Taypsi: Static Enforcement of Privacy Policies for Policy-Agnostic Oblivious Computation
Article No.: 144, Pages 1407 - 1436
Abstract
Secure multiparty computation (MPC) techniques enable multiple parties to compute joint functions over their private data without sharing that data with other parties, typically by employing powerful cryptographic protocols to protect individual's data. One challenge when writing such functions is that most MPC languages force users to intermix programmatic and privacy concerns in a single application, making it difficult to change or audit a program's underlying privacy policy. Prior policy-agnostic MPC languages relied on dynamic enforcement to decouple privacy requirements from program logic. Unfortunately, the resulting overhead makes it difficult to scale MPC applications that manipulate structured data. This work proposes to eliminate this overhead by instead transforming programs into semantically equivalent versions that statically enforce user-provided privacy policies. We have implemented this approach in a new MPC language, called Taypsi; our experimental evaluation demonstrates that the resulting system features considerable performance improvements on a variety of MPC applications involving structured data and complex privacy policies.
Supplementary Material
This is the appendix of the OOPSLA24 paper "Taypsi: Static Enforcement of Privacy Policies for Policy-Agnostic Oblivious Computation".
- Download
- 529.01 KB
References
[1]
Abbas Acar, Hidayet Aksu, A. Selcuk Uluagac, and Mauro Conti. 2018. A Survey on Homomorphic Encryption Schemes: Theory and Implementation. ACM Computing Surveys (CSUR), 51, 4 (2018), July, 79:1–79:35. issn:0360-0300 https://doi.org/10.1145/3214303
[2]
Coşku Acay, Joshua Gancher, Rolph Recto, and Andrew C. Myers. 2024. Secure Synthesis of Distributed Cryptographic Applications (Technical Report). https://doi.org/10.48550/arXiv.2401.04131 arxiv:2401.04131.
[3]
Coşku Acay, Rolph Recto, Joshua Gancher, Andrew C. Myers, and Elaine Shi. 2021. Viaduct: An Extensible, Optimizing Compiler for Secure Distributed Programs. In Proceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation (PLDI 2021). Association for Computing Machinery, New York, NY, USA. 740–755. isbn:978-1-4503-8391-2 https://doi.org/10.1145/3453483.3454074
[4]
Amal Ahmed. 2006. Step-Indexed Syntactic Logical Relations for Recursive and Quantified Types. In Programming Languages and Systems, Peter Sestoft (Ed.) (Lecture Notes in Computer Science). Springer, Berlin, Heidelberg. 69–83. isbn:978-3-540-33096-7 https://doi.org/10.1007/11693024_6
[5]
Yuyan Bao, Kirshanthan Sundararajah, Raghav Malik, Qianchuan Ye, Christopher Wagner, Nouraldin Jaber, Fei Wang, Mohammad Hassan Ameri, Donghang Lu, Alexander Seto, Benjamin Delaware, Roopsha Samanta, Aniket Kate, Christina Garman, Jeremiah Blocki, Pierre-David Letourneau, Benoit Meister, Jonathan Springer, Tiark Rompf, and Milind Kulkarni. 2021. HACCLE: Metaprogramming for Secure Multi-Party Computation. In Proceedings of the 20th ACM SIGPLAN International Conference on Generative Programming: Concepts and Experiences (GPCE 2021). Association for Computing Machinery, New York, NY, USA. 130–143. isbn:978-1-4503-9112-2 https://doi.org/10.1145/3486609.3487205
[6]
Gilles Barthe, Gustavo Betarte, Juan Campo, Carlos Luna, and David Pichardie. 2014. System-Level Non-Interference for Constant-Time Cryptography. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS ’14). Association for Computing Machinery, Scottsdale, Arizona, USA. 1267–1279. isbn:978-1-4503-2957-6 https://doi.org/10.1145/2660267.2660283
[7]
Gilles Barthe, Gustavo Betarte, Juan Diego Campo, and Carlos Luna. 2019. System-Level Non-Interference of Constant-Time Cryptography. Part I: Model. Journal of Automated Reasoning, 63, 1 (2019), June, 1–51. issn:1573-0670 https://doi.org/10.1007/s10817-017-9441-5
[8]
Amos Beimel. 2011. Secret-Sharing Schemes: A Survey. In Coding and Cryptology, Yeow Meng Chee, Zhenbo Guo, San Ling, Fengjing Shao, Yuansheng Tang, Huaxiong Wang, and Chaoping Xing (Eds.) (Lecture Notes in Computer Science). Springer, Berlin, Heidelberg. 11–46. isbn:978-3-642-20901-7 https://doi.org/10.1007/978-3-642-20901-7_2
[9]
Niklas Büscher, Daniel Demmler, Stefan Katzenbeisser, David Kretzmer, and Thomas Schneider. 2018. HyCC: Compilation of Hybrid Protocols for Practical Secure Computation. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS ’18). ACM, New York, NY, USA. 847–861. isbn:978-1-4503-5693-0 https://doi.org/10.1145/3243734.3243786
[10]
Sunjay Cauligi, Gary Soeller, Brian Johannesmeyer, Fraser Brown, Riad S. Wahby, John Renner, Benjamin Grégoire, Gilles Barthe, Ranjit Jhala, and Deian Stefan. 2019. FaCT: A DSL for Timing-Sensitive Computation. In Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2019). Association for Computing Machinery, Phoenix, AZ, USA. 174–189. isbn:978-1-4503-6712-7 https://doi.org/10.1145/3314221.3314605
[11]
Meghan Cowan, Deeksha Dangwal, Armin Alaghi, Caroline Trippel, Vincent T. Lee, and Brandon Reagen. 2021. Porcupine: A Synthesizing Compiler for Vectorized Homomorphic Encryption. In Proceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation (PLDI 2021). Association for Computing Machinery, New York, NY, USA. 375–389. isbn:978-1-4503-8391-2 https://doi.org/10.1145/3453483.3454050
[12]
David Darais, Ian Sweet, Chang Liu, and Michael Hicks. 2020. A Language for Probabilistically Oblivious Computation. Proceedings of the ACM on Programming Languages, 4, POPL (2020), Jan., 1–31. issn:2475-1421, 2475-1421 https://doi.org/10.1145/3371118 arxiv:1711.09305.
[13]
Roshan Dathathri, Blagovesta Kostova, Olli Saarikivi, Wei Dai, Kim Laine, and Madan Musuvathi. 2020. EVA: An Encrypted Vector Arithmetic Language and Compiler for Efficient Homomorphic Computation. In Proceedings of the 41st ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI 2020). Association for Computing Machinery, New York, NY, USA. 546–561. isbn:978-1-4503-7613-6 https://doi.org/10.1145/3385412.3386023
[14]
Leonardo de Moura and Nikolaj Bjørner. 2008. Z3: An Efficient SMT Solver. In Tools and Algorithms for the Construction and Analysis of Systems, C. R. Ramakrishnan and Jakob Rehof (Eds.) (Lecture Notes in Computer Science). Springer, Berlin, Heidelberg. 337–340. isbn:978-3-540-78800-3 https://doi.org/10.1007/978-3-540-78800-3_24
[15]
David Evans, Vladimir Kolesnikov, and Mike Rosulek. 2018. A Pragmatic Introduction to Secure Multi-Party Computation. Foundations and Trends® in Privacy and Security, 2, 2-3 (2018), 70–246. issn:2474-1558, 2474-1566 https://doi.org/10.1561/3300000019
[16]
Cormac Flanagan, Amr Sabry, Bruce F. Duba, and Matthias Felleisen. 1993. The Essence of Compiling with Continuations. ACM SIGPLAN Notices, 28, 6 (1993), June, 237–247. issn:0362-1340 https://doi.org/10.1145/173262.155113
[17]
Craig Gentry. 2009. Fully Homomorphic Encryption Using Ideal Lattices. In Proceedings of the Forty-First Annual ACM Symposium on Theory of Computing (STOC ’09). Association for Computing Machinery, New York, NY, USA. 169–178. isbn:978-1-60558-506-2 https://doi.org/10.1145/1536414.1536440
[18]
J. A. Goguen and J. Meseguer. 1982. Security Policies and Security Models. In 1982 IEEE Symposium on Security and Privacy. 11–11. issn:1540-7993 https://doi.org/10.1109/SP.1982.10014
[19]
O. Goldreich, S. Micali, and A. Wigderson. 1987. How to Play ANY Mental Game. In Proceedings of the Nineteenth Annual ACM Symposium on Theory of Computing (STOC ’87). Association for Computing Machinery, New York, New York, USA. 218–229. isbn:978-0-89791-221-1 https://doi.org/10.1145/28395.28420
[20]
M. Hastings, B. Hemenway, D. Noble, and S. Zdancewic. 2019. SoK: General Purpose Compilers for Secure Multi-Party Computation. In 2019 2019 IEEE Symposium on Security and Privacy (SP). IEEE Computer Society, Los Alamitos, CA, USA. 479–496. https://doi.org/10.1109/SP.2019.00028
[21]
Carmit Hazay and Yehuda Lindell. 2010. Efficient Secure Two-Party Protocols: Techniques and Constructions. Springer, Berlin ; London. isbn:978-3-642-14302-1 lccn:Z103 .H29 2010
[22]
Matthew E Hoekstra. 2015. Intel SGX for Dummies (Intel SGX Design Objectives). https://www.intel.com/content/www/us/en/develop/blogs/protecting-application-secrets-with-intel-sgx.html
[23]
2015. Applications of Secure Multiparty Computation, Peeter Laud and Liina Kamm (Eds.) (Cryptology and Information Security Series). IOS Press, Amsterdam, Netherlands. isbn:978-1-61499-532-6 978-1-61499-531-9
[24]
Chang Liu, Michael Hicks, and Elaine Shi. 2013. Memory Trace Oblivious Program Execution. In 2013 IEEE 26th Computer Security Foundations Symposium. 51–65. issn:2377-5459 https://doi.org/10.1109/CSF.2013.11
[25]
C. Liu, X. S. Wang, K. Nayak, Y. Huang, and E. Shi. 2015. ObliVM: A Programming Framework for Secure Computation. In 2015 IEEE Symposium on Security and Privacy. 359–376. issn:2375-1207 https://doi.org/10.1109/SP.2015.29
[26]
Raghav Malik, Kabir Sheth, and Milind Kulkarni. 2023. Coyote: A Compiler for Vectorizing Encrypted Arithmetic Circuits. In Proceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 3 (ASPLOS 2023). Association for Computing Machinery, New York, NY, USA. 118–133. isbn:978-1-4503-9918-0 https://doi.org/10.1145/3582016.3582057
[27]
Raghav Malik, Vidush Singhal, Benjamin Gottfried, and Milind Kulkarni. 2021. Vectorized Secure Evaluation of Decision Forests. In Proceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation (PLDI 2021). Association for Computing Machinery, New York, NY, USA. 1049–1063. isbn:978-1-4503-8391-2 https://doi.org/10.1145/3453483.3454094
[28]
Dahlia Malkhi, Noam Nisan, Benny Pinkas, and Yaron Sella. 2004. Fairplay - a Secure Two-Party Computation System. In Proceedings of the 13th Conference on USENIX Security Symposium - Volume 13 (SSYM’04). USENIX Association, USA. 20.
[29]
Ueli Maurer. 2006. Secure Multi-Party Computation Made Simple. Discrete Applied Mathematics, 154, 2 (2006), Feb., 370–381. issn:0166-218X https://doi.org/10.1016/j.dam.2005.03.020
[30]
A. Rastogi, M. A. Hammer, and M. Hicks. 2014. Wysteria: A Programming Language for Generic, Mixed-Mode Multiparty Computations. In 2014 IEEE Symposium on Security and Privacy. 655–670. https://doi.org/10.1109/SP.2014.48
[31]
Aseem Rastogi, Nikhil Swamy, and Michael Hicks. 2019. Wys*: A DSL for Verified Secure Multi-Party Computations. In Principles of Security and Trust, Flemming Nielson and David Sands (Eds.) (Lecture Notes in Computer Science). Springer International Publishing, 99–122. isbn:978-3-030-17138-4 https://doi.org/10.1007/978-3-030-17138-4_5
[32]
A. Sabelfeld and A.C. Myers. 2003. Language-Based Information-Flow Security. IEEE Journal on Selected Areas in Communications, 21, 1 (2003), Jan., 5–19. issn:1558-0008 https://doi.org/10.1109/JSAC.2002.806121
[33]
Ian Sweet, David Darais, David Heath, William Harris, Ryan Estes, and Michael Hicks. 2023. Symphony: Expressive Secure Multiparty Computation with Coordination. The Art, Science, and Engineering of Programming, 7, 3 (2023), Feb., 14:1–14:55. issn:2473-7321 https://doi.org/10.22152/programming-journal.org/2023/7/14
[34]
Alexander Viand, Patrick Jattke, Miro Haller, and Anwar Hithnawi. 2023. HECO: Fully Homomorphic Encryption Compiler. In 32nd USENIX Security Symposium (USENIX Security 23). USENIX Association, Anaheim, CA, USA. 4715–4732. isbn:978-1-939133-37-3 https://www.usenix.org/conference/usenixsecurity23/presentation/viand
[35]
Xiao Wang, Alex J. Malozemoff, and Jonathan Katz. 2016. EMP-toolkit: Efficient MultiParty computation toolkit. https://github.com/emp-toolkit
[36]
Jean Yang, Kuat Yessenov, and Armando Solar-Lezama. 2012. A Language for Automatically Enforcing Privacy Policies. In Proceedings of the 39th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages - POPL ’12. ACM Press, Philadelphia, PA, USA. 85. isbn:978-1-4503-1083-3 https://doi.org/10.1145/2103656.2103669
[37]
Andrew C. Yao. 1982. Protocols for Secure Computations. In 23rd Annual Symposium on Foundations of Computer Science (Sfcs 1982). 160–164. issn:0272-5428 https://doi.org/10.1109/SFCS.1982.38
[38]
Qianchuan Ye and Benjamin Delaware. 2022. Oblivious Algebraic Data Types. Proceedings of the ACM on Programming Languages, 6, POPL (2022), Jan., 51:1–51:29. https://doi.org/10.1145/3498713
[39]
Qianchuan Ye and Benjamin Delaware. 2023. Taype: A Policy-Agnostic Language for Oblivious Computation. Proceedings of the ACM on Programming Languages, 7, PLDI (2023), June, 147:1001–147:1025. https://doi.org/10.1145/3591261
[40]
Qianchuan Ye and Benjamin Delaware. 2024. Taypsi: Static Enforcement of Privacy Policies for Policy-Agnostic Oblivious Computation: OOPSLA24 Artifact. Zenodo. https://doi.org/10.5281/zenodo.10701642
[41]
Samee Zahur and David Evans. 2015. Obliv-C: A Language for Extensible Data-Oblivious Computation. https://eprint.iacr.org/2015/1153
[42]
Stephan Arthur Zdancewic. 2002. Programming Languages for Information Security. Ph. D. Dissertation. Cornell University. USA.
[43]
Yihua Zhang, Aaron Steele, and Marina Blanton. 2013. PICCO: A General-Purpose Compiler for Private Distributed Computation. In Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security (CCS ’13). Association for Computing Machinery, New York, NY, USA. 813–826. isbn:978-1-4503-2477-9 https://doi.org/10.1145/2508859.2516752
Index Terms
- Taypsi: Static Enforcement of Privacy Policies for Policy-Agnostic Oblivious Computation
Recommendations
Taype: A Policy-Agnostic Language for Oblivious Computation
Secure multiparty computation (MPC) allows for joint computation over private data from multiple entities, usually backed by powerful cryptographic techniques that protect sensitive data. Several high-level programming languages have been proposed to ...
Oblivious algebraic data types
Secure computation allows multiple parties to compute joint functions over private data without leaking any sensitive data, typically using powerful cryptographic techniques. Writing secure applications using these techniques directly can be challenging, ...
Oblivious enforcement of hidden information release policies
ASIACCS '10: Proceedings of the 5th ACM Symposium on Information, Computer and Communications SecurityIn a computing system, sensitive data must be protected by release policies that determine which principals are authorized to access that data. In some cases, such a release policy could refer to information about the requesting principal that is ...
Comments
Information & Contributors
Information
Published In
April 2024
1492 pages
Copyright © 2024 Owner/Author.
This work is licensed under a Creative Commons Attribution International 4.0 License.
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 29 April 2024
Published in PACMPL Volume 8, Issue OOPSLA1
Check for updates
Badges
Author Tags
Qualifiers
- Research-article
Funding Sources
- Cisco Systems
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 207Total Downloads
- Downloads (Last 12 months)207
- Downloads (Last 6 weeks)44
Reflects downloads up to 28 Jan 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in