Language-Based Techniques for Secure Programming

Secure Computation (SC) encompasses many different cryptographic techniques for computing over encrypted data. In particular, Secure Multiparty Computation enables multiple parties to jointly compute a function over their secret inputs. MPC languages offer programmers a familiar environment in which to express their programs, but fall short when confronted with problems that require flexible coordination. More broadly, SC languages do not protect non-expert programmers from violating obliviousness or expected bounds on information leakage. We aim to show that secure programming can be made safer through language-based techniques for expressive, coordinated MPC; probabilistically oblivious execution; and quantitative analysis of information flow. We begin by presenting Symphony, an expressive MPC language that provides flexible coordination of many parties, which has been used to implement the secure shuffle of Laur, Willemson, and Zhang. Next, we present λObliv, a core language guaranteeing that well-typed programs are probabilistically oblivious, which has been used to type check tree-based, nonrecursive ORAM (NORAM). Finally, we present a novel application of dynamic analysis techniques to an existing system for enforcing bounds on information leakage, providing a better balance of precision and performance

Emergent velocity agreement in robot networks

In this paper we propose and prove correct a new self-stabilizing velocity agreement (flocking) algorithm for oblivious and asynchronous robot networks. Our algorithm allows a flock of uniform robots to follow a flock head emergent during the computation whatever its direction in plane. Robots are asynchronous, oblivious and do not share a common coordinate system. Our solution includes three modules architectured as follows: creation of a common coordinate system that also allows the emergence of a flock-head, setting up the flock pattern and moving the flock. The novelty of our approach steams in identifying the necessary conditions on the flock pattern placement and the velocity of the flock-head (rotation, translation or speed) that allow the flock to both follow the exact same head and to preserve the flock pattern. Additionally, our system is self-healing and self-stabilizing. In the event of the head leave (the leading robot disappears or is damaged and cannot be recognized by the other robots) the flock agrees on another head and follows the trajectory of the new head. Also, robots are oblivious (they do not recall the result of their previous computations) and we make no assumption on their initial position. The step complexity of our solution is O(n)

DR.SGX: Hardening SGX Enclaves against Cache Attacks with Data Location Randomization

Recent research has demonstrated that Intel's SGX is vulnerable to various software-based side-channel attacks. In particular, attacks that monitor CPU caches shared between the victim enclave and untrusted software enable accurate leakage of secret enclave data. Known defenses assume developer assistance, require hardware changes, impose high overhead, or prevent only some of the known attacks. In this paper we propose data location randomization as a novel defensive approach to address the threat of side-channel attacks. Our main goal is to break the link between the cache observations by the privileged adversary and the actual data accesses by the victim. We design and implement a compiler-based tool called DR.SGX that instruments enclave code such that data locations are permuted at the granularity of cache lines. We realize the permutation with the CPU's cryptographic hardware-acceleration units providing secure randomization. To prevent correlation of repeated memory accesses we continuously re-randomize all enclave data during execution. Our solution effectively protects many (but not all) enclaves from cache attacks and provides a complementary enclave hardening technique that is especially useful against unpredictable information leakage

Cryptographically Secure Information Flow Control on Key-Value Stores

We present Clio, an information flow control (IFC) system that transparently incorporates cryptography to enforce confidentiality and integrity policies on untrusted storage. Clio insulates developers from explicitly manipulating keys and cryptographic primitives by leveraging the policy language of the IFC system to automatically use the appropriate keys and correct cryptographic operations. We prove that Clio is secure with a novel proof technique that is based on a proof style from cryptography together with standard programming languages results. We present a prototype Clio implementation and a case study that demonstrates Clio's practicality.Comment: Full version of conference paper appearing in CCS 201

Minimum disclosure proofs of knowledge

AbstractProtocols are given for allowing a “prover” to convince a “verifier” that the prover knows some verifiable secret information, without allowing the verifier to learn anything about the secret. The secret can be probabilistically or deterministically verifiable, and only one of the prover or the verifier need have constrained resources. This paper unifies and extends models and techniques previously put forward by the authors, and compares some independent related work