Privacy-Preserving Shortest Path Computation

Navigation is one of the most popular cloud computing services. But in virtually all cloud-based navigation systems, the client must reveal her location and destination to the cloud service provider in order to learn the fastest route. In this work, we present a cryptographic protocol for navigation on city streets that provides privacy for both the client's location and the service provider's routing data. Our key ingredient is a novel method for compressing the next-hop routing matrices in networks such as city street maps. Applying our compression method to the map of Los Angeles, for example, we achieve over tenfold reduction in the representation size. In conjunction with other cryptographic techniques, this compressed representation results in an efficient protocol suitable for fully-private real-time navigation on city streets. We demonstrate the practicality of our protocol by benchmarking it on real street map data for major cities such as San Francisco and Washington, D.C.Comment: Extended version of NDSS 2016 pape

Layout Randomization and Nondeterminism

In security, layout randomization is a popular, effective attack mitigation technique. Recent work has aimed to explain it rigorously, focusing on deterministic systems. In this paper, we study layout randomization in the presence of nondeterministic choice. We develop a semantic approach based on denotational models and simulation relations. This approach abstracts from language details, and helps manage the delicate interaction between probabilities and nondeterminism. Keywords: security, semantics, probabilities, nondeterminism, full abstraction

Typage, compilation, et cryptographie pour la programmation repartie securisée

Mes travaux s'articulent principalement autour de trois axes concernant la programmation sécurisée, plus particulièrement dans le cadre d'applications distribuées. Ainsi, nous considérons plusieurs participants ne se faisant pas mutuellement confiance et ayant des niveaux de sécurité différents. On s'intéresse alors au garanties restantes lorsque certains de ces participants sont compromis. Par exemple, lors d'une opération de commerce électronique, le client, le serveur, et la banque ne se font pas mutuellement confiance et font encore moins confiance aux machines intermédiaires du réseau; on veut pourtant qu'une transaction sécurisée puisse avoir lieuWe are more and more dependent on our computing infrastructure, and yet its security is challenged every day. From a research viewpoint, a lot of progress in security has been made, using in particular formal methods and programming language techniques. This has lead us to a first few small, exemplary verified systems and protocols. In spite of these results, it is still hard to gain strong confidence that a program is correct and secure, and most of the software that we depend upon offers very few guarantees. In this thesis, we focus on language-based security by construction. We take as input the specification of a distributed computation involving multiple participants, together with its expected security properties. We then verify that this specification is sound, using static verification techniques such as type systems, and we then automatically generate a program for each participant. During this compilation process, we select adequate cryptographic and hardware mechanisms, such that the compiled programs correctly implement the computation with the required security propertiesPALAISEAU-Polytechnique (914772301) / SudocSudocFranceF

FaCT: A DSL for Timing-Sensitive Computation

International audienc