ORAM – Used for Secure Computation by Venkatasatheesh Piduri 1.

Slides:



Advertisements
Similar presentations
Polylogarithmic Private Approximations and Efficient Matching
Advertisements

Efficient Private Approximation Protocols Piotr Indyk David Woodruff Work in progress.
Revisiting the efficiency of malicious two party computation David Woodruff MIT.
GCSE Computing Lesson 5.
Secure Computation of Linear Algebraic Functions
Gate Evaluation Secret Sharing and Secure Two-Party Computation Vladimir Kolesnikov University of Toronto
Yan Huang, David Evans, Jonathan Katz
Synopsys University Courseware Copyright © 2012 Synopsys, Inc. All rights reserved. Compiler Optimization and Code Generation Lecture - 3 Developed By:
MATH 224 – Discrete Mathematics
Secure Evaluation of Multivariate Polynomials
Oblivious Branching Program Evaluation
Efficient Information Retrieval for Ranked Queries in Cost-Effective Cloud Environments Presenter: Qin Liu a,b Joint work with Chiu C. Tan b, Jie Wu b,
Rational Oblivious Transfer KARTIK NAYAK, XIONG FAN.
CS555Topic 241 Cryptography CS 555 Topic 24: Secure Function Evaluation.
Amortizing Garbled Circuits Yan Huang, Jonathan Katz, Alex Malozemoff (UMD) Vlad Kolesnikov (Bell Labs) Ranjit Kumaresan (Technion) Cut-and-Choose Yao-Based.
Introduction to Modern Cryptography, Lecture 12 Secure Multi-Party Computation.
Automating Efficient RAM- Model Secure Computation Chang Liu, Yan Huang, Elaine Shi, Jonathan Katz, Michael Hicks University of Maryland, College Park.
Yan Huang, Jonathan Katz, David Evans University of Maryland, University of Virginia Efficient Secure Two-Party Computation Using Symmetric Cut-and-Choose.
Code Shape III Booleans, Relationals, & Control flow Copyright 2003, Keith D. Cooper, Ken Kennedy & Linda Torczon, all rights reserved. Students enrolled.
Complexity Analysis (Part I)
1 Introduction to Secure Computation Benny Pinkas HP Labs, Princeton.
Concept of Basic Time Complexity Problem size (Input size) Time complexity analysis.
Basic Building Blocks of Programming. Variables and Assignment Think of a variable as an empty container Assignment symbol (=) means putting a value into.
Algorithms. Introduction Before writing a program: –Have a thorough understanding of the problem –Carefully plan an approach for solving it While writing.
On Everlasting Security in the Hybrid Bounded Storage Model Danny Harnik Moni Naor.
1 ES 314 Advanced Programming Lec 2 Sept 3 Goals: Complete the discussion of problem Review of C++ Object-oriented design Arrays and pointers.
Privacy Preserving Learning of Decision Trees Benny Pinkas HP Labs Joint work with Yehuda Lindell (done while at the Weizmann Institute)
SPAR-MPC Day 2 Breakout Sessions Mayank Varia 29 May 2014.
Chang Liu, Michael Hicks, Elaine Shi The University of Maryland, College Park.
An Introduction Chapter Chapter 1 Introduction2 Computer Systems  Programmable machines  Hardware + Software (program) HardwareProgram.
Array operations II manipulating arrays and measuring performance.
Oblivious Data Structures Xiao Shaun Wang, Kartik Nayak, Chang Liu, T-H. Hubert Chan, Elaine Shi, Emil Stefanov, Yan Huang 1.
ObliVM: A Programming Framework for Secure Computation
ObliVM: A Programming Framework for Secure Computation
Introduction. 2COMPSCI Computer Science Fundamentals.
Slide 1 Vitaly Shmatikov CS 380S Yao’s Protocol. slide Yao’s Protocol uCompute any function securely … in the semi-honest model uFirst, convert.
Slide 1 Yao’s Protocol. slide Yao’s Protocol uCompute any function securely … in the semi-honest model uFirst, convert the function into a boolean.
ELEN 033 Lecture #1 Tokunbo Ogunfunmi Santa Clara University.
1 Information Security – Theory vs. Reality , Winter Lecture 10: Garbled circuits and obfuscation Eran Tromer Slides credit: Boaz.
Algorithms & FlowchartsLecture 10. Algorithm’s CONCEPT.
Chapter 9 slide 1 Introduction to Search Algorithms Search: locate an item in a list (array, vector, table, etc.) of information Two algorithms (methods):
Introduction to Code Generation Copyright 2003, Keith D. Cooper, Ken Kennedy & Linda Torczon, all rights reserved. Students enrolled in Comp 412 at Rice.
Introduction to Analysis of Algorithms CS342 S2004.
Privacy Preserving Payments in Credit Networks By: Moreno-Sanchez et al from Saarland University Presented By: Cody Watson Some Slides Borrowed From NDSS’15.
Jonathan Katz Professor, Computer Science, UMD Director, Maryland Cybersecurity Center Secure Computation.
(c) , University of Washington18a-1 CSC 143 Java Searching and Recursion N&H Chapters 13, 17.
Invitation to Computer Science 5 th Edition Chapter 2 The Algorithmic Foundations of Computer Science.
Onlinedeeneislam.blogspot.com1 Design and Analysis of Algorithms Slide # 1 Download From
Efficient Oblivious Transfer with Stateless Secure Tokens Alcatel-Lucent Bell Labs Vlad Kolesnikov.
Why do we study algorithms?. 2 First results are about bats and dolphins.
 Introduction to Search Algorithms  Linear Search  Binary Search 9-2.
OCR A Level F453: The function and purpose of translators Translators a. describe the need for, and use of, translators to convert source code.
Secure Computation Pragmatics Yan Huang Indiana University May 10, 2016.
Verifiable Distributed Oblivious Transfer and Mobile-agent Security Speaker: Sheng Zhong (joint work with Yang Richard Yang) Yale University.
Secure Computation Basics Yan Huang Indiana University May 9, 2016.
©SoftMoore ConsultingSlide 1 Code Optimization. ©SoftMoore ConsultingSlide 2 Code Optimization Code generation techniques and transformations that result.
Multi-Party Computation r n parties: P 1,…,P n  P i has input s i  Parties want to compute f(s 1,…,s n ) together  P i doesn’t want any information.
Complexity Analysis (Part I)
Optimization Code Optimization ©SoftMoore Consulting.
Introduction to Algorithms
Laconic Oblivious Transfer and its Applications
The first Few Slides stolen from Boaz Barak
Cryptography CS 555 Lecture 22
Gate Evaluation Secret Sharing and Secure Two-Party Computation
Introduction to Code Generation
Mastering Memory Modes
Computer Systems An Introducton.
Path Oram An Extremely Simple Oblivious RAM Protocol
Complexity Analysis (Part I)
Complexity Analysis (Part I)
Presentation transcript:

ORAM – Used for Secure Computation by Venkatasatheesh Piduri 1

Basics What is secure Computation Why it is important Different Methods 2

Secure Computation My age is 16 I do not want Bob to know My age is 12 I do not want Alice to know Who is the oldest? 3

Secure Computation Traditional solutions use circuit abstraction >=16?12 No, I am older than Bob OT [Yao, 1982] Garbled Circuit 4

Papers for discussion 1.* Automating Efficient RAM-Model Secure Computation, SP14 2.Burst ORAM: Minimizing ORAM Response Times for Bursty Access Patterns, SEC14 5

Terms Third party computation Semi honest model Adversarial behavior Oblivious transfer Memory access pattern Garbled circuit 6

Introduction Traditional circuit approach RAM- SC model Automating efficient RAM- Model 7

Key building blocks of RAM model SC Oblivious RAM – a cryptographic primitive that hides memory access patterns by randomly shuffling data in memory. Each memory read/ write incurs poly log n actual memory accesses 8

Automating Efficient RAM – About Define Intermediate representation Type system Automated compiler – transfers high level program into secure computation protocol. 9

Continue Intermediate representation and Type system – Helps in avoiding expensive circuit 10

Automating RAM-model Secure Computation SCVM Intermediat e Representat ion Progra m in source langua ge Secure computati on protocol Programmer Crypto Non-Expert Front-end compiler Front-end compiler Back-end compiler Back-end compiler Type Checker Usability Formal Security Efficiency 11

Automating RAM-model Secure Computation SCVM Intermediat e Representat ion Progra m in source langua ge Secure computati on protocol Programmer Front-end compiler Front-end compiler Back-end compiler Back-end compiler Type Checker Usability Formal Security Efficiency 12

Automating RAM-model Secure Computation SCVM Intermediat e Representat ion Progra m in source langua ge Secure computati on protocol Programmer Front-end compiler Front-end compiler Back-end compiler Back-end compiler Type Checker Usability Formal Security Efficiency 13

Toward generating efficient protocol Instruction-trace obliviousness Memory-trace obliviousness Mixed-mode execution 14

Toward generating efficient protocol Instruction-trace obliviousness 15

Program counter leaks information The instructions being executed leak information if(a[mid] <key) l = mid + 1; else r = mid; 16

Program counter leaks information The instructions being executed leak information if(a[mid] <key) l = mid + 1; else r = mid; 17

Program counter leaks information The instructions being executed leak information if(a[mid] <key) l = mid + 1; else r = mid; 18

Program counter leaks information The instructions being executed leak information if(a[mid] <key) l = mid + 1; else r = mid; Universal Circuit Instruction Execute ALL instructions! INEFFICIENT! new pc value 19

Instruction-trace obliviousness if(a[mid] <key) l = mid + 1; else r = mid;t1=a[mid]; cmp = t1<key; t2=mid+1; l=mux(cmp, t2, l); r=mux(cmp, r, mid); Instruction-trace oblivious programs, e.g. straight-line programs, can avoid the universal circuit 20

Toward generating efficient protocol Instruction-trace obliviousness Memory-trace obliviousness 21

Memory Trace Obliviousness int count(public int n, alice int* data, bob int T) { int count = 0; for(int i=0; i<n; ++i) { if(data[i]==T) count = count+1; } data need not be stored in an ORAM RAM Linear scan 22

Toward generating efficient protocol Instruction-trace obliviousness Memory-trace obliviousness Mixed-mode execution 23

Mix-mode Execution When code can be computed locally or publicly, a secure computation protocol is not necessary E.g. sorting the array before performing binary search. { P, A, B, O} 24

Compilation Typing the source language Labeling statements On secret branching On secret while looping – can impose constraint Declassification – info can flow from only low secure to high Correctness - type checker 25

Evaluation KMP string matching algorithm Dijkstra’s shortest distance algorithm Inverse Permutation Aggregation over sliding windows Binary Search Heap Data Structure 26

Evaluation Little compile time compared to earlier circuit model compilers Metric – block cipher evaluations as performance metric 27

Thank you 28

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.