ABSTRACT
Sharemind is an efficient framework for secure multiparty computations (SMC). Its efficiency is in part achieved through a large set of primitive, optimized SMC protocols that it makes available to applications built on its top. The size of this set has brought with it an issue not present in frameworks with a small number of supported operations: the set of protocols must be maintained, as new protocols are still added to it and possible optimizations for a particular sub-protocol should be propagated into larger protocols working with data of different types.
To ease the maintenance of existing and implementation of new protocols, we have devised a domain-specific language (DSL) and its optimizing compiler for specifying protocols for secure computation. In this paper, we give the rationale of the design, describe the translation steps, the location of the compiler in the whole Sharemind protocol stack, and the results obtained with this system.
- Henry C. Baker, Jr. and Carl Hewitt. The Incremental Garbage Collection of Processes. In Proceedings of the 1977 Symposium on Artificial Intelligence and Programming Languages, pages 55--59. ACM, 1977. Google ScholarDigital Library
- Assaf Ben-David, Noam Nisan, and Benny Pinkas. FairplayMP: a system for secure multi-party computation. In CCS '08: Proceedings of the 15th ACM conference on Computer and communications security, pages 257--266, New York, NY, USA, 2008. ACM. Google ScholarDigital Library
- Dan Bogdanov, Marko J\ oemets, Sander Siim, and Meril Vaht. A Short Paper on How the National Tax Office Evaluated a Tax Fraud Detection System Based on Secure Multi-party Computation. In Proceedings of 19th International Conference on Financial Cryptography and Data Security, 2015.Google ScholarCross Ref
- Dan Bogdanov, Liina Kamm, Sven Laur, and Ville Sokk. Rmind: a tool for cryptographically secure statistical analysis. Cryptology ePrint Archive, Report 2014/512, 2014.Google Scholar
- Dan Bogdanov, Peeter Laud, Sven Laur, and Pille Pullonen. From input private to universally composable secure multi-party computation primitives. In IEEE 27th Computer Security Foundations Symposium, CSF 2014, pages 184--198. IEEE, July 2014. Google ScholarDigital Library
- Dan Bogdanov, Peeter Laud, and Jaak Randmets. Domain-polymorphic programming of privacy-preserving applications. In Alejandro Russo and Omer Tripp, editors, Proceedings of the Ninth Workshop on Programming Languages and Analysis for Security, PLAS@ECOOP 2014, Uppsala, Sweden, July 29, 2014, page 53. ACM, 2014. Google ScholarDigital Library
- Dan Bogdanov, Sven Laur, and Jan Willemson. Sharemind: A framework for fast privacy-preserving computations. In Sushil Jajodia and Javier López, editors, ESORICS, volume 5283 of Lecture Notes in Computer Science, pages 192--206. Springer, 2008. Google ScholarDigital Library
- Dan Bogdanov, Margus Niitsoo, Tomas Toft, and Jan Willemson. High-performance secure multi-party computation for data mining applications. Int. J. Inf. Sec., 11(6):403--418, 2012. Google ScholarDigital Library
- Peter Bogetoft, Dan Lund Christensen, Ivan Damgård, Martin Geisler, Thomas P. Jakobsen, Mikkel Krøigaard, Janus Dam Nielsen, Jesper Buus Nielsen, Kurt Nielsen, Jakob Pagter, Michael I. Schwartzbach, and Tomas Toft. Secure multiparty computation goes live. In Roger Dingledine and Philippe Golle, editors, Financial Cryptography and Data Security, 13th International Conference, FC 2009, Accra Beach, Barbados, February 23--26, 2009. Revised Selected Papers, volume 5628 of Lecture Notes in Computer Science, pages 325--343. Springer, 2009. Google ScholarDigital Library
- Martin Burkhart, Mario Strasser, Dilip Many, and Xenofontas Dimitropoulos. SEPIA: Privacy-preserving aggregation of multi-domain network events and statistics. In USENIX Security Symposium, pages 223--239, Washington, DC, USA, 2010. Google ScholarDigital Library
- Ran Canetti. Universally composable security: A new paradigm for cryptographic protocols. In FOCS, pages 136--145, 2001. Google ScholarDigital Library
- Octavian Catrina and Amitabh Saxena. Secure computation with fixed-point numbers. In Radu Sion, editor, Financial Cryptography and Data Security, 14th International Conference, FC 2010, Tenerife, Canary Islands, January 25--28, 2010, Revised Selected Papers, volume 6052 of Lecture Notes in Computer Science, pages 35--50. Springer, 2010. Google ScholarDigital Library
- Luis Damas and Robin Milner. Principal type-schemes for functional programs. In Proceedings of the 9th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, pages 207--212. ACM, 1982. Google ScholarDigital Library
- Ivan Damgård, Martin Geisler, Mikkel Krøigaard, and Jesper Buus Nielsen. Asynchronous Multiparty Computation: Theory and Implementation. In Stanislaw Jarecki and Gene Tsudik, editors, Public Key Cryptography, volume 5443 of Lecture Notes in Computer Science, pages 160--179. Springer, 2009. Google ScholarDigital Library
- Ivan Damgård and Jesper Buus Nielsen. Universally composable efficient multiparty computation from threshold homomorphic encryption. In Dan Boneh, editor, CRYPTO, volume 2729 of Lecture Notes in Computer Science, pages 247--264. Springer, 2003.Google Scholar
- Leonardo Mendonça de Moura and Nikolaj Bjørner. Z3: an efficient SMT solver. In Tools and Algorithms for the Construction and Analysis of Systems, 14th International Conference, TACAS 2008, Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2008, Budapest, Hungary, March 29-April 6, 2008. Proceedings, pages 337--340, 2008. Google ScholarDigital Library
- Fabienne Eigner, Matteo Maffei, Ivan Pryvalov, Francesca Pampaloni, and Aniket Kate. Differentially private data aggregation with optimal utility. In Charles N. Payne Jr., Adam Hahn, Kevin R. B. Butler, and Micah Sherr, editors, Proceedings of the 30th Annual Computer Security Applications Conference, ACSAC 2014, New Orleans, LA, USA, December 8--12, 2014, pages 316--325. ACM, 2014. Google ScholarDigital Library
- Jim Falgout. Dataflow Programming: Handling Huge Data Loads Without Adding Complexity. Dr. Dobb's Journal, 36, 9 2011.Google Scholar
- Cédric Fournet, Gurvan Le Guernic, and Tamara Rezk. A security-preserving compiler for distributed programs: from information-flow policies to cryptographic mechanisms. In Ehab Al-Shaer, Somesh Jha, and Angelos D. Keromytis, editors, Proceedings of the 2009 ACM Conference on Computer and Communications Security, CCS 2009, Chicago, Illinois, USA, November 9--13, 2009, pages 432--441. ACM, 2009. Google ScholarDigital Library
- Wilko Henecka, Stefan Kögl, Ahmad-Reza Sadeghi, Thomas Schneider, and Immo Wehrenberg. TASTY: tool for automating secure two-party computations. In Ehab Al-Shaer, Angelos D. Keromytis, and Vitaly Shmatikov, editors, Proceedings of the 17th ACM Conference on Computer and Communications Security. CCS'10, pages 451--462. ACM, 2010. Google ScholarDigital Library
- Andreas Holzer, Martin Franz, Stefan Katzenbeisser, and Helmut Veith. Secure two-party computations in ANSI C. In Ting Yu, George Danezis, and Virgil D. Gligor, editors, the ACM Conference on Computer and Communications Security, CCS'12, Raleigh, NC, USA, October 16--18, 2012, pages 772--783. ACM, 2012. Google ScholarDigital Library
- Liina Kamm, Dan Bogdanov, Sven Laur, and Jaak Vilo. A new way to protect privacy in large-scale genome-wide association studies. Bioinformatics, 29(7):886--893, 2013. Google ScholarDigital Library
- Liina Kamm and Jan Willemson. Secure floating point arithmetic and private satellite collision analysis. International Journal of Information Security, pages 1--18, 2014.Google Scholar
- Marcel Keller, Peter Scholl, and Nigel P. Smart. An architecture for practical actively secure MPC with dishonest majority. In Ahmad-Reza Sadeghi, Virgil D. Gligor, and Moti Yung, editors, 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS'13, Berlin, Germany, November 4--8, 2013, pages 549--560. ACM, 2013. Google ScholarDigital Library
- Florian Kerschbaum, Axel Schröpfer, Antonio Zilli, Richard Pibernik, Octavian Catrina, Sebastiaan de Hoogh, Berry Schoenmakers, Stelvio Cimato, and Ernesto Damiani. Secure collaborative supply-chain management. IEEE Computer, 44(9):38--43, 2011. Google ScholarDigital Library
- Benjamin Kreuter, Abhi Shelat, Benjamin Mood, and Kevin R. B. Butler. PCF: A portable circuit format for scalable two-party secure computation. In Samuel T. King, editor, Proceedings of the 22th USENIX Security Symposium, Washington, DC, USA, August 14--16, 2013, pages 321--336. USENIX Association, 2013. Google ScholarDigital Library
- Benjamin Kreuter, Abhi Shelat, and Chih-Hao Shen. Billion-gate secure computation with malicious adversaries. In Proceedings of the 21st USENIX conference on Security symposium, pages 285--300. USENIX Association, 2012. Google ScholarDigital Library
- Toomas Krips and Jan Willemson. Hybrid model of fixed and floating point numbers in secure multiparty computations. In Sherman S. M. Chow, Jan Camenisch, Lucas Chi Kwong Hui, and Siu-Ming Yiu, editors, Information Security - 17th International Conference, ISC 2014, Hong Kong, China, October 12--14, 2014. Proceedings, volume 8783 of Lecture Notes in Computer Science, pages 179--197. Springer, 2014.Google ScholarCross Ref
- Chris Lattner and Vikram S. Adve. LLVM: A compilation framework for lifelong program analysis & transformation. In 2nd IEEE / ACM International Symposium on Code Generation and Optimization (CGO 2004), 20--24 March 2004, San Jose, CA, USA, pages 75--88. IEEE Computer Society, 2004. Google ScholarDigital Library
- John Launchbury, Iavor S. Diatchki, Thomas DuBuisson, and Andy Adams-Moran. Efficient lookup-table protocol in secure multiparty computation. In Peter Thiemann and Robby Bruce Findler, editors, ACM SIGPLAN International Conference on Functional Programming, ICFP'12, Copenhagen, Denmark, September 9--15, 2012, pages 189--200. ACM, 2012. Google ScholarDigital Library
- Jeff Lewis. Cryptol: specification, implementation and verification of high-grade cryptographic applications. In Peng Ning, Vijay Atluri, Virgil D. Gligor, and Heiko Mantel, editors, FMSE, page 41. ACM, 2007. Google ScholarDigital Library
- Miran Lipova\vca. Learn You a Haskell for Great Good! A Beginner's Guide. No Starch Press, 2011.Google Scholar
- Chang Liu, Yan Huang, Elaine Shi, Jonathan Katz, and Michael W. Hicks. Automating efficient ram-model secure computation. In 2014 IEEE Symposium on Security and Privacy, SP 2014, Berkeley, CA, USA, May 18--21, 2014, pages 623--638. IEEE Computer Society, 2014. Google ScholarDigital Library
- Lior Malka. Vmcrypt: modular software architecture for scalable secure computation. In Yan Chen, George Danezis, and Vitaly Shmatikov, editors, Proceedings of the 18th ACM Conference on Computer and Communications Security, CCS 2011, Chicago, Illinois, USA, October 17--21, 2011, pages 715--724. ACM, 2011. Google ScholarDigital Library
- John C. Mitchell, Rahul Sharma, Deian Stefan, and Joe Zimmerman. Information-flow control for programming on encrypted data. In Stephen Chong, editor, 25th IEEE Computer Security Foundations Symposium, CSF 2012, Cambridge, MA, USA, June 25--27, 2012, pages 45--60. IEEE, 2012. Google ScholarDigital Library
- Janus Dam Nielsen and Michael I. Schwartzbach. A domain-specific programming language for secure multiparty computation. In Michael W. Hicks, editor, Proceedings of the 2007 Workshop on Programming Languages and Analysis for Security. PLAS'07, pages 21--30. ACM, 2007. Google ScholarDigital Library
- Martin Pettai and Peeter Laud. Automatic Proofs of Privacy of Secure Multi-Party Computation Protocols Against Active Adversaries. In Cedric Fournet and Michael Hicks, editors, 2015 IEEE 28th Computer Security Foundations Symposium (CSF 2015), 2015.Google ScholarDigital Library
- Aseem Rastogi, Matthew A. Hammer, and Michael Hicks. Wysteria: A programming language for generic, mixed-mode multiparty computations. In 2014 IEEE Symposium on Security and Privacy, SP 2014, Berkeley, CA, USA, May 18--21, 2014, pages 655--670. IEEE Computer Society, 2014. Google ScholarDigital Library
- Axel Schröpfer, Florian Kerschbaum, and Guenter Mueller. L1 - An Intermediate Language for Mixed-Protocol Secure Computation. In Proceedings of the 35th Annual IEEE International Computer Software and Applications Conference. COMPSAC'11, pages 298--307. IEEE Computer Society, 2011. Google ScholarDigital Library
- Sai Deep Tetali, Mohsen Lesani, Rupak Majumdar, and Todd D. Millstein. Mrcrypt: static analysis for secure cloud computations. In Antony L. Hosking, Patrick Th. Eugster, and Cristina V. Lopes, editors, Proceedings of the 2013 ACM SIGPLAN International Conference on Object Oriented Programming Systems Languages & Applications, OOPSLA 2013, part of SPLASH 2013, Indianapolis, IN, USA, October 26--31, 2013, pages 271--286. ACM, 2013. Google ScholarDigital Library
- Dimitrios Vytiniotis, Simon Peyton Jones, Tom Schrijvers, and Martin Sulzmann. OutsideIn(X) Modular type inference with local assumptions. Journal of Functional Programming, 21(4--5):333--412, 2011. Google ScholarDigital Library
- Andrew C. Yao. How to generate and exchange secrets (extended abstract). In 27th Annual Symposium on Foundations of Computer Science, pages 162--167, Toronto, Ontario, Canada, October 27--29, 1986. IEEE Computer Society Press. Google ScholarDigital Library
- Yihua Zhang, Aaron Steele, and Marina Blanton. PICCO: a general-purpose compiler for private distributed computation. In Ahmad-Reza Sadeghi, Virgil D. Gligor, and Moti Yung, editors, 2013 ACM SIGSAC Conference on Computer and Communications Security, CCS'13, Berlin, Germany, November 4--8, 2013, pages 813--826. ACM, 2013. Google ScholarDigital Library
Index Terms
- A Domain-Specific Language for Low-Level Secure Multiparty Computation Protocols
Recommendations
An efficient fair UC-secure protocol for two-party computation
With the development of modern Internet and mobile networks, there is an increasing need for collaborative privacy-preserving applications. Secure multi-party computation SMPC gives a general solution to these applications and has become a hot topic. ...
Secure Multi-Party Computation without Agreement
It has recently been shown that authenticated Byzantine agreement, in which more than a third of the parties are corrupted, cannot be securely realized under concurrent or parallel (stateless) composition. This result puts into question any usage of ...
Bit Decomposition Protocols in Secure Multiparty Computation
WAHC '18: Proceedings of the 6th Workshop on Encrypted Computing & Applied Homomorphic CryptographyWe present improved protocols for the conversion of secret-shared bit-vectors into secret-shared integers and vice versa, for the use as subroutines in secure multiparty computation (SMC) protocols and for protocols verifying the adherence of parties to ...
Comments