Conclave: secure multi-party computation on big data (extended TR)

Secure Multi-Party Computation (MPC) allows mutually distrusting parties to run joint computations without revealing private data. Current MPC algorithms scale poorly with data size, which makes MPC on "big data" prohibitively slow and inhibits its practical use. Many relational analytics queries can maintain MPC's end-to-end security guarantee without using cryptographic MPC techniques for all operations. Conclave is a query compiler that accelerates such queries by transforming them into a combination of data-parallel, local cleartext processing and small MPC steps. When parties trust others with specific subsets of the data, Conclave applies new hybrid MPC-cleartext protocols to run additional steps outside of MPC and improve scalability further. Our Conclave prototype generates code for cleartext processing in Python and Spark, and for secure MPC using the Sharemind and Obliv-C frameworks. Conclave scales to data sets between three and six orders of magnitude larger than state-of-the-art MPC frameworks support on their own. Thanks to its hybrid protocols, Conclave also substantially outperforms SMCQL, the most similar existing system.Comment: Extended technical report for EuroSys 2019 pape

Trusted emergency management

The ability for emergency first responders to access sensitive information for which they have not been pre-vetted can save lives and property. We describe a trusted emergency management solution for ensuring that sensitive information is protected from unauthorized access, while allowing for extraordinary access to be authorized under the duress of an emergency. Our solution comprises an emergency access control policy, an operational model and a scalable system security architecture. The operational model involves endusers who are on call as first responders, providers of critical information, and a coordinating authority. Extraordinary access to information is allowed to occur only during emergencies, and only in a confined emergency partition, which is unavailable before the emergency and can be completely purged after the emergency. As all information remains within its assigned partition, after the emergency the system can meaningfully enforce its pre-emergency access control policy. A major component of the architecture is the end-user device, and we describe mechanisms on the device for secure storage of data, and for management of emergency state, to indicate feasibility.Grant numbers: CNS-0430566 and CNS-0430598.Approved for public release; distribution is unlimited

Practical Privacy-Preserving Indoor Localization based on Secure Two-Party Computation

We present a privacy-preserving indoor localization scheme based on received signal strength measurements, e.g., from WiFi access points. Our scheme preserves the privacy of both the client's location and the service provider's database by using secure two-party computation instantiated with known cryptographic primitives, namely, Paillier encryption and garbled circuits. We describe a number of optimizations that reduce the computation and communication overheads of the scheme and provide theoretical evaluations of these overheads. We also demonstrate the feasibility of the scheme by developing a proof-of-concept implementation for Android smartphones and commodity servers. This implementation allows us to validate the practical performance of our scheme and to show that it is feasible for practical use in certain types of indoor localization applications.Peer reviewe

Encryption Backdoors: A Discussion of Feasibility, Ethics, and the Future of Cryptography

In the age of technological advancement and the digitization of information, privacy seems to be all but an illusion. Encryption is supposed to be the white knight that keeps our information and communications safe from unwanted eyes, but how secure are the encryption algorithms that we use? Do we put too much trust in those that are charged with implementing our everyday encryption systems? This paper addresses the concept of backdoors in encryption: ways that encryption systems can be implemented so that the security can be bypassed by those that know about its existence. Many governments around the world are pushing for these kinds of bypassing mechanisms to exist so that they may utilize them. The paper discusses the ethical implications of these policies as well as how our current encryption algorithms will hold up to future technology such as quantum computers