Addressing the Trust Asymmetry Problem In Grid Computing with Encrypted Computation Peter A. Dinda Prescience Lab Department of Computer Science Northwestern.

Slides:

Advertisements

Similar presentations

Wei Lu 1, Kate Keahey 2, Tim Freeman 2, Frank Siebenlist 2 1 Indiana University, 2 Argonne National Lab

Advertisements

Runtime Techniques for Efficient and Reliable Program Execution Harry Xu CS 295 Winter 2012.

1 CS101 Introduction to Computing Lecture 17 Algorithms II.

TOPIC : Finite State Machine(FSM) and Flow Tables UNIT 1 : Modeling Module 1.4 : Modeling Sequential circuits.

Give qualifications of instructors: DAP

Nondeterministic Queries in a Relational Grid Information Service Peter A. Dinda Dong Lu Prescience Lab Department of Computer Science Northwestern University.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

CS 151 Digital Systems Design Lecture 37 Register Transfer Level

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

CIM2564 Introduction to Development Frameworks 1 Overview of a Development Framework Topic 1.

© Janice Regan Problem-Solving Process 1. State the Problem (Problem Specification) 2. Analyze the problem: outline solution requirements and design.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

©TheMcGraw-Hill Companies, Inc. Permission required for reproduction or display. COMPSCI 125 Introduction to Computer Science I.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Security Considerations in Adaptive Middleware Security and Mobile Agents Ajanta – Mobile Agent’s research project papers (

Give qualifications of instructors: DAP

©TheMcGraw-Hill Companies, Inc. Permission required for reproduction or display. COMPSCI 125 Introduction to Computer Science I.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.

Presenter: PCLee Design Automation Conference, ASP-DAC '07. Asia and South Pacific.

An Optimization Problem in Adaptive Virtual Environments Ananth I. Sundararaj Manan Sanghi Jack R. Lange Peter A. Dinda Prescience Lab Department of Computer.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 5 Wenbing Zhao Department of Electrical and Computer Engineering.

Outline Chapter 1 Hardware, Software, Programming, Web surfing, … Chapter Goals –Describe the layers of a computer system –Describe the concept.

The Whats and Whys of Whole System Virtualization Peter A. Dinda Prescience Lab Department of Computer Science Northwestern University

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

David Froot.  How do we transmit information and data, especially over the internet, in a way that is secure and unreadable by anyone but the sender.

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

Copyright © 2012 Pearson Education, Inc. Chapter 1: Introduction to Computers and Programming 1.

Intro to Architecture – Page 1 of 22CSCI 4717 – Computer Architecture CSCI 4717/5717 Computer Architecture Topic: Introduction Reading: Chapter 1.

Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.

Software Overview. Why review software? Software is the set of instructions that tells hardware what to do The reason for hardware is to execute a program.

Encryption and Security Dylan Anderson Michael Huffman Julie Rothacher Dylan Anderson Michael Huffman Julie Rothacher.

On the Practical Feasibility of Secure Distributed Computing A Case Study Gregory Neven, Frank Piessens, Bart De Decker Dept. of Computer Science, K.U.Leuven.

Invitation to Computer Science 5 th Edition Chapter 6 An Introduction to System Software and Virtual Machine s.

Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.

Hashing Algorithms: Basic Concepts and SHA-2 CSCI 5857: Encoding and Encryption.

COMPUTER SECURITY MIDTERM REVIEW CS161 University of California BerkeleyApril 4, 2012.

Problem Solving Techniques. Compiler n Is a computer program whose purpose is to take a description of a desired program coded in a programming language.

Week 10Complexity of Algorithms1 Hard Computational Problems Some computational problems are hard Despite a numerous attempts we do not know any efficient.

An Introduction to Software Engineering. Communication Systems.

INTRODUCTION TO COMPUTING CHAPTER NO. 04. Programming Languages Program Algorithms and Pseudo Code Properties and Advantages of Algorithms Flowchart (Symbols.

1 Optimizing compiler tools and building blocks project Alexander Drozdov, PhD Sergey Novikov, PhD.

Major Disciplines in Computer Science Ken Nguyen Department of Information Technology Clayton State University.

1 Information Security – Theory vs. Reality , Winter Lecture 10: Garbled circuits and obfuscation Eran Tromer Slides credit: Boaz.

Lecture 2: Introduction to Cryptography

1 CSCD 326 Data Structures I Software Design. 2 The Software Life Cycle 1. Specification 2. Design 3. Risk Analysis 4. Verification 5. Coding 6. Testing.

NEW DIRECTIONS IN CRYPTOGRAPHY Made Harta Dwijaksara, Yi Jae Park.

CS 127 Introduction to Computer Science. What is a computer?  “A machine that stores and manipulates information under the control of a changeable program”

CSE 351 Number Representation & Operators Section 2 October 8, 2015.

Verifying Programs with BDDs Topics Representing Boolean functions with Binary Decision Diagrams Application to program verification class-bdd.ppt

Introduction to ASIC flow and Verilog HDL

JavaScript 101 Introduction to Programming. Topics What is programming? The common elements found in most programming languages Introduction to JavaScript.

CSE 351 Number Representation. Number Bases Any numerical value can be represented as a linear combination of powers of n, where n is an integer greater.

Abstraction, Privacy, and the Internet. What is Abstraction? “The act of withdrawing or removing something” “The act or process of leaving out of consideration.

Lecture #1: Introduction to Algorithms and Problem Solving Dr. Hmood Al-Dossari King Saud University Department of Computer Science 6 February 2012.

Enabling Control over Adaptive Program Transformation for Dynamically Evolving Mobile Software Validation Mike Jochen, Anteneh Anteneh, Lori Pollock University.

Introductory Lecture. What is Discrete Mathematics? Discrete mathematics is the part of mathematics devoted to the study of discrete (as opposed to continuous)

Quantum Computing: An Introduction

Compilers and Security

Creativity of Algorithms & Simple JavaScript Commands

COMPUTER ORGANIZATION & ASSEMBLY LANGUAGE

State your reasons or how to keep proofs while optimizing code

PART VII Security.

Lesson 15: Processing Arrays

CompSci 1: Principles of Computer Science Lecture 1 Course Overview

Paper by D.L Parnas And D.P.Siewiorek Prepared by Xi Chen May 16,2003

Operating System Concepts

Presentation transcript:

Addressing the Trust Asymmetry Problem In Grid Computing with Encrypted Computation Peter A. Dinda Prescience Lab Department of Computer Science Northwestern University

2 Takeaway Trust asymmetry is a core, unresolved problem in scalable computing Encrypted computation is the right approach This community is the right one to solve this problem

3 Outline Trust asymmetry problem Critique of approaches Encrypted computation scheme –Boolean circuits –Basic blocks –Control flow Discussion

4 Trust Asymmetry Input Program

5 Trust Asymmetry Input Program Secure Channel

6 Trust Asymmetry Input Program Secure Channel Output

7 Trust Asymmetry Input Program Secure Channel Output

8 Trust Asymmetry Input Program Secure Channel Output Protected Execution Environment

9 Trust Asymmetry Input Program Secure Channel Output Protected Execution Environment

10 Trust Asymmetry Provider need not trust user at all User must trust provider completely

11 Consequences Scaling limited to machines user trusts Very large scale domain limited to low stakes applications DESCHALL, etc. High stakes applications have limited provider pool IBM, Sun, other vendors willing to do indemnification Economic inefficiency

12 Approaches Trust chains Attestation Obfuscation Encrypted computation

13 Trust Chains No direct protection of input, code, or output I trust X to do A because Y, who I trust, says I can –Chains of such trust assertions –Digital certificates –Example: SSL Certificates on the web –Example: Grid Certificates [Globus]

14 Problems Human in the loop… –Slow Or human has to write policy –Easy to get wrong Trust chains are complex to understand and evaluate against policy –Area of current research! Revocation

15 Attestation Certificate chain rooted in trusted hardware attests to software stack of machine [Terra, Paladium] Run only if you trust the software stack

16 Problems How do you know a software stack is OK? –Human in the loop… –Or writing policy What happens when stack changes? –Patches –“Semantic attestation”

17 Obfuscation Use compiler optimization technology to make code confusing [Collberg]

18 Problems No protection of input or output No proofs of difficulty of subversion

19 Encrypted Computation Apply techniques invented for encrypted communication Algorithm-specific techniques [Sander,Song] General purpose techniques –Typically focuses on Boolean circuit

20 General Purpose Encrypted Computation Seminal work: Abadi&Feigenbaum –Secure evaluation of Boolean circuit –“Interactive” More recently: Non-interactive –Sander and Tschudin: polynomials –Loureiro: Boolean circuits

21 Desirable Properties Protect inputs, outputs, and algorithm No trust needed at all Detect lies Analogy with communication –We don’t have to trust an Internet path –Trust is limited to endpoints

22 Problems Very abstract and theoretical –No implementations Unclear performance issues These are things the compiler community can help with

23 Our Simple Method For Boolean Circuits X f Secure Channel Y Protected Execution Environment

24 Our Simple Method For Boolean Circuits X f Y ED One-time pads f’E D X’Y’ Remote Execution

25 Example: Y = fX x1 x2 x3 y1 y2 X1X2X3Y1Y

26 One-time Pad Refresher One of the oldest, but most secure encryption systems Have random bit sequence E Encrypt bit sequence X using X’ = X xor E Decrypt by X = X’ xor E

27 XOR as Multiplexor x e e x

28 Procedure Choose pads E and D Example –E = 1,0,1 –D = 1,0 Where bit is 1, double-invert

29 x1 x2 x3 y1 y2 f’=DfE X X’ Y’ E E D D Y Y=DDfEEX

30 Procedure Now “flatten” f’ back into sum of products and re-optimize

31 x1’ x2’ x3’ y1’ y2’ X1’X2’X3’Y1’Y2’ f’=DfE

32 x1 x2 x3 y1 y2 X1X2X3Y1Y f

33 Concerns Currently no proof of difficulty to subvert Circuit growth limit? Will an automatic optimizer simply find the original configuration? Detecting lies –Embedded test circuit with known behavior “mixed” into circuit How much reuse can we have?

34 Basic Blocks Obvious analog on data flow graph does not work Must convert data flow graph into Boolean circuit, apply technique, and then generate new basic block from the circuit

35 Control Flow Generate Mealy or Moore machine Apply technique to combinational element Generate new code

36 Concerns Code generation could “find” that the transparent implementation is best Efficient code generation from Boolean circuit Code size blowup Performance loss –Will determine in which regimes this is practical

37 Current Status Proving how difficult it is to “unfold” the collapsed circuit Working toward proof-of-concept implementation as binary-to-binary translator for.NET CLR

38 Takeaway Trust asymmetry is a core, unresolved problem in scalable computing Encrypted computation is the right approach This community is the right one to solve this problem Demonstrated straightforward scheme

39 For More Information Prescience Lab – Virtuoso – Join our user comfort study! –