research-article

Expression rewriting for optimizing secure computation

Author:
Florian Kerschbaum

SAP Research, Karlsruhe, Germany

SAP Research, Karlsruhe, Germany
View Profile

CODASPY '13: Proceedings of the third ACM conference on Data and application security and privacyFebruary 2013Pages 49–58https://doi.org/10.1145/2435349.2435356

Published:18 February 2013Publication History

CODASPY '13: Proceedings of the third ACM conference on Data and application security and privacy

Pages 49–58

ABSTRACT

In theory secure computation offers a solution for privacy in many collaborative applications. However, in practice poor efficiency of the protocols prevents their use. Hand-crafted protocols are more efficient than those implemented in compilers, but they require significantly more development effort in programming and verification. Recently, Kerschbaum introduced an automatic compiler optimization technique for secure computations that can make compilers as efficient as hand-crafted protocols. This optimization relies on the structure of the secure computation program. The programmer has to implement the program in such a way, such that the optimization can yield the optimal performance. In this paper we present an algorithm that rewrites the program -- most notably its expressions -- optimizing their efficiency in secure computation protocols. We give a heuristic for whole-program optimization and show the resulting performance gains using examples from the literature.

References

J. B. Almeida, E. Bangerter, M. Barbosa, S. Krenn, A.-R. Sadeghi, and T. Schneider. A certifying compiler for zero-knowledge proofs of knowledge based on σ-protocols. In ESORICS'10: Proceedings of the 15th European Conference on Research in Computer Security, 2010. Google ScholarDigital Library
M. Backes, M. Maffei, and K. Pecina. Automated synthesis of privacy-preserving distributed applications. In NDSS'12: Proceedings of the 19th Annual Network and Distributed System Security Symposium, 2012.Google Scholar
A. Banerjee. A joint economic lot-size model for purchaser and vendor. Decision Sciences, 17(3), 1986.Google Scholar
D. Beaver, S. Micali, and P. Rogaway. The round complexity of secure protocols. In STOC'90: Proceedings of the 22nd ACM Symposium on Theory of Computing, 1990. Google ScholarDigital Library
A. Ben-David, N. Nisan, and B. Pinkas. Fairplaymp: a system for secure multi-party computation. In CCS'08: Proceedings of the 15th ACM Conference on Computer and Communications Security, 2008. Google ScholarDigital Library
M. Ben-Or, S. Goldwasser, and A. Wigderson. Completeness theorems for non-cryptographic fault-tolerant distributed computation. In STOC'88: Proceedings of the 20th ACM Symposium on Theory of Computing, 1988. Google ScholarDigital Library
D. Bogdanov, S. Laur, and J. Willemson. Sharemind: a framework for fast privacy-preserving computations. In ESORICS'08: Proceedings of the 13th European Symposium on Research in Computer Security, 2008. Google ScholarDigital Library
D. Bogdanov, R. Talviste, and J. Willemson. Deploying secure multi-party computation for financial data analysis. In FC'12: Proceedings of the 16th International Conference on Financial Cryptography and Data Security, 2012.Google ScholarCross Ref
P. Bogetoft, D. L. Christensen, I. Damgård, M. Geisler, T. P. Jakobsen, M. Krøigaard, J. D. Nielsen, J. B. Nielsen, K. Nielsen, J. Pagter, M. I. Schwartzbach, and T. Toft. Secure multiparty computation goes live. In FC'09: Proceedings of the 13th International Conference on Financial Cryptography and Data Security, 2009. Google ScholarDigital Library
O. Catrina and A. Saxena. Secure computation with fixed-point numbers. In FC'10: Proceedings of the 14th International Conference on Financial Cryptography and Data Security, 2010. Google ScholarDigital Library
J. Cocke. Global common subexpression elimination. SIGPLAN Notices, 5, 1970. Google ScholarDigital Library
R. Cramer, I. Damgård, and U. Maurer. Efficient general secure multi-party computation from any linear secret-sharing scheme. In EUROCRYPT'00: Proceedings of the 19th European Cryptology Conference, 2000. Google ScholarDigital Library
R. Cramer, I. Damgård, and B. Schoenmakers. Proofs of partial knowledge and simplified design of witness hiding protocols. In CRYPTO'94: Proceedings of the 14th International Cryptology Conference, 1994. Google ScholarDigital Library
I. Damgård, M. Geisler, M. Krøigaard, and J. B. Nielsen. Asynchronous multiparty computation: theory and implementation. In PKC'09: Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography, 2009. Google ScholarDigital Library
L. Devroye. Branching processes in the analysis of the heights of trees. Acta Informatica, 24, 1987. Google ScholarDigital Library
O. Goldreich. Foundations of Cryptography, volume 2. Cambridge University Press, 2004. Google ScholarCross Ref
S. Goldwasser. Multi-party computations: past and present. In PODC'97: Proceedings of the 16th ACM Symposium on Principles of Distributed Computing, 1997. Google ScholarDigital Library
J. Groth and A. Sahai. Efficient non-interactive proof systems for bilinear groups. In EUROCRYPT'08: Proceedings of the 27th European Cryptology Conference, 2008. Google ScholarDigital Library
W. Henecka, S. Kögl, A.-R. Sadeghi, T. Schneider, and I. Wehrenberg. Tasty: tool for automating secure two-party computations. In CCS'10: Proceedings of the 17th ACM Conference on Computer and Communications Security, 2010. Google ScholarDigital Library
Y. Huang, D. Evans, and J. Katz. Private set intersection: Are garbled circuits better than custom protocols? In Proceedings of the 19th Network and Distributed Security Symposium, 2012.Google Scholar
Y. Huang, D. Evans, J. Katz, and L. Malka. Faster secure two-party computation using garbled circuits. In Proceedings of the 20th USENIX Security Symposium, 2011. Google ScholarDigital Library
R. Jagomagis. Secrec: a privacy-aware programming language with applications in data mining. Master's thesis, University of Tartu, 2010.Google Scholar
M. Jensen and F. Kerschbaum. Towards privacy-preserving xml transformation. In ICWS'11: Proceedings of the 9th IEEE International Conference on Web Services, 2011. Google ScholarDigital Library
F. Kerschbaum. Automatically optimizing secure computation. In CCS'11: Proceedings of the 18th ACM Conference on Computer and Communications Security, 2011. Google ScholarDigital Library
F. Kerschbaum. A type-system for mixed protocol secure computation. Unpublished manuscript, 2012.Google Scholar
F. Kerschbaum, D. Dahlmeier, A. Schröpfer, and D. Biswas. On the practical importance of communication complexity for secure multi-party computation protocols. In SAC'09: Proceedings of the 24th ACM Symposium on Applied Computing, 2009. Google ScholarDigital Library
F. Kerschbaum, A. Schröpfer, A. Zilli, R. Pibernik, O. Catrina, S. de Hoogh, B. Schoenmakers, S. Cimato, and E. Damiani. Secure collaborative supply chain management. IEEE Computer, 44(9), 2011. Google ScholarDigital Library
V. Kolesnikov, A.-R. Sadeghi, and T. Schneider. Modular design of efficient secure function evaluation protocols. Technical Report Report 2010/079, Cryptology ePrint Archive, 2010.Google Scholar
V. Kolesnikov and T. Schneider. Improved garbled circuit: free xor gates and applications. In ICALP'08: Proceedings of the 35th International Colloquium on Automata, Languages and Programming, Part II, 2008. Google ScholarDigital Library
Y. Lindell and B. Pinkas. A proof of security of yao's protocol for two-party computation. Journal of Cryptology, 22(2), 2009. Google ScholarDigital Library
D. Malkhi, N. Nisan, B. Pinkas, and Y. Sella. Fairplay--a secure two-party computation system. In Proceedings of the 13th USENIX Security Symposium, 2004. Google ScholarDigital Library
S. Meiklejohn, C. C. Erway, A. Küpçü, T. Hinkle, and A. Lysyanskaya. Zkpdl: A language-based system for efficient zero-knowledge proofs and electronic cash. In Proceedings of the 19th USENIX Security Symposium, 2010. Google ScholarDigital Library
J. D. Nielsen and M. I. Schwartzbach. A domain-specific programming language for secure multiparty computation. In PLAS'07: Proceedings of the ACM Workshop on Programming Languages and Analysis for Security, 2007. Google ScholarDigital Library
J. A. Painter. Effectiveness of an optimizing compiler for arithmetic expressions. SIGPLAN Notices, 5, 1970. Google ScholarDigital Library
R. Pibernik, Y. Zhang, F. Kerschbaum, and A. Schröpfer. Secure collaborative supply chain planning and inverse optimization - the jels model. European Journal of Operational Research, 208(1), 2011.Google ScholarCross Ref
A. Schröpfer and F. Kerschbaum. Demo: secure computation in javascript. In CCS'11: Proceedings of the 18th ACM Conference on Computer and Communications Security, 2011. Google ScholarDigital Library
A. Schröpfer and F. Kerschbaum. Forecasting run-times of secure two-party computation. In QEST'11: Proceedings of the 8th International Conference on Quantitative Evaluation of Systems, 2011. Google ScholarDigital Library
A. Schröpfer, F. Kerschbaum, and G. Müller. L1 -- an intermediate language for mixed-protocol secure computation. In COMPSAC'11: Proceedings of the 35th IEEE Computer Software and Applications Conference, 2011. Google ScholarDigital Library
A. C. Yao. Protocols for secure computations. In FOCS'82: Proceedings of the 23rd IEEE Symposium on Foundations of Computer Science, 1982. Google ScholarDigital Library

Index Terms

Expression rewriting for optimizing secure computation
1. Security and privacy
  1. Cryptography
  2. Systems security
    1. Operating systems security
2. Software and its engineering
  1. Software notations and tools
    1. Compilers

Recommendations

Automatically optimizing secure computation
CCS '11: Proceedings of the 18th ACM conference on Computer and communications security

On the one hand, compilers for secure computation protocols, such as FairPlay or FairPlayMP, have significantly simplified the development of such protocols. On the other hand, optimized protocols with high performance for special problems demand manual ...
Read More
An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries

We show an efficient secure two-party protocol, based on Yao's construction, which provides security against malicious adversaries. Yao's original protocol is only secure in the presence of semi-honest adversaries, and can be transformed into a protocol ...
Read More
On the Power of Secure Two-Party Computation
Proceedings, Part II, of the 36th Annual International Cryptology Conference on Advances in Cryptology --- CRYPTO 2016 - Volume 9815

Ishai, Kushilevitz, Ostrovsky and Sahai STOC 2007, SIAM JoC 2009 introduced the powerful "MPC-in-the-head" technique that provided a general transformation of information-theoretic MPC protocols secure against passive adversaries to a ZK proof in a "...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
CODASPY '13: Proceedings of the third ACM conference on Data and application security and privacy
February 2013
400 pages
ISBN:9781450318907
DOI:10.1145/2435349
General Chairs:
Elisa Bertino
Purdue University, USA
,
Ravi Sandhu
University of Texas at San Antonio, USA
,
Program Chair:
Lujo Bauer
Carnegie Mellon University, USA
,
Publications Chair:
Jaehong Park
University of Texas at San Antonio, USA
Copyright © 2013 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 18 February 2013
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
optimization
programming
secure two-party computation
Qualifiers
- research-article
Conference

Acceptance Rates
CODASPY '13 Paper Acceptance Rate24of107submissions,22%Overall Acceptance Rate149of789submissions,19%
More
Upcoming Conference
CODASPY '24

Sponsor:

sigsac

Fourteenth ACM Conference on Data and Application Security and Privacy

June 19 - 21, 2024

Porto , Portugal
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 3
  Total Citations
  View Citations
- 147
  Total Downloads
- Downloads (Last 12 months)2
- Downloads (Last 6 weeks)1
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Expression rewriting for optimizing secure computation

CODASPY '13: Proceedings of the third ACM conference on Data and application security and privacy

ABSTRACT

References

Cited By

Index Terms

Recommendations

Automatically optimizing secure computation

An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries

On the Power of Secure Two-Party Computation