Conference on Information Security, 2005. Google ScholarDigital Library
- D. Malkhi, N. Nisan, B. Pinkas, and Y. Sella. Fairplay--a secure two-party computation system. In Proceedings of the 13th USENIX Security Symposium, 2004. Google ScholarDigital Library
- M. Naor and B. Pinkas. Efficient oblivious transfer protocols. In SODA'01: Proceedings of the 12th ACM-SIAM Symposium on Discrete Algorithms, 2001. Google ScholarDigital Library
- J. D. Nielsen and M. I. Schwartzbach. A domain-specific programming language for secure multiparty computation. In PLAS'07: Proceedings of the ACM Workshop on Programming Languages and Analysis for Security, 2007. Google ScholarDigital Library
- A. Paus, A.-R. Sadeghi, and T. Schneider. Practical secure evaluation of semi-private functions. In ACNS'09: Proceedings of the 7th International Conference on Applied Cryptography and Network Security, 2009. Google ScholarDigital Library
- R. Pibernik, Y. Zhang, F. Kerschbaum, and A. Schröpfer. Secure collaborative supply chain planning and inverse optimization - the jels model. European Journal of Operational Research, 208(1), 2011.Google ScholarCross Ref
- B. Pinkas, T. Schneider, N. P. Smart, and S. C. Williams. Secure two-party computation is practical. In ASIACRYPT'09: Advances in Cryptology, 2009. Google ScholarDigital Library
- A. Sabelfeld and A. C. Myers. Language-based information-flow security. IEEE Journal on Selected Areas in Communications, 21(1), 2003. Google ScholarDigital Library
- A. Schröpfer, F. Kerschbaum, and G. Müller. L1 -- an intermediate language for mixed-protocol secure computation. In COMPSAC'11: Proceedings of the 35th IEEE Computer Software and Applications Conference, 2011. Google ScholarDigital Library
- A. C.-C. Yao. How to generate and exchange secrets. In FOCS'86: Proceedings of the 27th IEEE Symposium on Foundations of Computer Science, 1986. Google ScholarDigital Library
- S. Zdancewic, L. Zheng, N. Nystrom, and A. C. Myers. Untrusted hosts and confidentiality: Secure program partitioning. In SOSP'01: Proceedings of the 18th ACM Symposium on Operating System Principles, 2001. Google ScholarDigital Library
Index Terms
- Automatically optimizing secure computation
Recommendations
Expression rewriting for optimizing secure computation
CODASPY '13: Proceedings of the third ACM conference on Data and application security and privacyIn theory secure computation offers a solution for privacy in many collaborative applications. However, in practice poor efficiency of the protocols prevents their use. Hand-crafted protocols are more efficient than those implemented in compilers, but ...
An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries
We show an efficient secure two-party protocol, based on Yao's construction, which provides security against malicious adversaries. Yao's original protocol is only secure in the presence of semi-honest adversaries, and can be transformed into a protocol ...
Secure Two-Party Computation via Cut-and-Choose Oblivious Transfer
Protocols for secure two-party computation enable a pair of parties to compute a function of their inputs while preserving security properties such as privacy, correctness and independence of inputs. Recently, a number of protocols have been proposed ...
Comments