Information-Flow Control for Programming on Encrypted Data

Using homomorphic encryption and secure multiparty computation, cloud servers may perform regularly structured computation on encrypted data, without access to decryption keys. However, prior approaches for programming on encrypted data involve restrictive models such as boolean circuits, or standard languages that do not guarantee secure execution of all expressible programs. We present an expressive core language for secure cloud computing, with primitive types, conditionals, standard functional features, mutable state, and a secrecy preserving form of general recursion. This language, which uses an augmented information-flow type system to prevent control-flow leakage, allows programs to be developed and tested using conventional means, then exported to a variety of secure cloud execution platforms, dramatically reducing the amount of specialized knowledge needed to write secure code. We present a Haskell-based implementation and prove that cloud implementations based on secret sharing, homomorphic encryption, or other alternatives satisfying our general definition meet precise security requirements.

[1]  Ivan Damgård,et al.  Multiparty Computation Goes Live , 2008, IACR Cryptol. ePrint Arch..

[2]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[3]  Anat Paskin-Cherniavsky,et al.  Secure Multiparty Computation with Minimal Interaction , 2010, CRYPTO.

[4]  Andrew C. Myers,et al.  JFlow: practical mostly-static information flow control , 1999, POPL '99.

[5]  Cédric Fournet,et al.  Information-flow types for homomorphic encryptions , 2011, CCS '11.

[6]  Silvio Micali,et al.  The Round Complexity of Secure Protocols (Extended Abstract) , 1990, STOC 1990.

[7]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[8]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[9]  David Mazières,et al.  RE: Reliable Email , 2006, NSDI.

[10]  Koen Claessen,et al.  A library for light-weight information-flow security in haskell , 2008, Haskell '08.

[11]  Benny Pinkas,et al.  FairplayMP: a system for secure multi-party computation , 2008, CCS.

[12]  Jeffrey A. Vaughan AuraConf: a unified approach to authorization and confidentiality , 2011, TLDI '11.

[13]  Craig Gentry,et al.  Computing arbitrary functions of encrypted data , 2010, CACM.

[14]  Yehuda Lindell,et al.  A Proof of Security of Yao’s Protocol for Two-Party Computation , 2009, Journal of Cryptology.

[15]  Simon L. Peyton Jones,et al.  Type classes in Haskell , 1994, TOPL.

[16]  Ivan Damgård,et al.  Asynchronous Multiparty Computation: Theory and Implementation , 2008, IACR Cryptol. ePrint Arch..

[17]  François Pottier A simple view of type-secure information flow in the /spl pi/-calculus , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[18]  Craig Gentry,et al.  A Simple BGN-Type Cryptosystem from LWE , 2010, EUROCRYPT.

[19]  Yuval Ishai,et al.  From Secrecy to Soundness: Efficient Verification via Secure Computation , 2010, ICALP.

[20]  Craig Gentry,et al.  Implementing Gentry's Fully-Homomorphic Encryption Scheme , 2011, EUROCRYPT.

[21]  Andrew C. Myers,et al.  Language-based information-flow security , 2003, IEEE J. Sel. Areas Commun..

[22]  Deian Stefan,et al.  A Domain-Specific Language for Computing on Encrypted Data (Invited Talk) , 2011, FSTTCS.

[23]  Yuval Ishai,et al.  Perfectly Secure Multiparty Computation and the Computational Overhead of Cryptography , 2010, IACR Cryptol. ePrint Arch..

[24]  Alejandro Russo,et al.  A Library for Secure Multi-threaded Information Flow in Haskell , 2007, 20th IEEE Computer Security Foundations Symposium (CSF'07).

[25]  Anat Paskin-Cherniavsky,et al.  Evaluating Branching Programs on Encrypted Data , 2007, TCC.

[26]  Ivan Damgård,et al.  Secure Computing, Economy, and Trust: A Generic Solution for Secure Auctions with Real-World Applications , 2005 .

[27]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[28]  Simon L. Peyton Jones,et al.  Template meta-programming for Haskell , 2002, Haskell '02.

[29]  Frederik Vercauteren,et al.  Fully Homomorphic Encryption with Relatively Small Key and Ciphertext Sizes , 2010, Public Key Cryptography.

[30]  Peng Li,et al.  Encoding information flow in Haskell , 2006, 19th IEEE Computer Security Foundations Workshop (CSFW'06).

[31]  Arie van Deursen,et al.  Domain-specific languages: an annotated bibliography , 2000, SIGP.

[32]  Yuval Ishai,et al.  Randomizing polynomials: A new representation with applications to round-efficient secure computation , 2000, Proceedings 41st Annual Symposium on Foundations of Computer Science.

[33]  T. Sheard Template Metaprogramming for Haskell , 2014 .

[34]  David K. Gifford,et al.  Polymorphic effect systems , 1988, POPL '88.

[35]  Hari Balakrishnan,et al.  CryptDB: protecting confidentiality with encrypted query processing , 2011, SOSP.

[36]  Dan Bogdanov,et al.  Sharemind: A Framework for Fast Privacy-Preserving Computations , 2008, ESORICS.

[37]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[38]  Craig Gentry,et al.  Fully Homomorphic Encryption over the Integers , 2010, EUROCRYPT.

[39]  Daniel Marino,et al.  A generic type-and-effect system , 2009, TLDI '09.

[40]  François Pottier,et al.  Information flow inference for ML , 2003, TOPL.

[41]  Tal Rabin,et al.  Simplified VSS and fast-track multiparty computations with applications to threshold cryptography , 1998, PODC '98.

[42]  Ueli Maurer,et al.  General Secure Multi-party Computation from any Linear Secret-Sharing Scheme , 2000, EUROCRYPT.

[43]  Moni Naor,et al.  Communication preserving protocols for secure function evaluation , 2001, STOC '01.

[44]  Steve Zdancewic,et al.  A Cryptographic Decentralized Label Model , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[45]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[46]  Michael I. Schwartzbach,et al.  A domain-specific programming language for secure multiparty computation , 2007, PLAS '07.

[47]  Robin Milner,et al.  Principal type-schemes for functional programs , 1982, POPL '82.

[48]  Yehuda Lindell,et al.  A Proof of Yao's Protocol for Secure Two-Party Computation , 2004, Electron. Colloquium Comput. Complex..

[49]  Paul Hudak,et al.  Monad transformers and modular interpreters , 1995, POPL '95.

[50]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[51]  Benny Pinkas,et al.  Fairplay - Secure Two-Party Computation System , 2004, USENIX Security Symposium.

[52]  Peng Li,et al.  Arrows for secure information flow , 2010, Theor. Comput. Sci..