Project: Embedded SMC

Size: px

Start display at page:

Download "Project: Embedded SMC"

Jemima Little
5 years ago
Views:

1 Project: Embedded SMC

2 What is Secure Computa1on [SMC] A Compute f(a, B) Without revealing A to Bob and B to Alice B 2

3 Using a Trusted Third Party A B f(a, B) f(a, B) A Compute f(a, B) Without revealing A to Bob and B to Alice B 3

4 Secure Computa1on Eliminates Trusted Third Party Cryptographic Protocol A Compute f(a, B) Without revealing A to Bob and B to Alice B 4

5 Secure Computa1on Examples Richest Millionaire Without revealing salaries Nearest Neighbor Without revealing loca1ons Auc1on Without revealing bids Private Set Intersec1on Without revealing sets

6 Millionaires bool bob_is_richer(int bob_net_worth, int alice_net_worth) { if (bob_net_worth > alice_net_worth) { return true; else { return false;

7 Poor abstrac1on Boolean circuits are not a good mode of programming. Millionaires circuit descrip1on: n 2 d i i o o v 0 1 v 1 1 g g g g g g g g several hundred more lines (gates) Boolean Circuit

8 Poor abstrac1on Need to mix secure computa1on and local computa1on (for user input, output to terminal, graphics, etc).

9 One Solu1on: design a new language See Wysteria. Problem: new languages are feature- poor and have li_le suppor1ng libraries (if any) Especially for user interac1on, graphics, etc.

10 Project: SMC Embedding Embed SMC in an exis1ng, established language. Usability: (as much as possible) write secure computa1ons in the same style and syntax as the host language int my_worth; scanf( %d, &my_worth); bool bob_richer = **MAGIC** bob_is_richer(?, my_worth) **MAGIC** if (bob_richer) { prinh( bob is richer ); else { prinh( I am richer );

11 Project: SMC Embedding Op1ons: Monads in haskell? Well designed class interface in Java? Meta- programming? Something you are good with? No crypto required, unless you really want to

12 Two Projects on probabilis>c programming

13 Probabilis1c programming Higher- level view of programs with randomness (or random input). bool is_rand_even() { if (rand() % 2 == 0) { return true; else { return false; Typical view: samples true, true, false, false, true, true, true

14 Probabilis1c programming Higher- level view of programs with randomness (or random input). bool is_rand_even() { if (rand() % 2 == 0) { return true; else { return false; Probabilis1c view: probability distribu1on Pr[R = true] = Pr[R = false] = 0.5

$bool is_even(int i) { if (i % 2 == 0) { return true; else { return$

15 Probabilis1c programming A program is a condi1onal distribu1on. bool is_even(int i) { if (i % 2 == 0) { return true; else { return false;

16 Inference A program is a condi1onal distribu1on. int x = rand() % 1000; bool is_even(int i) { if (i % 2 == 0) { return true; else { return false; observe (is_even(x) = true); Pr[X=0] = Pr[X=2] = 1/500 Pr[X=1] = Pr[X=3] = 0

$int x = (rand() % 1000) + (rand() % 1000); bool is_even(int i) { if (i % 2 == 0) { return true; else {$

17 Inference Automate non- obvious probabilis1c inference. int x = (rand() % 1000) + (rand() % 1000); bool is_even(int i) { if (i % 2 == 0) { return true; else { return false; observe (is_even(x) = true); Pr[X] =???

18 Uses Machine learning Write down model as a program with missing parameters, infer them based on observa1on. Verifica1on What is the probability that this program has this inconvenient value? Security What does the adversary know about a X given they learn output of C(X)?

19 Difficult Naïve implementa1on is no good: (large state spaces): Pr[X=0] = Pr[X=2] = 1/500 Solu1on: use clever representa1ons of distribu1ons. Graphical models Decision diagrams Other terms we know nothing about Abstract domains

20 Abstrac1on Small descrip1on of a large state space: int x = rand() % 1000; Naïve: Pr[X=0] = 1/1000, Pr[X=1] = 1/1000 Abstract: Pr[0 <= X < 1000] = 1/1000 Abstract interpreta1on: Evaluate program on an abstract set of states (instead of a single one).

21 Project 1: probabilis>c abstract interpreta>on for func>onal language Exis1ng abstract interpreter: Impera1ve language, no types beyond int, not data type construc1ons Formalize the abstract interpreta1on for a func1onal equivalent with: More types: strings, etc. Data type constructors. Implement it?

22 Abstrac1on Current implementa1on is based on convex polyhedra (like intervals) Good for: int x = rand() % 1000; (0 <= X < 1000) Bad for: (observe is_even(x) = true)

23 Abstrac1on Sa1sfyability modulo theories [SMT] Represent program states in terms of logical formulas as predicates from some theory (like linear inequali1es, integers modulo X, etc.). (0 <= x < 1000) and (x = 0 mod 2) Theory of integer linear arithme1c Logical connec1ves

24 Project 2: SMT- based abstrac>on Use SMT formulas in representa1on of probability distribu1ons instead of convex polyhedra. Formalize the probabilis1c abstract interpreta1on based on SMT formulas. Implement it?

Design Principles & Prac4ces

Design Principles & Prac4ces Robert France Robert B. France 1 Understanding complexity Accidental versus Essen4al complexity Essen%al complexity: Complexity that is inherent in the problem or the solu4on