Top

Formal Methods in System Design

Published in:

14-09-2017

On compiling Boolean circuits optimized for secure multi-party computation

Authors: Niklas Büscher, Martin Franz, Andreas Holzer, Helmut Veith, Stefan Katzenbeisser

Published in: Formal Methods in System Design | Issue 2/2017

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

Secure multi-party computation (MPC) allows two or more distrusting parties to jointly evaluate a function over private inputs. For a long time considered to be a purely theoretical concept, MPC transitioned into a practical and powerful tool to build privacy-enhancing technologies. However, the practicality of MPC is hindered by the difficulty to implement applications on top of the underlying cryptographic protocols. This is because the manual construction of efficient applications, which need to be represented as Boolean or arithmetic circuits, is a complex, error-prone, and time-consuming task. To facilitate the development of further privacy-enhancing technology, multiple compilers have been proposed that create circuits for MPC. Yet, almost all presented compilers only support domain specific languages or provide very limited optimization methods. In this work (this is an extended and revised version of the paper ‘Secure Two-party Computations in ANSI C’ (Holzer et al., in: ACM CCS, 2012) that reflects the progress in secure computation and describes the current optimization tool chain of CBMC-GC) we describe our compiler CBMC-GC that implements a complete tool chain from ANSI C to circuit. Moreover, we give a comprehensive overview of circuit minimization techniques, which we have identified and adapted for the creation of efficient circuits for MPC. With the help of these techniques, our compilation approach allows for a high level of abstraction from the cryptographic primitives used in MPC protocols, as well as the complex design of digital circuits. By using the model checker CBMC as a compiler frontend, we illustrate the link between MPC, formal methods, and digital logic design. Our experimental results illustrate the effectiveness of the implemented optimizations techniques for various example applications. In particular, compared with other state-of-the-art compilers, we show that CBMC-GC compiles circuits from the same source code that are up to four times smaller.

previous article Para: parameterized path reduction, acceleration, and SMT for reachability in threshold-guarded distributed algorithms

next article Shield synthesis

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Available only for authorised users

We note that MPC protocols can be combined with protocols for oblivious storage, e.g., ORAM [21], under various security and performance trade-offs. These constructions are beyond the scope of this work.

https://devblogs.nvidia.com/parallelforall/inside-pascal/.

CBMC-GC is available at www.seceng.de/research/software/cbmc-gc/.

Berkeley logic synthesis and verification group, abc: a system for sequential synthesis and verification, release 30916. http://www.eecs.berkeley.edu/~alanmi/abc/

Bellare M, Hoang VT, Keelveedhi S, Rogaway P (2013) Efficient garbling from a fixed-key blockcipher. In: IEEE S&P

Bilogrevic I, Jadliwala M, Hubaux J, Aad I, Niemi V (2011) Privacy-preserving activity scheduling on mobile devices. In: ACM CODASPY

Bjesse P, Borälv A (2004) Dag-aware circuit compression for formal verification. In: ICCAD

Bogdanov D, Laur S, Willemson J (2008) Sharemind: a framework for fast privacy-preserving computations. In: ESORICS

Bogetoft P, Christensen DL, Damgård I, Geisler M, Jakobsen T, Krøigaard M, Nielsen JD, Nielsen JB, Nielsen K, Pagter J et al (2009) Secure multiparty computation goes live. In: FC

Buchfuhrer D, Umans C (2011) The complexity of Boolean formula minimization. J. Comput. Syst. Sci. 77(1):142–153CrossRefMATHMathSciNet

Buescher N, Holzer A, Weber A, Katzenbeisser S (2016) Compiling low depth circuits for practical secure computation. In: ESORICS

Buescher N, Kretzmer D, Jindal A, Stefan K (2016) Scalable secure computation from ansi-c. In: IEEE WIFS

10.

Büscher N, Katzenbeisser S (2015) Faster secure computation through automatic parallelization. In: USENIX Security

11.

Clarke EM, Kroening D, Lerda F (2004) A tool for checking ANSI-C programs. In: TACAS

12.

Clarke EM, Kroening D, Yorav K (2003) Behavioral consistency of C and verilog programs using bounded model checking. In: DAC

13.

Courtois N, Hulme D, Mourouzis T (2011) Solving circuit optimisation problems in cryptography and cryptanalysi. IACR cryptology ePrint archive

14.

Damgård I, Pastro V, Smart NP, Zakarias S (2012) Multiparty computation from somewhat homomorphic encryption. In: CRYPTO

15.

Darringer JA, Joyner WH, Berman CL, Trevillyan L (1981) Logic synthesis through local transformations. IBM J Res Dev 25:272–280CrossRef

16.

Demmler D, Dessouky G, Koushanfar F, Sadeghi AR, Schneider T, Zeitouni S (2015) Automated synthesis of optimized circuits for secure computation. In: ACM CCS

17.

Demmler D, Schneider T, Zohner M (2015) ABY—a framework for efficient mixed-protocol secure two-party computation. In: NDSS

18.

Erkin Z, Franz M, Guajardo J, Katzenbeisser S, Lagendijk I, Toft T (2009) Privacy-preserving face recognition. In: PETS

19.

Franz M, Holzer A, Katzenbeisser S, Schallhart C, Veith H (2014) CBMC-GC: an ANSI C compiler for secure two-party computations. In: Compiler construction CC

20.

Goldreich O, Micali S, Wigderson A (1987) How to play any mental game or a completeness theorem for protocols with honest majority. In: ACM STOC

21.

Goldreich O, Ostrovsky R (1996) Software protection and simulation on oblivious rams. J ACM 43(3):431–473CrossRefMATHMathSciNet

22.

Goudarzi D, Rivain M (2016) On the multiplicative complexity of boolean functions and bitsliced higher-order masking. In: CHES

23.

Henecka W, Kögl S, Sadeghi AR, Schneider T, Wehrenberg I (2010) TASTY: tool for automating secure two-party computations. In: ACM CCS

24.

Holzer A, Franz M, Katzenbeisser S, Veith H (2012) Secure two-party computations in ANSI C. In: ACM CCS

25.

Kolesnikov V, Sadeghi AR, Schneider T (2009) Improved garbled circuit building blocks and applications to auctions and computing minima. In: CANS

26.

Kolesnikov V, Schneider T (2008) Improved garbled circuit: free XOR gates and applications. In: ICALP

27.

Kreuter B, Shelat A, Mood B, Butler K (2013) PCF: a portable circuit format for scalable two-party secure computation. In: USENIX security

28.

Kreuter B, Shelat A, Shen C (2012) Billion-gate secure computation with malicious adversaries. In: USENIX security

29.

Kuehlmann A (2004) Dynamic transition relation simplification for bounded property checking. In: IEEE ICCAD

30.

Larraia E, Orsini E, Smart NP (2014) Dishonest majority multi-party computation for binary circuits. In: CRYPTO

31.

Liu C, Huang Y, Shi E, Katz J, Hicks MW (2014) Automating efficient RAM-model secure computation. In: IEEE S&P

32.

Liu C, Wang XS, Nayak K, Huang Y, Shi E (2015) ObliVM: a programming framework for secure computation. In: IEEE S&P

33.

Malkhi D, Nisan N, Pinkas B, Sella Y (2004) Fairplay - secure two-party computation system. In: USENIX Security

34.

Mishchenko A, Chatterjee S, Brayton R, Een N (2006) Improvements to combinational equivalence checking. In: IEEE ICCAD

35.

Mishchenko A, Chatterjee S, Brayton RK (2006) Dag-aware AIG rewriting a fresh look at combinational logic synthesis. In: DAC

36.

Mood B, Gupta D, Carter H, Butler K, Traynor P (2016) Frigate: a validated, extensible, and efficient compiler and interpreter for secure computation. In: IEEE Euro S&P

37.

Mood B, Letaw L, Butler K (2012) Memory-efficient garbled circuit generation for mobile devices. In: FC

38.

Nielsen JB, Nordholt PS, Orlandi C, Burra SS (2012) A new approach to practical active-secure two-party computation. In: CRYPTO

39.

Robertson JE (1958) A new class of digital division methods. IRE Trans Electron Comput 3:218–222CrossRef

40.

Schneider T, Zohner M (2013) GMW vs. Yao? Efficient secure two-party computation with low depth circuits. In: FC

41.

Schnorr CP (1974) Zwei lineare untere Schranken für die Komplexität Boolescher Funktionen. Computing 13:155–171CrossRefMATHMathSciNet

42.

Schröpfer A, Kerschbaum F, Müller G (2011) L1—an intermediate language for mixed-protocol secure computation. In: COMPSAC

43.

Songhori EM, Hussain SU, Sadeghi A, Schneider T, Koushanfar F (2015) Tinygarble: Highly compressed and scalable sequential garbled circuits. In: IEEE S&P

44.

Turan MS, Peralta R (2014) The multiplicative complexity of boolean functions on four and five variables. In: LightSec

45.

Yao ACC (1982) Protocols for secure computations (extended abstract). In: IEEE FOCS

46.

Yao ACC (1986) How to generate and exchange secrets (extended abstract). In: IEEE FOCS

47.

Zahur S, Evans D (2015) Obliv-c: a language for extensible data-oblivious computation. IACR cryptology ePrint archive

Title: On compiling Boolean circuits optimized for secure multi-party computation
Authors: Niklas Büscher
Martin Franz
Andreas Holzer
Helmut Veith
Stefan Katzenbeisser
Publication date: 14-09-2017
Publisher: Springer US
Published in: Formal Methods in System Design / Issue 2/2017
Print ISSN: 0925-9856
Electronic ISSN: 1572-8102
DOI: https://doi.org/10.1007/s10703-017-0300-0

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Other articles of this Issue 2/2017

Preface of the Special Issue in Memoriam Helmut Veith

A methodology to take credit for high-level verification during RTL verification

Program synthesis for interactive-security systems

Para: parameterized path reduction, acceleration, and SMT for reachability in threshold-guarded distributed algorithms

Keeping logic in the trivium of computer science: a teaching perspective

Shield synthesis

Premium Partner