A Domain-Specific Language for Low-Level Secure Multiparty Computation Protocols

Sharemind is an efficient framework for secure multiparty computations (SMC). Its efficiency is in part achieved through a large set of primitive, optimized SMC protocols that it makes available to applications built on its top. The size of this set has brought with it an issue not present in frameworks with a small number of supported operations: the set of protocols must be maintained, as new protocols are still added to it and possible optimizations for a particular sub-protocol should be propagated into larger protocols working with data of different types. To ease the maintenance of existing and implementation of new protocols, we have devised a domain-specific language (DSL) and its optimizing compiler for specifying protocols for secure computation. In this paper, we give the rationale of the design, describe the translation steps, the location of the compiler in the whole Sharemind protocol stack, and the results obtained with this system.

[1]  Lior Malka,et al.  VMCrypt: modular software architecture for scalable secure computation , 2011, CCS '11.

[2]  Michael Hicks,et al.  Wysteria: A Programming Language for Generic, Mixed-Mode Multiparty Computations , 2014, 2014 IEEE Symposium on Security and Privacy.

[3]  Peeter Laud,et al.  Automatic Proofs of Privacy of Secure Multi-party Computation Protocols against Active Adversaries , 2015, 2015 IEEE 28th Computer Security Foundations Symposium.

[4]  Ivan Damgård,et al.  Universally Composable Efficient Multiparty Computation from Threshold Homomorphic Encryption , 2003, CRYPTO.

[5]  Ivan Damgård,et al.  Asynchronous Multiparty Computation: Theory and Implementation , 2008, IACR Cryptol. ePrint Arch..

[6]  Miran Lipovaca,et al.  Learn You a Haskell for Great Good!: A Beginner's Guide , 2011 .

[7]  Rupak Majumdar,et al.  MrCrypt: static analysis for secure cloud computations , 2013, OOPSLA.

[8]  Cédric Fournet,et al.  A security-preserving compiler for distributed programs: from information-flow policies to cryptographic mechanisms , 2009, CCS.

[9]  Vikram S. Adve,et al.  LLVM: a compilation framework for lifelong program analysis & transformation , 2004, International Symposium on Code Generation and Optimization, 2004. CGO 2004..

[10]  Dan Bogdanov,et al.  How the Estonian Tax and Customs Board Evaluated a Tax Fraud Detection System Based on Secure Multi-party Computation , 2015, Financial Cryptography.

[11]  Jan Willemson,et al.  Secure floating point arithmetic and private satellite collision analysis , 2015, International Journal of Information Security.

[12]  Marcel Keller,et al.  An architecture for practical actively secure MPC with dishonest majority , 2013, IACR Cryptol. ePrint Arch..

[13]  Deian Stefan,et al.  Information-Flow Control for Programming on Encrypted Data , 2012, 2012 IEEE 25th Computer Security Foundations Symposium.

[14]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[15]  Octavian Catrina,et al.  Secure Collaborative Supply-Chain Management , 2011, Computer.

[16]  Michael I. Schwartzbach,et al.  A domain-specific programming language for secure multiparty computation , 2007, PLAS '07.

[17]  Robin Milner,et al.  Principal type-schemes for functional programs , 1982, POPL '82.

[18]  Paolo D'Arco,et al.  Secure Two-Party Computation: A Visual Way , 2013, ICITS.

[19]  Dan Bogdanov,et al.  Domain-Polymorphic Programming of Privacy-Preserving Applications , 2014, PLAS@ECOOP.

[20]  Dan Bogdanov,et al.  From Input Private to Universally Composable Secure Multi-party Computation Primitives , 2014, 2014 IEEE 27th Computer Security Foundations Symposium.

[21]  Florian Kerschbaum,et al.  L1 - An Intermediate Language for Mixed-Protocol Secure Computation , 2011, 2011 IEEE 35th Annual Computer Software and Applications Conference.

[22]  Ivan Damgård,et al.  Secure Multiparty Computation Goes Live , 2009, Financial Cryptography.

[23]  John Launchbury,et al.  Efficient lookup-table protocol in secure multiparty computation , 2012, ICFP.

[24]  Jan Willemson,et al.  Hybrid Model of Fixed and Floating Point Numbers in Secure Multiparty Computations , 2014, ISC.

[25]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[26]  Elaine Shi,et al.  Automating Efficient RAM-Model Secure Computation , 2014, 2014 IEEE Symposium on Security and Privacy.

[27]  Dan Bogdanov,et al.  A new way to protect privacy in large-scale genome-wide association studies , 2013, Bioinform..

[28]  Jeff Lewis Cryptol: specification, implementation and verification of high-grade cryptographic applications , 2007, FMSE '07.

[29]  Dan Bogdanov,et al.  Sharemind: A Framework for Fast Privacy-Preserving Computations , 2008, ESORICS.

[30]  Yihua Zhang,et al.  PICCO: a general-purpose compiler for private distributed computation , 2013, CCS.

[31]  Simon L. Peyton Jones,et al.  OutsideIn(X) Modular type inference with local assumptions , 2011, J. Funct. Program..

[32]  Xenofontas A. Dimitropoulos,et al.  SEPIA: Privacy-Preserving Aggregation of Multi-Domain Network Events and Statistics , 2010, USENIX Security Symposium.

[33]  Benny Pinkas,et al.  FairplayMP: a system for secure multi-party computation , 2008, CCS.

[34]  Aniket Kate,et al.  Differentially private data aggregation with optimal utility , 2014, ACSAC '14.

[35]  Abhi Shelat,et al.  PCF: A Portable Circuit Format for Scalable Two-Party Secure Computation , 2013, USENIX Security Symposium.

[36]  Andrew Chi-Chih Yao,et al.  How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[37]  Dan Bogdanov,et al.  High-performance secure multi-party computation for data mining applications , 2012, International Journal of Information Security.

[38]  Helmut Veith,et al.  Secure two-party computations in ANSI C , 2012, CCS.

[39]  Octavian Catrina,et al.  Secure Computation with Fixed-Point Numbers , 2010, Financial Cryptography.

[40]  Carl Hewitt,et al.  The incremental garbage collection of processes , 1977, Artificial Intelligence and Programming Languages.

[41]  Ahmad-Reza Sadeghi,et al.  TASTY: tool for automating secure two-party computations , 2010, CCS '10.

[42]  Abhi Shelat,et al.  Billion-Gate Secure Computation with Malicious Adversaries , 2012, USENIX Security Symposium.