A Fast and Verified Software Stack for Secure Function Evaluation

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security Pub Date : 2017-10-30 DOI:10.1145/3133956.3134017

J. Almeida, M. Barbosa, G. Barthe, François Dupressoir, B. Grégoire, Vincent Laporte, Vitor Pereira

{"title":"A Fast and Verified Software Stack for Secure Function Evaluation","authors":"J. Almeida, M. Barbosa, G. Barthe, François Dupressoir, B. Grégoire, Vincent Laporte, Vitor Pereira","doi":"10.1145/3133956.3134017","DOIUrl":null,"url":null,"abstract":"We present a high-assurance software stack for secure function evaluation (SFE). Our stack consists of three components: i. a verified compiler (CircGen) that translates C programs into Boolean circuits; ii. a verified implementation of Yao's SFE protocol based on garbled circuits and oblivious transfer; and iii. transparent application integration and communications via FRESCO, an open-source framework for secure multiparty computation (MPC). CircGen is a general purpose tool that builds on CompCert, a verified optimizing compiler for C. It can be used in arbitrary Boolean circuit-based cryptography deployments. The security of our SFE protocol implementation is formally verified using EasyCrypt, a tool-assisted framework for building high-confidence cryptographic proofs, and it leverages a new formalization of garbled circuits based on the framework of Bellare, Hoang, and Rogaway (CCS 2012). We conduct a practical evaluation of our approach, and conclude that it is competitive with state-of-the-art (unverified) approaches. Our work provides concrete evidence of the feasibility of building efficient, verified, implementations of higher-level cryptographic systems. All our development is publicly available.","PeriodicalId":191367,"journal":{"name":"Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security","volume":"632 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-10-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"29","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3133956.3134017","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 29

Abstract

We present a high-assurance software stack for secure function evaluation (SFE). Our stack consists of three components: i. a verified compiler (CircGen) that translates C programs into Boolean circuits; ii. a verified implementation of Yao's SFE protocol based on garbled circuits and oblivious transfer; and iii. transparent application integration and communications via FRESCO, an open-source framework for secure multiparty computation (MPC). CircGen is a general purpose tool that builds on CompCert, a verified optimizing compiler for C. It can be used in arbitrary Boolean circuit-based cryptography deployments. The security of our SFE protocol implementation is formally verified using EasyCrypt, a tool-assisted framework for building high-confidence cryptographic proofs, and it leverages a new formalization of garbled circuits based on the framework of Bellare, Hoang, and Rogaway (CCS 2012). We conduct a practical evaluation of our approach, and conclude that it is competitive with state-of-the-art (unverified) approaches. Our work provides concrete evidence of the feasibility of building efficient, verified, implementations of higher-level cryptographic systems. All our development is publicly available.

查看原文本刊更多论文

一种快速且经过验证的安全功能评估软件栈

我们提出了一个用于安全功能评估(SFE)的高保证软件堆栈。我们的堆栈由三个部分组成:i.一个经过验证的编译器(CircGen)，它将C程序转换为布尔电路;2姚氏SFE协议基于乱码电路和遗忘传输的验证实现;ⅲ。通过FRESCO透明的应用程序集成和通信，FRESCO是一个安全多方计算(MPC)的开源框架。CircGen是一个通用的工具，它建立在CompCert(一个经过验证的c语言优化编译器)的基础上。它可以用于任意的基于布尔电路的加密部署。我们的SFE协议实现的安全性使用EasyCrypt进行了正式验证，EasyCrypt是一种用于构建高可信度密码证明的工具辅助框架，它利用了基于Bellare, Hoang和Rogaway (CCS 2012)框架的新的乱码电路形式化。我们对我们的方法进行了实际的评估，并得出结论，它与最先进的(未经验证的)方法具有竞争力。我们的工作为构建高效、经过验证的高级密码系统的可行性提供了具体的证据。我们所有的开发都是公开的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security

自引率

0.00%

发文量