Paper 2011/561

A Domain-Specific Language for Computing on Encrypted Data

Alex Bain, John Mitchell, Rahul Sharma, Deian Stefan, and Joe Zimmerman

Abstract

In cloud computing, a client may request computation on confidential data that is sent to untrusted servers. While homomorphic encryption and secure multiparty computation provide building blocks for secure computation, software must be properly structured to preserve confidentiality. Using a general definition of \emph{secure execution platform}, we propose a single Haskell-based domain-specific language for cryptographic cloud computing and prove correctness and confidentiality for two representative and distinctly different implementations of the same programming language. The secret sharing execution platform provides information-theoretic security against colluding servers. The homomorphic encryption execution platform requires only one server, but has limited efficiency, and provides secrecy against a computationally-bounded adversary. Experiments with our implementation suggest promising computational feasibility, as cryptography improves, and show how code can be developed uniformly for a variety of secure cloud platforms, without explicitly programming separate clients and servers.

Note: Listings 3-6 incorrectly included some elements of an environment-based reference semantics for the core calculus, making some of the rules incorrect. In ongoing development of this work, the authors have moved to a standard substitution-based semantics. In addition, one of the indistinguishability conditions was erroneously omitted. This document corrects the above errors.

Metadata
Available format(s)
PDF PS
Category
Applications
Publication info
Published elsewhere. Full version of FSTTCS 2011 publication.
Keywords
Domain-Specific LanguageSecret SharingHomomorphic Encryption
Contact author(s)
deian @ cs stanford edu
History
2012-02-15: revised
2011-10-17: received
See all versions
Short URL
https://ia.cr/2011/561
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2011/561,
      author = {Alex Bain and John Mitchell and Rahul Sharma and Deian Stefan and Joe Zimmerman},
      title = {A Domain-Specific Language for Computing on Encrypted Data},
      howpublished = {Cryptology ePrint Archive, Paper 2011/561},
      year = {2011},
      note = {\url{https://eprint.iacr.org/2011/561}},
      url = {https://eprint.iacr.org/2011/561}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.