An introduction to FRESCO Janus Dam Nielsen phd Research and Innovation Scientist The Alexandra Institute Joint work with the Cryptography and Security group at the University of Aarhus ID: 646108
Download Presentation The PPT/PDF document "Framework for Realizing Efficient Secure..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Framework for Realizing Efficient Secure Computations
An introduction to FRESCO
Janus Dam Nielsen, ph.dResearch and Innovation ScientistThe Alexandra Institute
Joint work with
the Cryptography and Security group at the University of Aarhus Slide2
Non-profit
application oriented
research institution – focus on IT5 labs including IT-Security100+ employeesAbout ”Alexandra Instituttet A/S”5th of June, 2012Page 2Slide3
5th of June, 2012
Page
3Secure ComputationsMPC protocolsApplications which use MPC protocolsE.g. auctions, databases, games, benchmarking, etc.Efficient Efficient implementations of MPC protocols and applicationFrameworkA reusable set of libraries used to implement secure computationsFRESCO is written in JavaA Framework for Realizing Efficient Secure ComputationsSlide4
5th of June, 2012
Page
4Implement protocol independent applicationsReuse MPC protocol implementationsReuse scaffold infrastructureReuse network communication strategiesFair comparisonApplications, protocols, networkMake it easier to utilize MPCShare knowledgeDoes not require as much effort as a domain specific languageWhy do we need a frameworkSlide5
Page 5
Use
all available coresUtilization of the coresRessource challenges for MPC applicationsWrite timeLatency
Number
of
writes
Use
cache
and
RAM
No
swapping
CPU
Network
Memory
5
th
of June, 2012Slide6
5
th
of June, 2012Page 6FRESCO and CPU utilisation
Parallel
A circuit of gates
Level
1
Level
2
Level
3
Level
4
Ready gateSlide7
Page 7
What is a gate?
A number of input wiresOne output wireA gate can be evaluated, but only when input is readyOnly one round of communication
It is a unit of
work
Uniform,
fits
most
use
cases
Evaluated
twice
:
before
sending and
after
receiving
data
5
th
of June, 2012Slide8
5
th
of June, 2012
Page
8
FRESCO and
memory
utilisationSlide9
Page
9
FRESCO and
network
utilisation
- 1
Input
Output
5
th
of June, 2012Slide10
Page
10
FRESCO and
network
utilisation
- 2
Input
Output
1
2
3
1
2
3
5
th
of June, 2012Slide11
5th of June, 2012
Page
11The Architecture of FRESCOProgramGate
Evaluator
Network
OutputSlide12
Page
12
Who is in control?Framework5th of June, 2012Slide13
Page
13
The Evaluator is in control5th of June, 2012Slide14
Page
14
Consequences
Better resource
utilisation
Wiring a circuit is tedious
5
th
of June, 2012Slide15
Page 15
Application
programmers care about8, 16, 32, or 64 bit integersBooleansBitsOpen or closed valuesProtocol implementers provides circuits for operations on these typesAdditionMultiplicationxorEtc.Application Programmer Interface5th of June, 2012Slide16
Page 16
Better
suite the level of abstraction of the application programmerReuse codeCircuits should be plugable5th of June, 2012BinaryCircuit add = provider.getAddCircuit(x, y, sum);BinaryCircuit mult = provider.getMultCircuit(sum, z, mult
);
OpenInt
open =
provider.getOpenCircuit(mult
,
o
);
evaluator.eval(add
, mult,
open
);
System.out.println(”Result
: ” + o);Slide17
5th of June, 2012
Page
17Implemented following protocolsPassively secure shamir VSS [Gennaro, Rabin, Rabin. ”Simplified VSS and Fast-track Multiparty Computations with Applications to Threshold Cryptography
”]
SHE
[
Bendlin
,
Damgård
,
Orlandi
, Zakarias. ”
Semi-homomorphic
Encryption
and Multiparty
Computation
”]
SPZ
[
Damgård
,
Pastro
, Smart, Zakarias. ”
Multipary Computation from Somewhat homomorphic encryption”]TinyOT [Nielsen,
Nordholt, Orlandi, Burra. ”A New Approach to
Practical Active-Secure Two-Party
Computation”]Kaka [Katz
,
Malka
. ”
Constant
Round
Private
Function
Evaluation
”]
Practical ExperiencesSlide18
5th of June, 2012
Page
18Implemented the protocol by Gennaro, Rabin, and Rabin onceImplemented three different strategies for the network and evaluatorSequential networkParallel network using Netty (framework for asynchronous communication)Parallel network using two dedicated threads at each client, one for sending and one for receiving data
Using
FRESCO for
Exploration
Got
a factor of 20
speedup
between
the
first
and the
thirdSlide19
5th of June, 2012
Page
19Some numbersMultiplications [GRR], 1GHz dual core Opteron, 2mb cache, 2 Gb RAMSlide20
5th of June, 2012
Page
20Thank youQuestions?