A SMART-GENTRY BASED SOFTWARE SYSTEM FOR SECRET PROGRAM EXECUTION

Michael Brenner, Jan Wiebelitz, Gabriele von Voigt, Matthew Smith

Abstract

Currently generic executable programs can only be encrypted during transmission and storage. To execute the program itself and the data it operates on must be decrypted. If the execution system is not trusted or compromised, both the program code and data are endangered. Recent advances in homomorphic cryptography show how additions and multiplications can be executed in encrypted space, i.e. without decrypting the information, the arithmetic operations themselves are not encrypted. To date, a universal implementation of a homomorphic system, capable of executing arbitrary programs and allowing for practical experiences is still missing. In this paper we present the first method to compute a non-linear arbitrary secret program on an untrusted resource using fully homomorphic encrypted circuits. We use our own implementation of the Smart-Gentry crypto-system as a foundation and define a processor architecture which is capable of executing encrypted programs on encrypted data. Unlike other approaches, such as static one-pass boolean circuit simulations, our system supports read and write memory access, dynamic parameters and non-linear programs, that render branch-decisions at runtime and cannot be represented in a circuit with hard-wired in-circuit parameters and data. Our implementation comprises the runtime environment for an encrypted program and an assembler to generate the encrypted machine code. The system represents a first step to show the capabilities of homomorphic encryption in software and system architecture.

References

  1. Abadi, M. and Feigenbaum, J. (1990). Secure circuit evaluation. Journal of Cryptology, 2:1-12. 10.1007/BF02252866.
  2. Brenner, M., Wiebelitz, J., von Voigt, G., and Smith, M. (2011). Secret program execution in the cloud applying homomorphic encryption. In Proceedings of the 5th IEEE International Conference on Digital Ecosystems (DEST 2011), to appear, DEST'11, USA. IEEE.
  3. Cybenko, G. (2007). System and methods for encrypted execution of computer programs.
  4. Gentry, C. (2009). Fully homomorphic encryption using ideal lattices. In Proceedings of the 41st annual ACM symposium on Theory of computing, STOC 7809, pages 169-178, New York, NY, USA. ACM.
  5. Goldreich, O. and Ostrovsky, R. (1996). Software protection and simulation on oblivious rams. J. ACM, 43:431-473.
  6. Hennessy, J. L. and Patterson, D. A. (2006). Computer Architecture. A Quantitative Approach. Academic Press.
  7. Kolesnikov, V., Sadeghi, A.-R., and Schneider, T. (2009). How to combine homomorphic encryption and garbled circuits - improved circuits and computing the minimum distance efficiently. In Signal Processing in the Encrypted Domain, SPEED'09, Lausanne, Switzerland. SPEED Project.
  8. Lee, H., Alves-Foss, J., and Harrison, S. (2001). Securing mobile agents through evaluation of encrypted functions. Technical report, Center for Secure and Dependable Software Computer Science Department, University of Idaho.
  9. Malkhi, D., Nisan, N., Pinkas, B., and Sella, Y. (2004). Fairplay - a secure two-party computation system. In Proceedings of the 13th conference on USENIX Security Symposium - Volume 13, SSYM'04, pages 20-20, Berkeley, CA, USA. USENIX Association.
  10. Pinkas, B. and Reinman, T. (2010). Oblivious ram revisited. In Rabin, T., editor, Advances in Cryptology CRYPTO 2010, volume 6223 of Lecture Notes in Computer Science, pages 502-519. Springer Berlin / Heidelberg. 10.1007/978-3-642-14623-7 27.
  11. Sander, T. and Tschudin, C. (1998a). Protecting mobile agents against malicious hosts. In Vigna, G., editor, Mobile Agents and Security, volume 1419 of LNCS, pages 44-60. Springer Berlin / Heidelberg. 10.1007/3- 540-68671-1 4.
  12. Sander, T. and Tschudin, C. F. (1998b). Towards mobile cryptography. Security and Privacy, IEEE Symposium on, 0:0215.
  13. Smart, N. and Vercauteren, F. (2010). Fully homomorphic encryption with relatively small key and ciphertext sizes. In Public Key Cryptography PKC 2010, volume 6056 of LNCS, pages 420-443. Springer Berlin / Heidelberg.
  14. Yao, A. C.-C. (1986). How to generate and exchange secrets. Foundations of Computer Science, Annual IEEE Symposium on, 0:162-167.
Download


Paper Citation


in Harvard Style

Brenner M., Wiebelitz J., von Voigt G. and Smith M. (2011). A SMART-GENTRY BASED SOFTWARE SYSTEM FOR SECRET PROGRAM EXECUTION . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2011) ISBN 978-989-8425-71-3, pages 238-244. DOI: 10.5220/0003445802380244


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2011)
TI - A SMART-GENTRY BASED SOFTWARE SYSTEM FOR SECRET PROGRAM EXECUTION
SN - 978-989-8425-71-3
AU - Brenner M.
AU - Wiebelitz J.
AU - von Voigt G.
AU - Smith M.
PY - 2011
SP - 238
EP - 244
DO - 10.5220/0003445802380244


in Bibtex Style

@conference{secrypt11,
author={Michael Brenner and Jan Wiebelitz and Gabriele von Voigt and Matthew Smith},
title={A SMART-GENTRY BASED SOFTWARE SYSTEM FOR SECRET PROGRAM EXECUTION},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2011)},
year={2011},
pages={238-244},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003445802380244},
isbn={978-989-8425-71-3},
}