Information-flow types for homomorphic encryptions

We develop a flexible information-flow type system for a range of encryption primitives, precisely reflecting their diverse functional and security features. Our rules enable encryption, blinding, homomorphic computation, and decryption, with selective key re-use for different types of payloads. We show that, under standard cryptographic assumptions, any well-typed probabilistic program using encryptions is secure that is, computationally non-interferent) against active adversaries, both for confidentiality and integrity. We illustrate our approach using %on classic schemes such as ElGamal and Paillier encryption. We present two applications of cryptographic verification by typing: (1) private search on data streams; and (2) the bootstrapping part of Gentry's fully homomorphic encryption. We provide a prototype typechecker for our system.

[1]  Pascal Lafourcade Vérification de protocoles cryptographiques en présence de théories équationnelles. (Verification of cryptographic protocols in presence of equationnal theories) , 2006 .

[2]  Josh Benaloh,et al.  Secret Sharing Homomorphisms: Keeping Shares of A Secret Sharing , 1986, CRYPTO.

[3]  Frederik Vercauteren,et al.  Fully Homomorphic Encryption with Relatively Small Key and Ciphertext Sizes , 2010, Public Key Cryptography.

[4]  Taher ElGamal,et al.  A public key cyryptosystem and signature scheme based on discrete logarithms , 1985 .

[5]  Andrew C. Myers,et al.  Enforcing Robust Declassification and Qualified Robustness , 2006, J. Comput. Secur..

[6]  Jonathan Katz,et al.  Secure text processing with applications to private DNA matching , 2010, CCS '10.

[7]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[8]  Peeter Laud Semantics and Program Analysis of Computationally Secure Information Flow , 2001, ESOP.

[9]  Andrei Sabelfeld,et al.  Cryptographically-masked flows , 2008, Theor. Comput. Sci..

[10]  Cédric Fournet,et al.  A security-preserving compiler for distributed programs: from information-flow policies to cryptographic mechanisms , 2009, CCS.

[11]  Peeter Laud,et al.  On the computational soundness of cryptographically masked flows , 2008, POPL '08.

[12]  Cédric Fournet,et al.  Cryptographically sound implementations for typed information-flow security , 2008, POPL '08.

[13]  Silvio Micali,et al.  Probabilistic encryption & how to play mental poker keeping secret all partial information , 1982, STOC '82.

[14]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[15]  Geoffrey Smith,et al.  Secure information flow with random assignment and encryption , 2006, FMSE '06.

[16]  Matt Blaze,et al.  Divertible Protocols and Atomic Proxy Cryptography , 1998, EUROCRYPT.

[17]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[18]  Rafail Ostrovsky,et al.  Private Searching on Streaming Data , 2005, Journal of Cryptology.

[19]  J. Meseguer,et al.  Security Policies and Security Models , 1982, 1982 IEEE Symposium on Security and Privacy.

[20]  Varmo Vene,et al.  A Type System for Computationally Secure Information Flow , 2005, FCT.

[21]  George Danezis,et al.  Space-Efficient Private Search with Applications to Rateless Codes , 2007, Financial Cryptography.

[22]  Pascal Lafourcade,et al.  Symbolic Protocol Analysis in Presence of a Homomorphism Operator and Exclusive Or , 2006, ICALP.

[23]  Véronique Cortier,et al.  A survey of algebraic properties used in cryptographic protocols , 2006, J. Comput. Secur..

[24]  Ahmad-Reza Sadeghi,et al.  TASTY: tool for automating secure two-party computations , 2010, CCS '10.