ObliVM: A Programming Framework for Secure Computation

We design and develop ObliVM, a programming framework for secure computation. ObliVM offers a domain specific language designed for compilation of programs into efficient oblivious representations suitable for secure computation. ObliVM offers a powerful, expressive programming language and user-friendly oblivious programming abstractions. We develop various showcase applications such as data mining, streaming algorithms, graph algorithms, genomic data analysis, and data structures, and demonstrate the scalability of ObliVM to bigger data sizes. We also show how ObliVM significantly reduces development effort while retaining competitive performance for a wide range of applications in comparison with hand-crafted solutions. We are in the process of open-sourcing ObliVM and our rich libraries to the community (www.oblivm.com), offering a reusable framework to implement and distribute new cryptographic algorithms.

[1]  N. S. Barnett,et al.  Private communication , 1969 .

[2]  Shmuel Winograd,et al.  Complexity Of Computations , 1978, ACM Annual Conference.

[3]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[4]  A. Yao How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[5]  Oded Goldreich,et al.  Towards a theory of software protection and simulation by oblivious RAMs , 1987, STOC.

[6]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[7]  Allan L. Fisher,et al.  Flattening and parallelizing irregular, recurrent loop nests , 1995, PPOPP '95.

[8]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[9]  Moni Naor,et al.  Privacy preserving auctions and mechanism design , 1999, EC '99.

[10]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[11]  Johan Agat,et al.  Transforming out timing leaks , 2000, POPL '00.

[12]  Trevor Hastie,et al.  The Elements of Statistical Learning , 2001 .

[13]  Moni Naor,et al.  Efficient oblivious transfer protocols , 2001, SODA '01.

[14]  Yuval Ishai,et al.  Extending Oblivious Transfers Efficiently , 2003, CRYPTO.

[15]  Benny Pinkas,et al.  Fairplay - Secure Two-Party Computation System , 2004, USENIX Security Symposium.

[16]  Vitaly Shmatikov,et al.  Privacy-Preserving Graph Algorithms in the Semi-honest Model , 2005, ASIACRYPT.

[17]  Alejandro Russo,et al.  Closing Internal Timing Channels by Transformation , 2006, ASIAN.

[18]  Vladimir Kolesnikov,et al.  Improved Garbled Circuit: Free XOR Gates and Applications , 2008, ICALP.

[19]  Dan Bogdanov,et al.  Sharemind: A Framework for Fast Privacy-Preserving Computations , 2008, ESORICS.

[20]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[21]  Aart J. C. Bik,et al.  Pregel: a system for large-scale graph processing , 2010, SIGMOD Conference.

[22]  Ahmad-Reza Sadeghi,et al.  TASTY: tool for automating secure two-party computations , 2010, CCS '10.

[23]  Ashutosh Kumar Singh,et al.  The Elements of Statistical Learning: Data Mining, Inference, and Prediction , 2010 .

[24]  Jonathan Katz,et al.  Faster Secure Two-Party Computation Using Garbled Circuits , 2011, USENIX Security Symposium.

[25]  Jonathan Katz,et al.  On the Security of the Free-XOR Technique , 2012, IACR Cryptol. ePrint Arch..

[26]  Michael T. Goodrich,et al.  Privacy-Preserving Access of Outsourced Data via Oblivious RAM Simulation , 2010, ICALP.

[27]  Elaine Shi,et al.  Oblivious RAM with O((logN)3) Worst-Case Cost , 2011, ASIACRYPT.

[28]  Abhi Shelat,et al.  Billion-Gate Secure Computation with Malicious Adversaries , 2012, USENIX Security Symposium.

[29]  Rafail Ostrovsky,et al.  On the (in)security of hash-based oblivious RAM and a new balancing scheme , 2012, SODA.

[30]  Helmut Veith,et al.  Secure two-party computations in ANSI C , 2012, CCS.

[31]  Yehuda Lindell,et al.  More efficient oblivious transfer and extensions for faster secure computation , 2013, CCS.

[32]  Stratis Ioannidis,et al.  Privacy-Preserving Ridge Regression on Hundreds of Millions of Records , 2013, 2013 IEEE Symposium on Security and Privacy.

[33]  Mihir Bellare,et al.  Efficient Garbling from a Fixed-Key Blockcipher , 2013, 2013 IEEE Symposium on Security and Privacy.

[34]  Pavel Pudlák,et al.  The Complexity of Computations , 2013 .

[35]  Elaine Shi,et al.  Memory Trace Oblivious Program Execution , 2013, 2013 IEEE 26th Computer Security Foundations Symposium.

[36]  Yihua Zhang,et al.  PICCO: a general-purpose compiler for private distributed computation , 2013, CCS.

[37]  Stratis Ioannidis,et al.  Privacy-preserving matrix factorization , 2013, CCS.

[38]  Marina Blanton,et al.  Data-oblivious graph algorithms for secure computation and outsourcing , 2013, ASIA CCS '13.

[39]  Abhi Shelat,et al.  PCF: A Portable Circuit Format for Scalable Two-Party Secure Computation , 2013, USENIX Security Symposium.

[40]  Michael Hicks,et al.  Wysteria: A Programming Language for Generic, Mixed-Mode Multiparty Computations , 2014, 2014 IEEE Symposium on Security and Privacy.

[41]  Marcel Keller,et al.  Efficient, Oblivious Data Structures for MPC , 2014, IACR Cryptol. ePrint Arch..

[42]  Elaine Shi,et al.  Automating Efficient RAM-Model Secure Computation , 2014, 2014 IEEE Symposium on Security and Privacy.

[43]  Elaine Shi,et al.  A secure computation framework for SDNs , 2014, HotSDN.

[44]  John C. Mitchell,et al.  Data-Oblivious Data Structures , 2014, STACS.

[45]  Elaine Shi,et al.  Circuit ORAM: On Tightness of the Goldreich-Ostrovsky Lower Bound , 2015, IACR Cryptol. ePrint Arch..

[46]  Michael T. Goodrich,et al.  Data-Oblivious Graph Algorithms in Outsourced External Memory , 2014, COCOA.

[47]  Abhi Shelat,et al.  SCORAM: Oblivious RAM for Secure Computation , 2014, IACR Cryptol. ePrint Arch..

[48]  Kartik Nayak,et al.  Oblivious Data Structures , 2014, IACR Cryptol. ePrint Arch..

[49]  Elaine Shi,et al.  Oblivious Network RAM and Leveraging Parallelism to Achieve Obliviousness , 2015, ASIACRYPT.

[50]  Elaine Shi,et al.  Oblivious Network RAM , 2015, IACR Cryptol. ePrint Arch..

[51]  Kartik Nayak,et al.  iDASH Secure Genome Analysis Competition Using ObliVM , 2015, IACR Cryptol. ePrint Arch..

[52]  Benny Applebaum,et al.  Garbling XOR Gates “For Free” in the Standard Model , 2016, Journal of Cryptology.

[53]  Ahmad-Reza Sadeghi,et al.  TinyGarble: Highly Compressed and Scalable Sequential Garbled Circuits , 2015, 2015 IEEE Symposium on Security and Privacy.

[54]  David Evans,et al.  Two Halves Make a Whole - Reducing Data Transfer in Garbled Circuits Using Half Gates , 2015, EUROCRYPT.

[55]  Zuocheng Ren,et al.  Efficient RAM and control flow in verifiable outsourced computation , 2015, NDSS.

[56]  Stratis Ioannidis,et al.  GraphSC: Parallel Secure Computation Made Easy , 2015, 2015 IEEE Symposium on Security and Privacy.

[57]  Jonathan Katz,et al.  Secure Computation of MIPS Machine Code , 2016, ESORICS.

[58]  Xiao Wang,et al.  Privacy-preserving microbiome analysis using secure computation , 2015, bioRxiv.