research-article

An information-flow type-system for mixed protocol secure computation

Author:

Florian KerschbaumAuthors Info & Claims

ASIA CCS '13: Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security

Pages 393 - 404

https://doi.org/10.1145/2484313.2484364

Published: 08 May 2013 Publication History

Abstract

There are a number of domain-specific programming languages for secure computation. Out of those, the ones that are based on generic programming languages support mixing different protocol primitives and enable implementing a wider, possibly more efficient range of protocols. On the one hand, this may result in better protocol performance. On the other hand, this may lead to insecure protocols. In this paper we present a security type system that enables mixing protocol primitives in a generic programming language, but also ensures that well-typed programs are secure in the semi-honest model. Consequently, a compiled protocol must be secure. We show an extension of the L1 language with our security type system and evaluate the implementation of two protocols from the literature. This shows that our type system supports the provably secure implementation even of complex protocols.

References

[1]

D. Beaver, S. Micali, and P. Rogaway.The Round Complexity of Secure Protocols. Proceedings of the 22nd ACM Symposium on Theory of Computing,1990.

Digital Library

[2]

A. Ben-David, N. Nisan, and B. Pinkas.FairplayMP: A System for Secure Multi-Party Computation. Proceedings of the 15th ACM Conference on Computer and Communications Security,2008.

Digital Library

[3]

M. Ben-Or, S. Goldwasser, and A. Wigderson.Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation. Proceedings of the 20th ACM Symposium on Theory of Computing,1988.

Digital Library

[4]

D. Bogdanov, S. Laur, and J. Willemson.Sharemind: A Framework for Fast Privacy-Preserving Computations. Proceedings of the 13th European Symposium on Research in Computer Security,2008.

Digital Library

[5]

D. Bogdanov, R. Talviste, and J. Willemson.Deploying Secure Multi-Party Computation for Financial Data Analysis. Proceedings of the 16th International Conference on Financial Cryptography and Data Security,2012.

[6]

P. Bogetoft, D. L. Christensen, I. Damgård, M. Geisler, T. P. Jakobsen, M. Krøigaard, J. D. Nielsen, J. B. Nielsen, K. Nielsen, J. Pagter, M. I. Schwartzbach, and T. Toft.Secure Multiparty Computation Goes Live. Proceedings of the 13th International Conference on Financial Cryptography and Data Security,2009.

Digital Library

[7]

O. Catrina, and F. Kerschbaum.Fostering the Uptake of Secure Multiparty Computation in E-Commerce. Proceedings of the International Workshop on Frontiers in Availability, Reliability and Security, 2008.

Digital Library

[8]

R. Cramer, I. Damgård and U. Maurer.Efficient General Secure Multi-Party Computation from any Linear Secret-Sharing Scheme. Proceedings of EUROCRYPT,2000.

Digital Library

[9]

I. Damgård, M. Geisler, M. Krøigaard, and J. B. Nielsen.Asynchronous Multiparty Computation: Theory and Implementation. Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography,2009.

Digital Library

[10]

D. Denning. A Lattice Model of Secure Information Flow. Communications of the ACM 19(5),1976.

Digital Library

[11]

D. Denning, and P. Denning.Certification of Programs for Secure Information Flow. Communications of the ACM 20(7),1977.

Digital Library

[12]

C. Fournet, J. Planul, and T. Rezk.Information-Flow Types for Homomorphic Encryptions. Proceedings of the 18th ACM Conference on Computer and Communications Security,2011.

Digital Library

[13]

C. Gentry.Fully Homomorphic Encryption using Ideal Lattices. Proceedings of the 41st ACM Symposium on Theory of Computing,2009.

Digital Library

[14]

B. Goethals, S. Laur, H. Lipmaa, and T. Mielikainen.On Private Scalar Product Computation for Privacy-Preserving Data Mining. Proceedings of the 7th International Conference on Information Security and Cryptology,2004.

Digital Library

[15]

O. Goldreich.Secure Multi-party Computation.Available at www.wisdom.weizmann.ac.il/oded/pp.html,2002.

[16]

S. Goldwasser.Multi-Party Computations: Past and Present. Proceedings of the 16th ACM Symposium on Principles of Distributed Computing,1997.

Digital Library

[17]

S. Goldwasser, and S. Micali.Probabilistic Encryption. Journal of Computer and Systems Science 28(2),1984.

[18]

W. Henecka, S. Kögl, A.-R. Sadeghi, T. Schneider, and I. Wehrenberg.TASTY: Tool for Automating Secure Two-Party Computations. Proceedings of the 17th ACM Conference on Computer and Communications Security,2010.

Digital Library

[19]

Y. Huang, D. Evans, J. Katz, and L. Malka. Faster Secure Two-Party Computation Using Garbled Circuits. Proceedings of the USENIX Security Symposium,2011.

Digital Library

[20]

Y. Ishai, J. Kilian, K. Nissim, and E. Petrank. ExtendingOblivious Transfers Efficiently. Proceedings of CRYPTO,2003.

[21]

M. Jensen, and F. Kerschbaum.Towards Privacy-Preserving XML Transformation. Proceedings of the 9th IEEE International Conference on Web Services,2011.

Digital Library

[22]

F. Kerschbaum.Automatically Optimizing Secure Computation. Proceedings of the 18th ACM Conference on Computer and Communications Security,2011.

Digital Library

[23]

F. Kerschbaum, A. Schröpfer, A. Zilli, R. Pibernik, O. Catrina, S. de Hoogh, B. Schoenmakers, S. Cimato, and E. Damiani.Secure Collaborative Supply Chain Management. IEEE Computer 44 (9),2011.

Digital Library

[24]

F. Kerschbaum, and A. Sorniotti. RFID-based Supply Chain Partner Authentication and Key Agreement. In Proceedings of the 2nd ACM Conference on Wireless Network Security (WISEC), 2009.

Digital Library

[25]

V. Kolesnikov, A.-R. Sadeghi, and T. Schneider.Modular Design of Efficient Secure Function Evaluation Protocols. Cryptology ePrint Archive Report 2010/079, 2010.

[26]

B. Lampson.A Note on the Confinement Problem. Communications of the ACM 16(10),1973.

Digital Library

[27]

Y. Lindell, and B. Pinkas.A Proof of Yao's Protocol for Secure Two-Party Computation. Journal of Cryptology 22(2),2009.

Digital Library

[28]

D. Malkhi, N. Nisan, B. Pinkas, and Y. Sella.Fairplay - A Secure Two-party Computation System. Proceedings of the USENIX Security Symposium, 2004.

Digital Library

[29]

A. Myers.JFlow: Practical Mostly-Static Information Flow Control. Proceedings of the 26th ACM Symposium on Principles of Programming Languages,1999.

Digital Library

[30]

M. Naor, and B. Pinkas.Efficient Oblivious Transfer Protocols. Proceedings of the Symposium on Data Structures and Algorithms, 2001.

Digital Library

[31]

D. Naccache, and J. Stern.A New Public-Key Cryptosystem Based on Higher Residues. Proceedings of the ACM Conference on Computer and Communications Security, 1998.

Digital Library

[32]

J. D. Nielsen and M. I. Schwartzbach.A Domain-Specific Programming Language for Secure Multiparty Computation. Proceedings of the ACM Workshop on Programming Languages and Analysis for Security,2007.

Digital Library

[33]

P. Paillier.Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. Proceedings of EUROCRYPT,1999.

Digital Library

[34]

A. Sabelfeld, and A. Myers.Language-Based Information-Flow Security. IEEE Journal on Selected Areas in Communications 21(1),2003.

Digital Library

[35]

A. Schröpfer, F. Kerschbaum, and G. Müller.L1 - An Intermediate Language for Mixed-Protocol Secure Computation. Proceedings of the IEEE Computer Software and Applications Conference,2011.

Digital Library

[36]

D. Volpano, G. Smith, and C. Irvine.A Sound Type System for Secure Flow Analysis. Journal of Computer Security 4(3),1996.

Digital Library

[37]

A. Yao.Protocols for Secure Computations. Proceedings of the IEEE Symposium on Foundations of Computer Science,1982.

Digital Library

Cited By

Gamiz IRegueiro CLage OJacob EAstorga J(2024)Challenges and future research directions in secure multi-party computation for resource-constrained devices and large-scale computationsInternational Journal of Information Security10.1007/s10207-024-00939-424:1Online publication date: 21-Nov-2024
https://doi.org/10.1007/s10207-024-00939-4
Bater JElliott GEggen CGoel SKho ARogers J(2017)SMCQLProceedings of the VLDB Endowment10.14778/3055330.305533410:6(673-684)Online publication date: 1-Feb-2017
https://dl.acm.org/doi/10.14778/3055330.3055334
Pettai MLaud P(2015)Automatic Proofs of Privacy of Secure Multi-party Computation Protocols against Active AdversariesProceedings of the 2015 IEEE 28th Computer Security Foundations Symposium10.1109/CSF.2015.13(75-89)Online publication date: 13-Jul-2015
https://dl.acm.org/doi/10.1109/CSF.2015.13
Show More Cited By

Index Terms

An information-flow type-system for mixed protocol secure computation
1. Security and privacy
  1. Cryptography
  2. Systems security
    1. Operating systems security
2. Software and its engineering
  1. Software notations and tools
    1. Compilers

Recommendations

An Efficient Protocol for Secure Two-Party Computation in the Presence of Malicious Adversaries

We show an efficient secure two-party protocol, based on Yao's construction, which provides security against malicious adversaries. Yao's original protocol is only secure in the presence of semi-honest adversaries, and can be transformed into a protocol ...
A Proof of Security of Yao’s Protocol for Two-Party Computation

In the mid 1980s, Yao presented a constant-round protocol for securely computing any two-party functionality in the presence of semi-honest adversaries (FOCS 1986). In this paper, we provide a complete description of Yao’s protocol, along with a ...
On the Power of Secure Two-Party Computation
Proceedings, Part II, of the 36th Annual International Cryptology Conference on Advances in Cryptology --- CRYPTO 2016 - Volume 9815

Ishai, Kushilevitz, Ostrovsky and Sahai STOC 2007, SIAM JoC 2009 introduced the powerful "MPC-in-the-head" technique that provided a general transformation of information-theoretic MPC protocols secure against passive adversaries to a ZK proof in a "...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ASIA CCS '13: Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security

May 2013

574 pages

ISBN:9781450317672

DOI:10.1145/2484313

General Chairs:
Kefei Chen
Shanghai Jiao Tong University, China
,
Qi Xie
Hangzhou Normal University, China
,
Weidong Qiu
Shanghai Jiao Tong University, China
,
Program Chairs:
Ninghui Li
Purdue University, USA
,
Wen-Guey Tzeng
National Chiao Tung University, Taiwan

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 08 May 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

ASIA CCS '13

Sponsor:

SIGSAC

ASIA CCS '13: 8th ACM Symposium on Information, Computer and Communications Security

May 8 - 10, 2013

Hangzhou, China

Acceptance Rates

ASIA CCS '13 Paper Acceptance Rate 35 of 216 submissions, 16%;

Overall Acceptance Rate 418 of 2,322 submissions, 18%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
138
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)1

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Gamiz IRegueiro CLage OJacob EAstorga J(2024)Challenges and future research directions in secure multi-party computation for resource-constrained devices and large-scale computationsInternational Journal of Information Security10.1007/s10207-024-00939-424:1Online publication date: 21-Nov-2024
https://doi.org/10.1007/s10207-024-00939-4
Bater JElliott GEggen CGoel SKho ARogers J(2017)SMCQLProceedings of the VLDB Endowment10.14778/3055330.305533410:6(673-684)Online publication date: 1-Feb-2017
https://dl.acm.org/doi/10.14778/3055330.3055334
Pettai MLaud P(2015)Automatic Proofs of Privacy of Secure Multi-party Computation Protocols against Active AdversariesProceedings of the 2015 IEEE 28th Computer Security Foundations Symposium10.1109/CSF.2015.13(75-89)Online publication date: 13-Jul-2015
https://dl.acm.org/doi/10.1109/CSF.2015.13
Urmoneit RKerschbaum FFranz MHolzer AMajumdar RParno BVeith H(2013)Efficient secure computation optimizationProceedings of the First ACM workshop on Language support for privacy-enhancing technologies10.1145/2517872.2517873(11-18)Online publication date: 4-Nov-2013
https://dl.acm.org/doi/10.1145/2517872.2517873

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten