200 likes | 424 Views
Joint work with the Cryptography and Security group at the University of Aarhus . An introduction to FRESCO. Framework for Realizing Efficient Secure Computations. Janus Dam Nielsen, ph.d Research and Innovation Scientist The Alexandra Institute. About ”Alexandra Instituttet A/S”.
E N D
Joint work withthe Cryptography and Security group at the University of Aarhus An introduction to FRESCO Framework for Realizing Efficient Secure Computations • Janus Dam Nielsen, ph.d Research and Innovation Scientist TheAlexandraInstitute
About ”Alexandra Instituttet A/S” • Non-profit applicationoriented research institution – focus on IT • 5 labs includingIT-Security • 100+ employees
A Framework for Realizing Efficient Secure Computations • Secure Computations • MPC protocols • Applications which use MPC protocols • E.g. auctions, databases, games, benchmarking, etc. • Efficient • Efficient implementations of MPC protocols and application • Framework • A reusable set of libraries used to implement secure computations • FRESCO is written in Java
Why do we need a framework • Implement protocol independent applications • Reuse MPC protocol implementations • Reuse scaffold infrastructure • Reuse network communication strategies • Fair comparison • Applications, protocols, network • Make it easier to utilize MPC • Share knowledge • Does not require as much effort as a domain specific language
Ressource challenges for MPC applications CPU Memory Network • Use all availablecores • Utilization of the cores • Usecache and RAM • Noswapping • Write time • Latency • Number of writes
FRESCO and CPU utilisation A circuit of gates Level 1 Parallel Level 2 Level 3 Level 4 Ready gate
What is a gate? • A number of input wires • One output wire • A gate canbeevaluated, but onlywhen input is ready • Onlyoneround of communication • It is a unit of work • Uniform, fits most use cases • Evaluatedtwice: before sending and afterreceiving data
FRESCO and networkutilisation - 1 Input Output
FRESCO and networkutilisation - 2 1 2 3 Input 1 2 3 Output
The Architecture of FRESCO Evaluator Program Network Gate Output
Who is in control? Framework
Consequences • Better resource utilisation • Wiring a circuit is tedious
Application Programmer Interface • Application programmers careabout • 8, 16, 32, or 64 bit integers • Booleans • Bits • Openorclosedvalues • Protocolimplementersprovidescircuits for operations onthese types • Addition • Multiplication • xor • Etc.
Circuitsshouldbeplugable • Better suite the level of abstraction of the application programmer • Reusecode BinaryCircuit add = provider.getAddCircuit(x, y, sum); BinaryCircuitmult = provider.getMultCircuit(sum, z, mult); OpenInt open = provider.getOpenCircuit(mult, o); evaluator.eval(add, mult, open); System.out.println(”Result: ” + o);
Practical Experiences • Implementedfollowingprotocols • Passivelysecureshamir VSS [Gennaro, Rabin, Rabin. ”Simplified VSS and Fast-track Multiparty ComputationswithApplications to ThresholdCryptography”] • SHE [Bendlin, Damgård, Orlandi, Zakarias. ”Semi-homomorphicEncryption and Multiparty Computation”] • SPZ [Damgård, Pastro, Smart, Zakarias. ”MultiparyComputation from Somewhathomomorphicencryption”] • TinyOT[Nielsen, Nordholt, Orlandi, Burra. ”A New Approach to PracticalActive-SecureTwo-PartyComputation”] • Kaka[Katz, Malka. ”ConstantRound Private FunctionEvaluation”]
Using FRESCO for Exploration • Implemented the protocol by Gennaro, Rabin, and Rabin once • Implementedthreedifferentstrategies for the network and evaluator • Sequentialnetwork • Parallel networkusingNetty (framework for asynchronous communication) • Parallel networkusingtwodedicatedthreads at eachclient, one for sending and one for receiving data Got a factor of 20 speedupbetween the first and the third
Somenumbers Multiplications [GRR], 1GHz dual core Opteron, 2mb cache, 2 Gb RAM
Thankyou Questions?