| NSF Org: |
CNS Division Of Computer and Network Systems |
| Recipient: |
|
| Initial Amendment Date: | May 17, 2016 |
| Latest Amendment Date: | April 11, 2019 |
| Award Number: | 1562888 |
| Award Instrument: | Standard Grant |
| Program Manager: |
Nina Amla
namla@nsf.gov (703)292-7991 CNS Division Of Computer and Network Systems CSE Directorate for Computer and Information Science and Engineering |
| Start Date: | May 15, 2016 |
| End Date: | July 31, 2020 (Estimated) |
| Total Intended Award Amount: | $364,769.00 |
| Total Awarded Amount to Date: | $364,769.00 |
| Funds Obligated to Date: |
|
| History of Investigator: |
|
| Recipient Sponsored Research Office: |
150 MUNSON ST NEW HAVEN CT US 06511-3572 (203)785-4689 |
| Sponsor Congressional District: |
|
| Primary Place of Performance: |
AKW, 51 Prospect Street New Haven CT US 06520-8285 |
| Primary Place of
Performance Congressional District: |
|
| Unique Entity Identifier (UEI): |
|
| Parent UEI: |
|
| NSF Program(s): | Secure &Trustworthy Cyberspace |
| Primary Program Source: |
|
| Program Reference Code(s): |
|
| Program Element Code(s): |
|
| Award Agency Code: | 4900 |
| Fund Agency Code: | 4900 |
| Assistance Listing Number(s): | 47.070 |
ABSTRACT
Secure computation allows users to collaboratively compute any program on their private data, while ensuring that they learn nothing beyond the output of the computation. Existing protocols for secure computation primarily rely on a boolean-circuit representation for the program being evaluated, which can be highly inefficient. This project focuses on developing secure-computation protocols in the RAM model of computation. Particularly challenging here is the need to ensure that memory accesses are oblivious, and do not leak information about private data. We are designing efficient oblivious data structures that can be used as general-purpose building blocks for secure protocols in the RAM model of computation.
This project develops a framework that enables programmers to write high-level code that can then be compiled by a back-end algorithm that analyzes the code and makes use of the oblivious data structures we provide. This work is influenced by the needs of real applications, and the techniques to analyze the exact requirements of the program will evaluated and to tailor the resulting protocol to those requirements. This project aims to develop tools making secure computation more accessible to non-specialists, so it can be more broadly used to perform computations on private data. The PIs on this project mentor both graduate and undergraduate students and actively encourage involvement of minority students. The project develops new course materials and interact with the broader community through involvement in the IEEE cybersecurity initiative and the Maryland Cybersecurity Council.
PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH
Note:
When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external
site maintained by the publisher. Some full text articles may not yet be available without a
charge during the embargo (administrative interval).
Some links on this page may take you to non-federal websites. Their policies may differ from
this site.
PROJECT OUTCOMES REPORT
Disclaimer
This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.
Secure computation protocols enable multiple distrusting parties, each with their own private input, to interact and perform some agreed upon computation, revealing nothing in the process beyond the result of that computation. Traditionally, protocols for secure computation are designed in the circuit model. One benefit of this approach is that circuits are stateless, which precludes the participants from learning something about the other user inputs through memory access patterns. Unfortunately, the reliance on a circuit representation is also limiting, as access to memory can provide algorithms that are asymptotically faster than circuit-based computation. Oblivious RAM protocols allow us to fix this problem, by providing a method for accessing memory obliviously -- that is, without revealing which location in memory has been fetched.
The use of ORAM in secure computation was relatively unexplored prior to our work in this project. The fact that it can be used generically had been observed twenty years ago, but since that time, researchers in the field have begun to optimize constructions of secure computation with an eye on concrete performance. The concrete performance of a generic approach to using Oblivious RAM inside a secure computation is prohibitively expensive.
In this project, we have explored several directions for improving the use of oblivious memory access in secure computation:
Constructing new ORAM protocols. ORAM was originally designed for a client/server model in which the client has storage constraints, but is allowed to see all data. In secure computation, all parties have similar storage constraints, but none may see the data. We designed new ORAM protocols for this setting, improving efficiency by leveraging the fact that the parties have linear storage. Additionally, our protocols are faster to instantiate than existing constructions in the client/server model. In this same direction, we have designed new oblivious data structures that have better memory locality, allowing the server to reduce the total number of physical memory accesses while preserving privacy.
Constructing new languages. We developed a new programming language, called L_obliv, for writing oblivious algorithms and data structures (including ORAM). We have proven that type-correct programs in L-obliv offer probabilistic obliviousness: no matter the values of secrets, the distribution of publicly observable traces is unaffected.
Exploring other notions of data obliviousness. We have begun the investigation of alternatives to fully oblivious computation. Specifically, we have investigated a security definition that allows some leakage in the form of memory access patterns, but admits a proof that the leakage preserves differential privacy for the users that have contributed data.
Leveraging data oblivious computation in program analysis. We have explored methods for securely performing static analysis without revealing the details of the program. This allows us to formally verify properties of the given code while maintaining privacy.
Last Modified: 02/14/2021
Modified by: Ruzica Piskac
Please report errors in award information by writing to: awardsearch@nsf.gov.
