smcl
play

SMCL A Domain-Specific Programming Language for Secure Multiparty - PowerPoint PPT Presentation

Mar 07, 2023 •14 likes •284 views

SMCL A Domain-Specific Programming Language for Secure Multiparty Computation Janus Dam Nielsen and Michael I. Schwartzbach June 14, 2007 Janus Dam Nielsen - PLAS 2007 1/27 Overview Secure Multiparty Computation SMCL Concepts An

  1. SMCL A Domain-Specific Programming Language for Secure Multiparty Computation Janus Dam Nielsen and Michael I. Schwartzbach June 14, 2007 Janus Dam Nielsen - PLAS 2007 1/27

  2. Overview • Secure Multiparty Computation • SMCL Concepts • An example • Security - what, why • Efficiency • Future Work • Conclusion June 14, 2007 Janus Dam Nielsen - PLAS 2007 2/27

  3. Secure Multiparty Computation • n parties P1,...,Pn wish to jointly compute the computable function: f(x1,...,xn) • Party Pi only knows the input value xi which must be kept secret from the other parties. • Even if some adversary has power to corrupt some subset of the parties June 14, 2007 Janus Dam Nielsen - PLAS 2007 3/27

  4. The Millionaire’s Example Alice Bob SMC Trent June 14, 2007 Janus Dam Nielsen - PLAS 2007 4/27

  5. SMC Solves Problems • Auctions • Distributed Voting • Matchmaking • Benchmarking June 14, 2007 Janus Dam Nielsen - PLAS 2007 5/27

  6. Overview • Secure Multiparty Computation • SMCL Concepts • An example • Security - what, why • Efficiency • Future Work • Conclusion June 14, 2007 Janus Dam Nielsen - PLAS 2007 6/27

  7. Conceptual Model Server Clients June 14, 2007 Janus Dam Nielsen - PLAS 2007 7/27

  8. Values Clients: Server: Private values Public & Secret values Booleans Booleans Integers Secret booleans Records Integers Secret integers Records Client identity Secret client identity June 14, 2007 Janus Dam Nielsen - PLAS 2007 8/27

  9. Communication Clients: Server: Tunnels: Tunnels: Accessed via client Asynchronous identity put and get functions put and get functions Primitive types only Data encrypted Secret data - shared and encrypted Functions: Synchronous Primitive types only Invoked by server June 14, 2007 Janus Dam Nielsen - PLAS 2007 9/27

  10. Client Identity Clients: Server: Groups of clients: A set of clients All of the same kind Iterated using a for loop Uniform treatment of clients Secrecy of client identity Specified externally June 14, 2007 Janus Dam Nielsen - PLAS 2007 10/27

  11. Overview • Secure Multiparty Computation • SMCL Concepts • An example • Security - what, why • Efficiency • Future Work • Conclusion June 14, 2007 Janus Dam Nielsen - PLAS 2007 11/27

  12. SMCL The Millionaire’s Example declare client Millionaires: declare server Max: tunnel of sint netWorth; group of Millionaires mills; function void main(int[] args) { function void main(int[] args) { sint max = 0; ask(); sclient rich; } foreach (client c in mills) { function void ask() { netWorth.put(readInt()); sint netWorth = c.netWorth.take(); } if (netWorth >= max) { max = netWorth; function void tell(bool b) { rich = c; if (b) { } display("You are the richest!"); } } else { foreach (client c in mills) { display("Make more money!"); c.tell(open(c==rich|rich)); } } } } June 14, 2007 Janus Dam Nielsen - PLAS 2007 11/27

  13. Overview • Secure Multiparty Computation • SMCL Concepts • An example • Security - what, why • Efficiency • Future Work • Conclusion June 14, 2007 Janus Dam Nielsen - PLAS 2007 13/27

  14. Security • Identity property • Commutative property Server Clients • Adversary may: • Observe physical state of the server • Not observe private and secret values June 14, 2007 Janus Dam Nielsen - PLAS 2007 14/27

  15. Adversary Traces • A sequence of states P P’ of an entire computation S S’ T • Secret values are masked out P P • Private state of P clients not available S 1 1 S S 2 2 • No declassification June 14, 2007 Janus Dam Nielsen - PLAS 2007 15/27

  16. Adversary Traces (cont’) June 14, 2007 Janus Dam Nielsen - PLAS 2007 16/27

  17. Identity Property • p’ = p’’ - Low equiv. • Traces must be P P’ identical S 1 S’ • Prevents attacks T 1 1 which are a function of the trace (e.g. timing) P’’ P • Requires basic operations S’ S 2 T 2 2 independent of arguments June 14, 2007 Janus Dam Nielsen - PLAS 2007 17/27

  18. Commutative Property P P’ S’ S 1 T 1 1 • Soundness of secret representation P P’ P P’ 1 1 T 2 June 14, 2007 Janus Dam Nielsen - PLAS 2007 18/27

  19. Ensuring Security • Carefully crafted semantics • Static analysis of well-typed SMCL programs June 14, 2007 Janus Dam Nielsen - PLAS 2007 19/27

  20. Semantics • Conditionals are a if (b) { source of differences x = y; in trace } • Execute both else { branches x = z; } • Termination x = b*y + (1-b)*z • Public side-effects? June 14, 2007 Janus Dam Nielsen - PLAS 2007 20/27

  21. Hoistability • Branches must agree on public side-effects • Assignment to public variables • Communication • Function calls • While loops and recursion with secret condition - not allowed June 14, 2007 Janus Dam Nielsen - PLAS 2007 21/27

  22. Semantic Security • Ideal computations are Ideal computation inefficient • Prove that a pragmatic P version reveals same S S’ information as the S’’ ideal version • Assist the open(e|x,y,z) programmer June 14, 2007 Janus Dam Nielsen - PLAS 2007 22/27

  23. Overview • Secure Multiparty Computation • SMCL Concepts • An example • Security - what, why • Efficiency • Future Work • Conclusion June 14, 2007 Janus Dam Nielsen - PLAS 2007 23/27

  24. Ideal Efficiency sint x = 17; sint a = 42; sint b = -5; sint c = 87; sint p = a*(x*x) + b*x +c sint sign = 0; int output; if (p<0) sign = -1; (parties, ideal pragmatic public if (p>0) sign = 1; threshold) output = open (sign|p); (3,1) 12 sec 30 ms < 1 ms Pragmatic int x = 17; sint a = 42; (5,2) 17 sec 65 ms < 1 ms sint b = -5; sint c = 87; sint p = open (a*(x*x) + b*x +c|a,b,c) (7,3) 30 sec 132 ms < 1 ms sint sign = 0; int output; if (p<0) sign = -1; if (p>0) sign = 1; output = sign; June 14, 2007 Janus Dam Nielsen - PLAS 2007 24/27

  25. Future Work • Formalize Adversary traces • Dynamic groups • Secret compound datatypes • More elaborate examples June 14, 2007 Janus Dam Nielsen - PLAS 2007 25/27

  26. Conclusion • A DSL for SMC • High-level abstractions • Strong security guaranties • Useful in practice June 14, 2007 Janus Dam Nielsen - PLAS 2007 26/27

  27. Questions? June 14, 2007 Janus Dam Nielsen - PLAS 2007 27/27

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Growth: To Proficiency and Beyond While growth can still be an important consideration for

Growth: To Proficiency and Beyond While growth can still be an important consideration for

Growth: To Proficiency and Beyond While growth can still be an important consideration for accountability in the era of ESSA, Curriculum Associates has developed a hybrid growth model for the i-Ready Diagnostic that has two metrics, Typical

477 views • 15 slides
Partial Crossed Product Description of the Cuntz-Li Algebras Giuliano Boava Groups, Dynamical

Partial Crossed Product Description of the Cuntz-Li Algebras Giuliano Boava Groups, Dynamical

Preliminaries Partial Group Algebra Description Partial Crossed Product Description Application in Bost-Connes Algebra Partial Crossed Product Description of the Cuntz-Li Algebras Giuliano Boava Groups, Dynamical Systems and C -Algebras

846 views • 68 slides
Orders and Non-commutative Crepant Resolutions arXiv: 1604.01748 Josh Stangle Syracuse

Orders and Non-commutative Crepant Resolutions arXiv: 1604.01748 Josh Stangle Syracuse

Orders and Non-commutative Crepant Resolutions arXiv: 1604.01748 Josh Stangle Syracuse University August 24, 2016 ICRA 2016 Stangle 1 Non-commutative crepant resolutions In 2004, Van den Bergh proposed the following qualities for a

457 views • 22 slides
Sandpile Groups of Cubes B. Anzis &amp; R. Prasad August 1, 2016 Sandpile Groups of Cubes

Sandpile Groups of Cubes B. Anzis &amp; R. Prasad August 1, 2016 Sandpile Groups of Cubes

Sandpile Groups of Cubes B. Anzis &amp; R. Prasad August 1, 2016 Sandpile Groups of Cubes August 1, 2016 1 / 27 Overview Introduction Sandpile Groups of Cubes August 1, 2016 2 / 27 Overview Introduction Definitions Sandpile Groups of

847 views • 61 slides
Stay and Share November 2016 Welcome to Year 2 Class 2 At the end of the year your children

Stay and Share November 2016 Welcome to Year 2 Class 2 At the end of the year your children

Year 2 Stay and Share November 2016 Welcome to Year 2 Class 2 At the end of the year your children will take their SATs. They will sit 2 maths papers; an arithmetic paper and a reasoning paper. They are not allowed any visual resources

489 views • 27 slides
Year 4 Multiplication Tables Check (M (MTC) John Perry Primary School Mul ultip ipli

Year 4 Multiplication Tables Check (M (MTC) John Perry Primary School Mul ultip ipli

Year 4 Multiplication Tables Check (M (MTC) John Perry Primary School Mul ultip ipli licatio ion Table les Che heck overv erview The purpose of the Multiplication Tables Check (MTC) is to determine whether year 4 pupils can fluently

319 views • 11 slides
PowerGraph Distributed Graph-Parallel Computation on Natural Graphs JOSHUA SEND 24/10/2017

PowerGraph Distributed Graph-Parallel Computation on Natural Graphs JOSHUA SEND 24/10/2017

PowerGraph Distributed Graph-Parallel Computation on Natural Graphs JOSHUA SEND 24/10/2017 LSDPO SESSION 3 Intuition for Graph Processing Systems Overall goal efficiently compute over large graphs of data key is distributing work

365 views • 19 slides
Better mathematics conference Subject leadership Paul Tomkow HMI Autumn 2016 Aims of workshops

Better mathematics conference Subject leadership Paul Tomkow HMI Autumn 2016 Aims of workshops

Better mathematics conference Subject leadership Paul Tomkow HMI Autumn 2016 Aims of workshops To strengthen your leadership role in improving: the quality of mathematics teaching the subject-specific focus and impact of monitoring

1.07k views • 81 slides
TIMES TABLES HOW WE TEACH TIMES TABLES AND HOW YOU CAN HELP WHY ARE TIMES TABLES IMPORTANT?

TIMES TABLES HOW WE TEACH TIMES TABLES AND HOW YOU CAN HELP WHY ARE TIMES TABLES IMPORTANT?

TIMES TABLES HOW WE TEACH TIMES TABLES AND HOW YOU CAN HELP WHY ARE TIMES TABLES IMPORTANT? New from 2019: all children in year 4 will sit an online times table test. Times Tables knowledge and recall underpin so many different areas of

526 views • 25 slides
Number Sense Routines that Support the SMPs GLAMC Mini Conference #1 Susan Tate and Melissa

Number Sense Routines that Support the SMPs GLAMC Mini Conference #1 Susan Tate and Melissa

Number Sense Routines that Support the SMPs GLAMC Mini Conference #1 Susan Tate and Melissa Canham Sept. 27, 2014 Number Sense Number sense is an awareness and understanding about what numbers are, their relationships, their magnitude, the

265 views • 24 slides
USING ARRAYS TO HELP CHILDREN MOVE FROM ADDITIVE TO MULTIPLICATIVE THINKING Sen Delaney

USING ARRAYS TO HELP CHILDREN MOVE FROM ADDITIVE TO MULTIPLICATIVE THINKING Sen Delaney

USING ARRAYS TO HELP CHILDREN MOVE FROM ADDITIVE TO MULTIPLICATIVE THINKING Sen Delaney American Educational Research Association New York City, 14 April 2018 2-D ARRAYS &amp; MULTIPLICATION MATHEMATICS PROBLEM Our local cinema has 26 rows

369 views • 18 slides
Sage-Symbolics Making a new system for performing Calculus and Physics Gary Furnish August 6,

Sage-Symbolics Making a new system for performing Calculus and Physics Gary Furnish August 6,

Introduction Progress Benchmarks Future Plans Sage-Symbolics Making a new system for performing Calculus and Physics Gary Furnish August 6, 2008 Gary Furnish Sage Symbolics Introduction Progress Benchmarks Future Plans Introduction

747 views • 32 slides
INFERENCE SCHEMES FOR M BEST SOLUTIONS FOR SOFT CSPS Emma Rolln, Natalia Flerova and Rina

INFERENCE SCHEMES FOR M BEST SOLUTIONS FOR SOFT CSPS Emma Rolln, Natalia Flerova and Rina

INFERENCE SCHEMES FOR M BEST SOLUTIONS FOR SOFT CSPS Emma Rolln, Natalia Flerova and Rina Dechter erollon@lsi.upc.edu, flerova@ics.uci.edu, dechter@ics.uci.edu Universitat Politcnica de Catalunya University of California, Irvine Summary

790 views • 45 slides
Process and Impacts of Soil Compaction John Chapman Program Director Erosion and Stormwater

Process and Impacts of Soil Compaction John Chapman Program Director Erosion and Stormwater

Process and Impacts of Soil Compaction John Chapman Program Director Erosion and Stormwater Management Certification Program Bioproducts and Biosystems Engineering Department University of Minnesota chapm155@umn.edu Clean Water Summit

748 views • 33 slides
Landscape Salvatore Mangiafico Rutgers Cooperative Extension Environmental and Resource

Landscape Salvatore Mangiafico Rutgers Cooperative Extension Environmental and Resource

Soil Health Practices in the Landscape Salvatore Mangiafico Rutgers Cooperative Extension Environmental and Resource Management Agent In this session... Benefits of healthy soils in the landscape Plant Health - aeration for roots, - water

775 views • 32 slides
Introduction For site investigation, in-situ tests are increasingly used to determine the soil

Introduction For site investigation, in-situ tests are increasingly used to determine the soil

Proceedings CIGMAT-2010 Conference &amp; Exhibition FIELD COMPACTION VERIFICATION USING A NEW SURFACE PENETROMETER (SP- CIGMAT) DURING CONSTRUCTION C. Vipulanandan , Ph.D., P.E. Professor and Director of Center for Innovative Grouting Materials

541 views • 12 slides
United States Court of Appeals for the Federal Circuit 2006-1604 E-PASS TECHNOLOGIES, INC.,

United States Court of Appeals for the Federal Circuit 2006-1604 E-PASS TECHNOLOGIES, INC.,

NOTE: This disposition is nonprecedential. United States Court of Appeals for the Federal Circuit 2006-1604 E-PASS TECHNOLOGIES, INC., Plaintiff-Appellant, v. MICROSOFT CORPORATION, Defendant-Appellee, and COMPAQ COMPUTER CORPORATION (now

303 views • 8 slides
Simultaneous Multithreading: Simultaneous Multithreading: Multiplying Alpha Performance

Simultaneous Multithreading: Simultaneous Multithreading: Multiplying Alpha Performance

Simultaneous Multithreading: Simultaneous Multithreading: Multiplying Alpha Performance Multiplying Alpha Performance Dr. Joel Emer Dr. Joel Emer Principal Member Technical Staff Principal Member Technical Staff Alpha Development Group

474 views • 12 slides
PERFORMANCE REVIEW 1998 SembCorp Industries PATMI for FY98 showed 1 per cent growth to

PERFORMANCE REVIEW 1998 SembCorp Industries PATMI for FY98 showed 1 per cent growth to

PERFORMANCE REVIEW 1998 SembCorp Industries PATMI for FY98 showed 1 per cent growth to $92.9m. The Directors recommend a 10 per cent dividend amounting to $29.2m to shareholders. 2 2 SCOPE Financial Performance Post-merger

765 views • 37 slides
eScience Projects in Projects in eScience Singapore Singapore Lawrence Wong National Grid

eScience Projects in Projects in eScience Singapore Singapore Lawrence Wong National Grid

eScience Projects in Projects in eScience Singapore Singapore Lawrence Wong National Grid Office, Singapore International Symposium on Grid Computing 26 28 July 2004 Outline Outline Introduction to National Grid Virtual Grid

426 views • 31 slides
Management of Nonspecific Chronic Low Back Pain LOI Applicant Town Hall April 20, 2016 Agenda

Management of Nonspecific Chronic Low Back Pain LOI Applicant Town Hall April 20, 2016 Agenda

Comparison of Surgical and Nonsurgical Options for Management of Nonspecific Chronic Low Back Pain LOI Applicant Town Hall April 20, 2016 Agenda Welcome Submitting Questions: Submit questions via Overview the chat function in Meeting

702 views • 32 slides
Regional Resource Adequacy Stakeholder Meeting on Second Revised Straw Proposal Portland, OR

Regional Resource Adequacy Stakeholder Meeting on Second Revised Straw Proposal Portland, OR

Regional Resource Adequacy Stakeholder Meeting on Second Revised Straw Proposal Portland, OR June 2, 2016 Agenda Time (PST) Topic Presenter 10:00 - 10:10 am Welcome, Introductions and Stakeholder Process Kristina Osborne 10:10 - 10:30 am

1.16k views • 79 slides
Agenda What is Learning Analy1cs defini1on Introduc1on to Pa9ern quick demo Instructor

Agenda What is Learning Analy1cs defini1on Introduc1on to Pa9ern quick demo Instructor

UW Madison Learning AnalyEcs Series U SIN G P ATTERN TO L O G C O U RSE A CTIVITIES P RESEN TED BY M IG U EL G A RCIA -G O SA LVEZ H EATH ER K IRKO RIA N J A M ES M C K AY K IM A RN O LD I NTRODUCTION TO L EARNING A NALYTICS AND P ATTERN Agenda

1.13k views • 66 slides
Suffix tree and Suffix array Karatsuba CS214: Algorithms and Complexity Shanghai Jiao Tong

Suffix tree and Suffix array Karatsuba CS214: Algorithms and Complexity Shanghai Jiao Tong

Suffix tree and Suffix array Karatsuba CS214: Algorithms and Complexity Shanghai Jiao Tong University 2016.12.22 Q: How to find a match of S in a target DNA sequence? S: DNA: Q: How to find a match of S in a target DNA sequence? S: DNA:

1.22k views • 107 slides

More recommend