WO2017015357A1 - Systems and processes for executing private programs on untrusted computers - Google Patents
Systems and processes for executing private programs on untrusted computers Download PDFInfo
- Publication number
- WO2017015357A1 WO2017015357A1 PCT/US2016/043117 US2016043117W WO2017015357A1 WO 2017015357 A1 WO2017015357 A1 WO 2017015357A1 US 2016043117 W US2016043117 W US 2016043117W WO 2017015357 A1 WO2017015357 A1 WO 2017015357A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- computer
- driver
- sending
- trusted
- operations
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 111
- 230000008569 process Effects 0.000 title description 23
- 238000004590 computer program Methods 0.000 claims abstract description 29
- 230000006870 function Effects 0.000 claims description 87
- 230000004044 response Effects 0.000 claims description 47
- 230000007704 transition Effects 0.000 claims description 33
- 238000006467 substitution reaction Methods 0.000 claims description 31
- 239000000654 additive Substances 0.000 claims description 18
- 230000000996 additive effect Effects 0.000 claims description 18
- 230000006399 behavior Effects 0.000 claims description 9
- 230000035772 mutation Effects 0.000 claims description 7
- 230000001131 transforming effect Effects 0.000 claims 4
- 238000004364 calculation method Methods 0.000 description 7
- 238000004891 communication Methods 0.000 description 6
- 239000013256 coordination polymer Substances 0.000 description 4
- 230000003993 interaction Effects 0.000 description 4
- 238000006243 chemical reaction Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000001419 dependent effect Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 101710157310 Tegument protein UL47 homolog Proteins 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000015556 catabolic process Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000006731 degradation reaction Methods 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 238000007619 statistical method Methods 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
- 238000000844 transformation Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/18—Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/104—Peer-to-peer [P2P] networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/008—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/04—Masking or blinding
- H04L2209/046—Masking or blinding of operations, operands or results of the operations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/16—Obfuscation or hiding, e.g. involving white box
Definitions
- the disclosed invention is in the field of computing security.
- the present invention provides methods for executing a computer program comprising: dividing a computer program into a series of operations, the computer program being on a trusted computer connected to at least one other computer; sending each operation of the series of operations with accompanying instructions to the at least one other computer, the accompanying instructions operative to compute a result of the respective operation and forward the result to another computer; and receiving, at the trusted computer, a computed outcome of the computer program.
- the present invention also provides systems for executing a computer program.
- the system may comprise at least one trusted computer communicatively connected to at least one other computer.
- a first trusted computer of the at least one trusted computer may have computer instructions stored thereon that, during execution, cause the system to perform operations comprising a program execution process.
- the process may include dividing a computer program on the first trusted computer into a series of operations, sending each operation of the series of operations with accompanying instructions to the at least one other computer, wherein the accompanying instructions operate to compute a result of the respective operation and forward the result to another computer, and receiving, at the first trusted computer, a computed outcome of the computer program.
- FIG 1 illustrates an embodiment of the present invention directed to shredding a program across networked computers
- FIG 2 illustrates an embodiment of the present invention directed to split device driver operation
- FIG 3 illustrates an embodiment of the present invention directed to symmetric- key encryption and decryption operations for shreds of code and data
- FIG 4 illustrates an embodiment of the present invention directed to obfuscating shreds
- FIG 5 illustrates an embodiment of the present invention directed to shredding a circuit gate operation
- FIG 6 illustrates an embodiment of the present invention directed to shredding another circuit gate operation
- FIG 7 illustrates an embodiment of the present invention directed to shredding a circuit gate operation with an additional layer of obfuscation
- FIG 8 illustrates an embodiment of the present invention directed to shredding an arbitrary circuit of gate operations on a network of computers
- FIG 9 illustrates an embodiment of the present invention directed to shredding an operation with added encryption
- FIG 10 illustrates normal device driver operation
- FIG 11 illustrates an embodiment of the present invention directed to split device driver operation
- FIG 12 illustrates an embodiment of the present invention directed to shredding a mathematical operation
- FIG 13 illustrates an embodiment of the present invention directed to shredding another mathematical operation
- FIG 14 illustrates an embodiment of the present invention directed to shredding a transition encryption function
- FIG 15 illustrates an embodiment of the present invention directed to shredding another transition encryption function
- FIG 16 illustrates an embodiment of the present invention directed to shredding an encrypted comparison operation
- FIG 17 illustrates an embodiment of the present invention directed to shredding another encrypted comparison operation
- FIG 18 illustrates an embodiment of the present invention directed to shredding a mathematical obfuscation transition function
- FIG 19 illustrates an embodiment of the present invention directed to shredding another mathematical obfuscation transition function.
- the solution disclosed herein includes a method for executing a computer program on a trusted computer networked to at least one other computer and a system capable of performing that method.
- the method includes: dividing the computer program into a series of operations; sending each operation of the series of operations to the at least one other computer, each operation having accompanying instructions that tell the respective computer that received the operation to calculate the operation and then forward the result of that calculation to another computer; and receiving the outcome of the computer program at the trusted computer.
- Encryption and obfuscation may be used for added security with the method.
- a trusted computer is a computer known to be uncompromised by an attacker, and the at least one other computer may be needed to provide computational or other resources.
- the at least one other computer may be trusted or untrusted, part of an enterprise network, part of a cloud, a mobile device, generally part of a plurality of computers, or any other computer or set of computers communicatively connected to the trusted computer, but not including the trusted computer.
- the at least one other computer may be randomly selected from a plurality of computers.
- the cloud may be trusted or untrusted, span multiple administrative domains, span multiple commercially distinct infrastructures, or be in any combination or other context known in the art.
- Computers may be networked together with a wired connection (electrically or optically), wireless connection, and/or any type of connection allowing the computers to communicate data.
- a computer may also comprise a virtual machine or group of virtual machines.
- Dividing the computer program into a series of operations and sending each operation of the series of operations to the at least one computer with accompanying instructions may be referred to as "shredding," with each operation called a “shred.”
- the shredding process transforms the program into a collection of shreds, where each shred executes a part of the program on the at least one computer and communicates with other shreds such that the ensemble of shreds execute the complete program.
- the shredding process places the shreds on networked computers using a random selection of computers such that each computer performs the partial computation specified in its shred and then forwards the rest of the computation to the next computer.
- Each computer only knows where it received a shred from, what it is supposed to compute within a shred, and where to forward the results of its shred to. If the number of networked computers is large enough, a possible attacker will not be able to monitor all computers simultaneously to piece together the shredded computation.
- FIG. 1 shows an example program being executed on trusted computers and cloud computers using an embodiment of the shredding process.
- the program 100 contains four parts: an input, a function 'f , a function 'g', and an output.
- the shredder program that executes on a trusted computer analyzes the binary executable for this program to discover the four parts, and accordingly produces four shreds, which are also in binary executable form.
- the input and output operations are executed on Trusted Computer 1 (TCI) 110 and Trusted Computer 4 (TC4) 140, respectively.
- TCI 110 and TC4 140 are chosen by the shredder because they are connected to the required input and output devices.
- CC2 120 and CC3 130 were randomly chosen by the shredder from the pool of available machines.
- TCI 110 receives input and assigns the input to variable 'x', which it then forwards to CC2 120.
- CC2 120 receives variable 'x' and computes function "f(x)", assigning the result to variable 'y', which it then forwards to CC3 130.
- CC3 130 receives variable 'y' and computes function "g(x)", assigning the result to variable 'z', which it then forwards to TC4 140.
- TC4 140 receives variable 'z' and outputs it.
- some of the series of operations may require an input and/or output (I/O) interaction from a trusted computer.
- I/O input and/or output
- special "split" device drivers may be implemented on a computer executing a shred.
- a split device driver is actually two drivers, one on each computer, wherein each driver performs half the work of a normal device driver. Because both halves of the driver execute as user processes, they require no modification of the operating systems on both the computer executing a shred and the trusted computer.
- the following are example embodiments illustrating how a split device driver may be implemented and used.
- the certain computer may: generate an input request at a program driver on the certain computer; pass the input request from the program driver to a network driver; send the input request to the first trusted computer via the network driver; receive a response of the device at the network driver from the first trusted computer; and pass the response from the network driver to the program driver for use in the computation.
- the received response may be encrypted for added security.
- the first trusted computer may: receive from the certain computer, at a network driver on the first trusted computer, a request for input from the device; pass the request from the network driver to an input driver for the device; pass a response from the device from the input driver to the network driver; and send the response to the certain computer via the network driver.
- the first trusted computer may encrypt the response from the device before passing the response from the input driver to the network driver for added security.
- the certain computer may: generate an output request at a program driver on the certain computer; pass the output request from the program driver to a network driver; send the output request to the first trusted computer via the network driver; receive a status of the device at the network driver from the first trusted computer; and pass the status from the network driver to the program driver for use in the computation.
- the output request may include encrypted data.
- the first trusted computer may: receive from the certain computer, at a network driver on the first trusted computer, a request for output to the device; pass the request from the network driver to an output driver for the device; pass a status from the device from the output driver to the network driver; and send the status to the certain computer via the network driver.
- the request may include encrypted data, and the first trusted computer may need to decrypt that data before passing the request from the network driver to the output driver.
- the method to gather that input may include: generating an input request at a program driver on the certain computer; passing the input request from the program driver to a first network driver; sending the input request to the first trusted computer via the first network driver; receiving from the certain computer, at a second network driver on the first trusted computer, the input request; passing the input request from the second network driver to an input driver for the device;
- the method may further include encrypting the response from the device before passing the response from the input driver to the second network driver. Therefore, the received response from the first trusted computer may be encrypted.
- the method to perform that output may include: generating an output request at a program driver on the certain computer; passing the output request from the program driver to a first network driver; sending the output request to the first trusted computer via the first network driver;
- the output request may include encrypted data, which would then need to be decrypted before passing the output request from the second network driver to the output driver.
- Encryption may be used on several levels for added security. All network connections between the trusted computer and the at least one other computer may be encrypted. Such network encryption may be implemented by using, for example, Transport Layer Security (TLS) or any other suitable encryption scheme.
- TLS Transport Layer Security
- FIG. 2 shows a high-level embodiment of split device drivers' implementation and operation, which, though not explicitly shown, may involve TLS encryption for network communications.
- the split device driver on Cloud Computer 1 (CC1) 200 contains two parts: the driver that interfaces with the program, and the driver that interfaces with the network.
- the split device driver on Trusted Computer 1 (TCI) 210 contains two parts: the driver that interfaces with the network, Network Interface 1 212, and the driver that interfaces with the input device, Input Device Driver 1 214.
- the driver that interfaces with the program generates an input request 202.
- This input request 202 is passed to the driver that interfaces with the network for TLS encryption and transmission to TCI 210.
- Network Interface 1 212 receives the request and passes it to Input Device Driver 1 214.
- the response is passed by Input Device Driver 1 214 to Network Interface 1 212.
- Network Interface 1 212 encrypts the response using TLS and transmits the response 222 to CC1 200.
- the network driver on CC1 200 forwards the TLS decrypted response 222 to the program interface driver, which in turn forwards it to the waiting program.
- the program assigns the received input to the variable 'x' and continues execution.
- FIG. 2 Also shown in FIG. 2 is how output may be performed using split device drivers between Cloud Computer 4 (CC4) 230 and Trusted Computer 4 (TC4) 240.
- the operation of the split device drivers for output is similar to the input operation except that instead of receiving input from the device, the computers receive a status message 252.
- Each operation of the series of operations, or each shred may be encrypted.
- Each shred may be encrypted using a symmetric-key encryption scheme such as Advanced Encryption Standard (AES) Galois Counter Mode (GCM) or any other suitable scheme.
- a symmetric-key encryption uses the shared key(s) of the at least one other computer such that each shred is encrypted using a different key.
- Such a scheme permits decryption of a shred only on the other computer for which the shred is intended, but hides the rest of the program from any other computers.
- Each data value of each operation of the series of operations may be encrypted. Encrypting the data values may be performed using a symmetric-key scheme, such as AES GCM, a public-key scheme, such as RSA, or any other suitable scheme. Such an encryption is performed on both the trusted computer and the at least one other computer. If a symmetric-key scheme is used, the secret key used is the shared key of the link between the sender and receiver of the data. If a public-key scheme is used, the sender uses the public key of the receiver for encryption, and the receiver uses its private key for decryption. Such schemes enable the at least one other computer to decrypt the data that it needs for computation, but hides all other data from it.
- FIG. 3 shows an embodiment of symmetric-key encryption and decryption operations for the shreds of the code and data in the example program of FIG. 1.
- FIG. 3 like FIG. 2, does not explicitly show the TLS encryption and decryption of the communication packets.
- the shredded program code is encrypted on TC0 300 during the shredding operation using shared keys Kl, K2, K3, and K4.
- TCI 310 is not able to decrypt any other part of the encrypted program because TCI 310 only knows key Kl, and attempting to decrypt some other portion of the code using key Kl would not produce valid code. This encrypting and decrypting process is repeated for all shreds using the keys of each computer sent a shred for computation, allowing each computer access to only the shred it is meant to compute.
- the communication links between the computers also have shared keys that are known only to the sender and receiver of data.
- the shared keys for the communication links are K12, K23, and K34.
- shared key K12 is used by TCI 310 to encrypt input 'x' to ciphertext 'x"
- x' is decrypted using key K12 on CC2 320 to yield 'x'. This process is used from computer to computer to ensure an attacker cannot intercept plaintext over the network.
- Obfuscation should be used for additional security and may comprise data obfuscation, code obfuscation, or both. Obfuscation may involve modifying the code and/or data within each shred to hide the original code and data from an attacker at an other computer. Code obfuscation uses obfuscating transformations to hide the logic of the original program from an attacker that has complete visibility of a shred's code as well as the instructions and data during shred execution. Data obfuscation transforms the data so that shredded code executes on obfuscated data values such that it is difficult for an attacker to recover the unobfuscated data value; blinding is a type of data obfuscation.
- Obfuscation with shredding involves obfuscating each operation of the series of operations before sending each operation to a respective other computer and unobfuscating the received computed outcome of the computer program.
- the method of obfuscation differs depending on the level of shredding, and shredding may be performed on at least four different levels: gate level, hardware-unit level, instruction level, encryption-scheme level, and any other scheme allowing the program to be broken into units.
- the aim of obfuscation is to hide the values of inputs 'a', 'x', and 'y' and output 'z' from attackers at Cloud Computer 2 (CC2) 410 and Cloud Computer 3 (CC3) 420.
- Trusted Computer 1 (TCI) 400 introduces three random values, 'r', 's', and ' , that are used as one-time pads for obfuscating the values of inputs 'a', 'x', and 'y', respectively. The operation used for obfuscation depends on the use of the variable.
- variables 'a' and 'x' are multiplied, so the obfuscation operation multiplies 'a' and 'x' by their pad values 'r' and 's', whereas variable 'y' is an addend, so the obfuscation operation adds one-time pad 't'.
- CC2 410 and CC3 420 perform computation using obfuscated values 'a", 'x", and 'y" to compute 'b" and 'c", respectively.
- CC3 420 performs the unobfuscation of 'b" by dividing by 'r' and 's'
- Trusted Computer 4 (TC4) 430 performs the unobfuscation of the value 'c" by subtracting the pad 't'.
- Gate-level shredding is the finest level of shredding and offers perfect secrecy because it is impossible for an attacker who observes a single other computer to understand the calculation or recover the original inputs or outputs of the calculation. However, it is the slowest level of shredding and does not offer the ability to perform I/O operations on other computers.
- the program is divided into a circuit consisting of AND, OR, NAND, NOR, and NOT gates, and the NOT gates may be converted to NAND gates with equal input to ensure each gate operation has two operands.
- the series of operations the program has been divided into are circuit gate operations, with each circuit gate operation having an operator, a first operand, and a second operand.
- each gate in the circuit of gate operations is obfuscated and shredded across two other computers.
- the process involves the trusted computer obfuscating the first operand with a first random value and obfuscating the second operand with a second random value.
- the obfuscated operands are sent to a first computer with instructions for the first computer to compute a plurality of results of a plurality of operations using the obfuscated operands and send the plurality of results to a second computer.
- the trusted computer sends the second computer instructions: to choose a result of the plurality of results based upon the operator, the first random value, and the second random value; to obfuscate the chosen result with a third random value; and to send the chosen result to a different computer, which may be a trusted computer or another computer.
- FIG. 5 shows an example embodiment of shredding a gate computation across two other computers, namely Cloud Computer 1 (CC1) 510 and Cloud Computer 2 (CC2) 520.
- this embodiment uses one-time pads, but with random values 'r', 's', and 'u'.
- TC 500 then sends 'c' and 'd' to CC1 510.
- ! d; and e4 c
- CC1 510 then sends ⁇ el, e2, e3, e4 ⁇ to CC2 520.
- CC2 520 then sends f to TC 500.
- TC 500 computes three XOR operations for obfuscating the data while CCl 510 and CC2 520 perform the computations. Neither CCl 510 nor CC2 520 knows the input data, output data, or computation because CCl 510 performs four generic operations and CC2 520 selects the correct operation. Although it appears that the computation of AND or the result of the computation is revealed at CC2 520, careful examination shows that both the computation and the data are hidden.
- ! d; el c
- FIG. 6, calculating "g a
- a NAND or NOR operation may be computed by adding an additional NOT operation at CC2 520.
- a NOT operation of a single bit can use a NAND operation with equal inputs.
- a similar method using a random bit 'r' to hide input and another random bit 'u' to hide output may be used to obfuscate a sequential circuit that stores a single bit.
- any circuit can be obfuscated by introducing a one-time pad (consisting of all the random values of the bits used to hide inputs and outputs) on the TC 500 and generating two shreds to execute the circuit under that one-time pad. This scheme is secure as long as the two shreds are not simultaneously visible to an attacker.
- the one-time pad method illustrated in FIGs. 5-6 is not secure if the circuit is used multiple times because (1) values ⁇ el, e2, e3, e4 ⁇ that are visible at CC2 (520, 620) have a specific partem for the four combinations of input variables 'c' and 'd' at CCl (510, 610) and (2) the pattern of values ⁇ el, e2, e3, e4 ⁇ for an AND operation is different from the pattern of values ⁇ el, e2, e3, e4 ⁇ for an OR operation.
- An attacker at CC2 (520, 620) who collects and analyzes the four values ⁇ el, e2, e3, e4 ⁇ can determine the operation.
- FIG. 7 illustrates the computation using these new bits.
- FIG. 7 is identical to FIG. 5, but uses ⁇ tl, t2, t3, t4 ⁇ for added obfuscation.
- Trusted Computer (TC) 700 obfuscates 'c' and 'd' and sends them to Cloud Computer 1 (CCl) 710, which computes ⁇ el, e2, e3, e4 ⁇ identically to FIGs. 5-6.
- CCl Cloud Computer 1
- el is now XORed with tl, e2 XORed with t2, e3 XORed with t3, and e4 XORed with t4 to obfuscate the values of ⁇ el, e2, e3, e4 ⁇ .
- Cloud Computer 2 (CC2) 720 or the computer processing the second shred, is either a pass-through or negation of a specific 'e dependent on the operation being computed as well as the values of random bits 'r', 's', 'u 't2', 't3', and 't4', as shown in the following table.
- This scheme for obfuscating an AND, NAND, OR, or NOR operation of two input bits uses a random key containing seven bits (r, s, tl, t2, t3, t4, u) to generate two shreds.
- the first shred always performs the same boolean operations, the second shred selects the correct operation, and the communication of the intermediate values between the two shreds is obfuscated.
- This process for obfuscating and computing any arbitrary circuit can be seen in FIG. 8.
- Each rectangle in FIG. 8 represents a computer.
- the initial input is sent from a computer 800, labeled "Send Input”, to a first computer 810, labeled "Compute 1", where a first shred calculates the operations and sends the operations to a second computer 820, labeled "Select 1", where a second shred selects the correct operation.
- the process continues (for example, at computers 830 and 840, labeled “Compute 2" and “Select 2" respectively, and then back to Compute 1 810 or another selected computer) until the result of the circuit is computed and sent to the computer 850 labeled "Receive Output".
- Hardware-unit-level shredding offers less privacy than gate-level shredding, but executes at a faster speed.
- This level of shredding divides the program into a circuit comprising operations of hardware units that perform specific functions. Examples include integer addition, integer multiplication, integer comparison, and floating point multiplication, which are standard hardware units in a generic computer.
- the series of operations are mathematical operations, with each mathematical operation having an operator, a first operand, and a second operand.
- An attacker at an other computer can see the type of operation being performed, but cannot guess the precise operation. For example, an attacker may see that an integer addition is being performed, but cannot see the plain values of the operands or the result.
- hardware-unit-level shredding does not offer the ability to perform I/O operations on other computers.
- Instruction-level shredding divides the program into instructions such that each shred executes a subset of the instructions. Examples of instructions include x86 machine instructions and Java Virtual Machine (JVM) bytecodes. Like hardware-unit-level shredding, these instructions involve mathematical operations. However, unlike hardware-unit-level shredding, instruction-level shredding accommodates programs that perform I/O operations by using the aforementioned split device drivers.
- JVM Java Virtual Machine
- each mathematical operation of the series of operations the program has been divided into is obfuscated and shredded across two computers.
- the process involves the trusted computer obfuscating the first operand with a first random value and obfuscating the second operand with a second random value.
- the obfuscated operands are sent to a first computer with instructions for the first computer to compute a first result of an operation using the operator, the first obfuscated operand, and the second obfuscated operand.
- the first computer also receives a value from a second computer, computes a second result of an operation using the operator, the first result, and the value, and sends the second result to a different computer, which may be a trusted computer or another computer.
- the second computer knows the random values used to obfuscate the operands and final result and uses this knowledge to calculate the value sent to the first computer.
- the received value is a third random value minus the sum of the first random value and second random value.
- FIG. 12 illustrated below, illustrates one such embodiment.
- the received value is a third random value divided by the product of the first random value and second random value.
- FIG. 18, described below illustrates an embodiment transitioning from a multiplicative obfuscation scheme to an additive obfuscation scheme
- FIG. 19, also described below illustrates an embodiment transitioning from an additive obfuscation scheme to a multiplicative obfuscation scheme.
- Random values needed for obfuscation may be generated by the following method. The cycles of execution of the program are numbered so that a variable defined by an instruction executed at cycle is blinded by function "Key(i)".
- the function "Key(i)” generates a random floating point value that is not “too big or too small” in order to limit roundoff error during floating point calculations.
- the random floating point value is also non-zero to prevent any division by zero during computation.
- the "Key” function is implemented using a fast stream cipher, such as Salsa20, that generates a random value for a nonce .
- Two secret seeds are used for the stream cipher: one seed for generating the additive blinding values, and a different seed for generating the multiplicative blinding values. Because each instruction in the program is an addition or a multiplication, but not both, the result of the execution is blinded using one of the two seeds. If the result of an instruction that is blinded in one scheme is used in an operation of the opposite scheme, a conversion operation is used to change schemes.
- the TCs (1200, 1230, 1300, and 1330) and CC3 (1220 and 1320) would know both seeds and CC2 (1210 and 1310) would not know any seed.
- the TCs (1800, 1840, 1900, and 1940) and CC3 (1820 and 1920) would know both seeds, CC2 (1810 and 1910) would not know any seed, and CC4 (1830 and 1930) would know only the multiplicative seed.
- Shredding performed at the encryption-scheme level encrypts each data value of each operation of the series of operations using homomorphic encryption schemes that depend on the operations that are performed on the data.
- Addition operations are encrypted using an Additive Homomorphic Encryption (AHE) scheme, such as Paillier, and multiplication operations are encrypted using a Multiplicative Homomorphic Encryption (MHE) scheme, such as El Gamal.
- AHE Additive Homomorphic Encryption
- MHE Multiplicative Homomorphic Encryption
- transition encryption functions may be used to convert AHE data values to MHE data values and convert MHE data values to AHE data values.
- transition functions may be shredded for added security by dividing a transition encryption function into a series of operations and sending each operation of the transition encryption function with accompanying instructions to at least one other computer, the accompanying instructions operative to compute a result of the respective operation and forward the result to another computer.
- FIG. 14, described below shows an embodiment of a shredded transition encryption function from Paillier to El Gamal
- FIG. 15, also described below shows an embodiment of a shredded transition encryption function from El Gamal to Paillier. It is also possible to compare two encrypted integers.
- FIG. 16, described below shows an embodiment of a shredded comparison function using Paillier encryption
- FIG. 17, also described below shows an embodiment of a shredded comparison function using El Gamal encryption.
- Trusted Computer 1 (TCI) 900 encrypts the 'a' and 'x' values using El Gamal and the 'b' value using Paillier.
- the "EG()" function refers to encrypting with El Gamal
- the "EP()" functions refers to encrypting with Paillier.
- Cloud Computer 2 (CC2) 910 computes the multiplication "a * x" on the MHE-encrypted values to produce an MHE- encrypted value of 'y".
- CC2 910 then uses the shredded transition functions "GP1()", “GP2()", and “GP30" with Cloud Computer 3 (CC3) 920 to convert the El Gamal-encrypted value of 'y” to a Paillier-encrypted value, 'y' ", and adds "b + y” by multiplying the AHE-encrypted values.
- Trusted Computer 4 (TC4) 930 then receives the Paillier-encrypted value of 'z' and decrypts it, using the decrypt Paillier function "DP()", for the solution.
- Shredded transition functions "GP10", “GP20”, and “GP3()" are described more fully in respect to FIG. 15, below.
- split device drivers enable input and output operations in shreds executing on other computers.
- shreds it is preferable to allow shreds to only operate on encrypted data from I/O devices so that only trusted computers may see plain data from I/O devices.
- FIG. 10 shows an example operation of a normal device driver interaction operating on a single computer, while, in contrast, FIG. 11 shows a detailed example operation of a split device driver interaction between a trusted computer and a cloud computer.
- FIG. 10 shows an example operation of a normal device driver interaction operating on a single computer.
- the example application, Application 1000 shown in FIG. 10 requests input from a keyboard, Keyboard Hardware 1020, and outputs that input to a console or screen, Console Hardware 1040.
- the process requires the eight steps labeled in FIG. 10.
- the application requests a character from Kernel Keyboard Device Driver (KK) 1010 in the computer's kernel.
- KK 1010 requests a character from Keyboard Hardware 1020.
- Keyboard Hardware 1020 has received input and responds to KK 1010 with a character.
- KK 1010 passes the character to the application to complete the input operation.
- FIG. 11 shows operation of an embodiment of a split device driver between Trusted Computer (TC) 1102 and Cloud Computer (CC) 1104 performing the same functions as FIG.
- TC Trusted Computer
- CC Cloud Computer
- Executing Shred 1100 requires input from Keyboard Hardware 1160 (steps 1-12) and then outputs that input to Console Hardware 1162 (steps 13-24). Because CC 1104 must get input from a trusted computer and output to a trusted computer for security purposes (here, that is TC 1102), the device drivers are split between CC 1104 and TC 1102.
- FIG. 11 The input portion of FIG. 11 is as follows.
- Executing Shred 1100 requests a character from the split keyboard device driver in user mode, User Mode Keyboard Device Driver (CCUMK) 1110.
- CCUMK 1110 uses Kernel Network Device Driver (CCKN) 1120 to request the character.
- CCKN 1120 communicates with Kernel Network Device Driver on TC (TCKN) 1130.
- TCKN 1130 requests a character from User Mode Keyboard Device Driver (TCUMK) 1140.
- TCUMK 1140 requests a character from Kernel Keyboard Device Driver (TCKK) 1150.
- TCKK 1150 requests a character from Keyboard Hardware 1160.
- Keyboard Hardware 1160 has received input and responds to TCKK 1150 with a character.
- TCKK 1150 sends the character to TCUMK 1140.
- TCUMK 1140 encrypts the received character and sends it to TCKN 1130.
- TCKN 1130 sends the encrypted character to CCKN 1120.
- CCKN 1120 sends the encrypted character to CCUMK 1110.
- CCUMK 1110 passes the encrypted character to Executing Shred 1100 to complete the input operation.
- FIG. 11 The output portion of FIG. 11 is as follows and assumes that Executing Shred 1100 has received the encrypted character from the process of steps 1-12.
- Executing Shred 1100 begins the output operation and sends the encrypted character to the split console device driver in user mode, User Mode Console Device Driver (CCUMC) 1112.
- CCUMC 1112 uses CCKN 1120 to send the encrypted character.
- CCKN 1120 communicates with TCKN 1130.
- TCKN 1130 sends the encrypted character to User Mode Console Device Driver (TCUMC) 1142.
- TCUMC 1142 decrypts the character and sends the plain character to Kernel Console Device Driver (TCKC) 1152.
- TCKC 1152 sends the plain character to Console Hardware 1162.
- Console Hardware 1162 prints the character and sends a status to TCKC 1152.
- TCKC 1152 sends the status to TCUMC 1142.
- TCUMC 1142 sends a status to TCKN 1130.
- TCKN 1130 sends the status to CCKN 1120.
- CCKN 1120 sends the status to CCUMC 1112.
- CCUMC 1112 sends the status to Executing Shred 1100.
- the output operation is now complete, and Executing Shred 1100 is aware of the status of the output, e.g., if it printed to the console screen, error, etc.
- an additional difference between Application 1000 in FIG. 10 and Executing Shred 1100 in FIG. 11 is that Executing Shred 1100 operates on encrypted data, and hence can execute on a computer that is observed by an attacker, here CC 1104.
- the key for encrypting and decrypting the data is only available on TC 1102, which uses the key in TCUMK 1140 and TCUMC 1142.
- code obfuscation may be used to hide the logic of the original program and may be used in conjunction with data obfuscation.
- Data obfuscation may be better understood using FIGs. 12-13, and code obfuscation may include, but is not limited to, opcode substitution, function merging, control flow flattening, and decoy code, including opaque predicates.
- Trusted Computer 1 (TCI) 1200 selects two random numbers, 'r' and 's', to obfuscate 'a' and 'b', respectively.
- TCI 1200 computes "a + r" and "b + s” and assigns the results to variables 'c' and 'd', respectively.
- TCI 1200 then sends (c, d) to Cloud Computer 2 (CC2) 1210.
- CC3 1220 is given knowledge of random values 'r' and 's' and also a third random value, 'u', used to blind the final result.
- CC3 1220 computes the value of "u - r - s" and assigns it to variable 'h', which it sends to CC2 1210.
- CC2 1210 receives the value 'h' from CC3 1220, computes "e + h", and assigns the result to variable , which it sends to Trusted Computer 4 (TC4) 1230.
- TC4 1230 then unblinds the result by computing "f - u", completing the operation.
- the TCs 1200 and 1230 use three random numbers, 'r', 's', and 'u', as keys for obfuscating the input data ('a' and 'b') and output data ('g') while the two cloud computers 1210 and 1220 compute the actual sum. No cloud computer knows the input or output data.
- Trusted Computer 1 (TCI) 1300 selects two random numbers, 'r' and 's', to obfuscate 'a' and 'b', respectively.
- TCI 1300 computes "a * r" and "b * s” and assigns the results to variables 'c' and 'd', respectively.
- TCI 1300 then sends (c, d) to Cloud Computer 2 (CC2) 1310.
- CC3 1320 is given knowledge of random values 'r' and 's' and also a third random value, 'u', used to blind the final result.
- CC3 1320 computes the value of "u / (r * s)" and assigns it to variable 'h', which it sends to CC2 1310.
- CC2 1310 receives the value 'h' from CC3 1320, computes "e * h", and assigns the result to variable , which it sends to Trusted Computer 4 (TC4) 1330.
- TC4 1330 then unblinds the result by computing "f / u", completing the operation.
- the TCs 1300 and 1330 use three random numbers, 'r', 's', and 'u', as keys for obfuscating the input data ('a' and 'b') and output data ('g') while the two cloud computers 1310 and 1320 compute the actual product. No cloud computer knows the input or output data.
- Opcode substitution involves substituting random opcodes for the real opcodes, thwarting static disassembly of a shred.
- a substitution map may be created that maps the program opcodes to a random permutation of opcodes.
- the substitution map may then be used to transform the series of opcodes into the random permutation of opcodes and sent to a remote computer for use in unobfuscating by the respective other computers.
- Unobfuscation may be performed by receiving, at the remote computer holding the substitution map, from an other computer, an index corresponding to a portion of the substitution map and sending, from the remote computer to the other computer, the portion of the substitution map. It may be seen symmetrically that an other computer may send, to the remote computer, an index corresponding to a portion of the substitution map, receive, from the remote computer, the portion of the substitution map, and transform, using the substitution map, the random permutation of opcodes into the original series of opcodes.
- opcode substitution with a substitution map may be used with a Java program.
- Java bytecodes have 256 opcodes, of which 51 opcodes (range 203-253) are not defined.
- a substitution map is introduced to map the original 256 opcodes to a random permutation of the opcodes.
- the substitution map is known to the computer that produces a shred as well as to a remote computer, but it is not known to the other computer that executes the shred using the permutated opcodes.
- the unused opcode 253 is used by the obfuscated programs as a GET MAP instruction.
- the GET MAP instruction takes a 32-bit index as an operand, which is sent by the other computer executing a shred to the remote computer.
- the remote computer returns a 256-byte result containing the substitution map to be used for that particular shred.
- the GET MAP instruction is inserted at the beginning of a shred as well as a user specified number of times within a shred. For security, there should be a large number of GET MAP instructions to thwart statistical analysis of a large section of code that uses the same map. For performance optimization, there should be a small number of GET MAP instructions within loops.
- Function merging combines unrelated functions into a single function.
- the unrelated functions each have parameters and retain their respective behaviors inside the single function.
- the single function takes all of the unrelated functions' parameters plus an additional parameter to select which behavior to perform. If the number of unrelated functions is large, groups of somewhat-related functions may be merged so that there is a single merged function per group.
- Control flow flattening also known as chenxification, coverts a function into an infinite loop. To exit the loop, a switch statement is added that performs behavior identical to that of the original function.
- Decoy code is used to increase the amount of code that an attacker would need to analyze. This may be done by inserting decoy code into the computer program.
- the decoy code may comprise original code of the computer program with a number of minor mutations. The minor mutations create statically undetectable errors, and the number of minor mutations may be user-specified.
- the decoy code may be part of an opaque predicate scheme. Such a scheme thwarts static analysis of a function by making the target statement dependent on an opaque predicate, which is a predicate that is easy to setup and execute, but difficult to analyze.
- Opaque predicates may exploit array aliasing, of which there are three types of predicates:
- predicates execute the original code in the "if branch and decoy code in the "else” branch.
- Always false predicates execute decoy code in the "if branch and the original code in the "else” branch.
- Sometimes true predicates execute the original code and an obfuscated version of the original code on the two branches.
- FIGs. 14-17 illustrate embodiments using Paillier and El Gamal encryption.
- FIG. 14 shows an embodiment of a shredded transition encryption function from Paillier encryption to El Gamal encryption.
- Decrypt ciphertext 'c' from Paillier and encrypt into El Gamal is defined as:
- PG(c) may be shredded into “PGl(c)", “PG2(a, c)", and "PG3(w)” using the following process.
- the functions are defined as follows:
- Trusted Computer 1 (TCI) 1400 encrypts message 'm' with public key 'pk' into Paillier ciphertext 'c', which it then sends to Cloud Computer 2 (CC2) 1410.
- CC2 1410 calculates "PGl(c)” and assigns the result to 'a', and then sends 'a' and 'c' to Cloud Computer 3 (CC3) 1420.
- CC3 1420 calculates "PG2(a, c)" and assigns the result to (v, w), which it sends back to CC2 1410.
- CC2 1410 calculates "PG3(w)" and assigns the result to 'z', and then sends (v, z) to Trusted Computer 4 (TC4) 1430.
- TC4 1430 receives ciphertext (v, z), now in El Gamal encryption, and decrypts it with secret key 'sk' to reveal message 'm'.
- CC2 1410 nor CC3 1420 know all randomly selected values 'bl ', 'b2', 'ul ' and 'u2'.
- the public key 'pk' is meant to substitute for 'n'
- the secret key 'sk' is meant to substitute for 'x'.
- FIG. 15 shows an embodiment of a shredded transition encryption function from El Gamal to Paillier.
- Decrypt ciphertext (e, c) from El Gamal and encrypt into Paillier is defined as:
- Trusted Computer 1 (TCI) 1500 encrypts message 'm' with public key 'pk' into El Gamal ciphertext (e,c), which it then sends to Cloud Computer 2 (CC2) 1510.
- CC2 1510 calculates "GPl(e)” and assigns the result to , and then sends 'f to Cloud Computer 3 (CC3) 1520.
- CC3 1520 calculates "GP2(f)” and assigns the result to ' ⁇ ', which it sends back to CC2 1510.
- CC2 1510 calculates "GP3(v, c)” and assigns the result to 'z', and then sends 'z' to Trusted Computer 4 (TC4) 1530.
- TC4 1530 receives ciphertext 'z', now in Paillier encryption, and decrypts it with secret key 'sk' to reveal message 'm'.
- CC2 1510 nor CC3 1520 know both randomly selected values ' ⁇ and ' ⁇ 2'.
- the public key 'pk' is meant to substitute for (n, g, q, h), and the secret key 'sk' is meant to substitute for (b, u).
- FIG. 16 shows an embodiment of a shredded comparison function using Paillier encryption. If two integers (both less than n/2, where n is the public key) are encrypted in the
- Paillier scheme order comparison between them may be defined as follows:
- Trusted Computer 1 (TCI) 1600 encrypts message 'ml ' with public key 'pk' into Paillier ciphertext 'cl ' and message 'm2' with public key 'pk' into Paillier ciphertext 'c2'.
- TCI 1600 then sends (ci, c 2 ) to Cloud Computer 2 (CC2) 1610.
- CC2 1610 calculates "CPl(ci, c 2 )" and assigns the result to (a, c), and then sends (a, c) to Cloud Computer 3 (CC3) 1620.
- CC3 1620 calculates "CP2(a, c)" and assigns the result to 'b', which it sends to Cloud Computer 4 (CC4) 1630.
- CC4 1630 calculates "CP3(b)” and assigns the result to 'z', and then sends 'z' to CC2 1610.
- CC2 1610 receives 'z', and performs the conditionals to determine "EQ", "GT”, or "LT”, which may then be used for further calculations.
- No cloud computer knows all randomly selected values 'bl ', 'b2', 'ul ' and 'u2'. In FIG. 16, the public key 'pk', is meant to substitute for 'n'.
- FIG. 17 shows an embodiment of a shredded comparison function using El
- Trusted Computer 1 (TCI) 1700 encrypts message 'ml ' with public key 'pk' into El Gamal ciphertext (el, cl) and message 'm2' with public key 'pk' into El Gamal ciphertext (e2, c2).
- TCI 1700 then sends (el, cl) and (e2, c2) to Cloud Computer 2 (CC2) 1710.
- CC2 1710 calculates "GPl(el)" and assigns the result to 'fl ' and "GPl(e2)” and assigns the result to '12', and then sends 'fl ' and 'f2' to Cloud Computer 3 (CC3) 1720.
- CC3 1720 calculates "GP2(fl)” and assigns the result to ' ⁇ and "GP2(f2)” and assigns the result to ' ⁇ 2', and then sends ' ⁇ and e v2' back to CC2 1710.
- CC2 1710 calculates "GP3(vl, cl)” and assigns the result to 'pi ' and "GP3(v2, c2)” and assigns the result to ' ⁇ 2'.
- CC2 1710 calculates "CPl(pl, p2)” and assigns the result to (a, c), and then sends (a, c) to Cloud Computer 3 (CC3) 1720.
- CC3 1720 calculates "CP2(a, c)" and assigns the result to 'b', which it sends to Cloud Computer 4 (CC4) 1730.
- CC4 1730 calculates "CP3(b)” and assigns the result to 'z', and then sends 'z' to CC2 1710.
- CC2 1710 receives 'z', and performs the conditionals to determine "EQ", "GT”, or "LT”, which may then be used for further calculations.
- No cloud computer knows all randomly selected values.
- the public key 'pk' is meant to substitute for (n, g, q, h).
- FIGs. 18-19 illustrate two example embodiments of these transition functions.
- FIG. 18 illustrates an embodiment transitioning from a multiplicative obfuscation scheme to an additive obfuscation scheme.
- the program performs multiplicative blinding of 'a' with a random number 'r', but needs the additive blinding of 'a' with a random number 's'.
- the transition process is shredded for security.
- Trusted Computer 1 (TCI) 1800 and Trusted Computer 5 (TC5) 1840 select two random numbers, 'r' and 's', to blind 'a'.
- TCI 1800 computes "a * r" and assigns the result to variable 'c', which it then sends to Cloud Computer 2 (CC2) 1810.
- CC2 1810 requests multiplicative to additive blinding from Cloud Computer 3 (CC3) 1820.
- CC3 1820 is given knowledge of random values 'r' and 's', and computes "r * s", assigns the product to variable 'h', and sends 'h' to CC2 1810.
- CC2 1810 receives the value 'h' from CC3 1820, computes "c + h", and assigns the result to variable 'e', which it sends to Cloud Computer 4 (CC4) 1830.
- CC4 1830 then unblinds the product by computing "e / r", which it assigns to variable , and sends 'f to TC5 1840.
- TC5 1840 receives the additively -blinded value of a, which equals "a + s".
- the variable 'a' may be recovered by subtracting 's' from 'f .
- FIG. 19 illustrates an embodiment transitioning from an additive obfuscation scheme to a multiplicative obfuscation scheme.
- the process is essentially the reverse process of that illustrated in FIG. 18. Note that, in order to keep the random seeds from being dispersed to more than the necessary computers, the arrows follow a reverse path from that of FIG. 18. In this manner for either transition, only the TCs (1800, 1840, 1900, and 1940) and CC3 (1820 and 1920) would know both seeds, CC2 (1810 and 1910) would not know any seed, and CC4 (1830 and 1930) would know only the multiplicative seed.
- the program performs additive blinding of 'a' with a random number 's', but needs the multiplicative blinding of 'a' with a random number 'r'.
- the transition process is shredded for security.
- Trusted Computer 1 (TCI) 1900 and Trusted Computer 5 (TC5) 1940 select two random numbers, 'r' and 's', to blind 'a'.
- TC5 1940 computes "a + s" and assigns the result to variable 'c', which it then sends to Cloud Computer 4 (CC4) 1930.
- CC4 1930 then blinds the sum by computing "c * r", which it assigns to variable 'e', and sends 'e' to Cloud Computer 2 (CC2) 1910.
- CC2 1910 requests additive to multiplicative blinding from Cloud Computer 3 (CC3) 1920.
- CC3 1920 is given knowledge of random values 'r' and 's', and computes "r * s", assigns the product to variable 'h', and sends 'h' to CC2 1910.
- CC2 1910 receives the value 'h' from CC3 1920, computes "e - h", and assigns the result to variable , which it sends to TCI 1900.
- TCI 1900 receives the multiplicatively-blinded value of a, which equals "a * r".
- the variable 'a' may be recovered by computing "f / r".
- Method I are effective against attackers with root access to a single other computer that record and analyze the executed programs, the in-memory data, and the files on disk to observe private information (Threat Level I).
- Method I may not be effective against an attacker that can modify the executing programs, memory, and files on the single other computer to disrupt execution (Threat Level II).
- Method II may be extended so that every shred is executed on multiple other computers (Method II). The intermediate data results from the multiple other computers would be checked for consistency, and computation is aborted if an inconsistency is detected.
- Method II is able to thwart attacks from an attacker at Threat Level II.
- Threat Level III neither Method I nor Method II is effective against an attacker that controls all of the other computers in a network (Threat Level III).
- Method II may be extended so that the other computers chosen for executing a single program span multiple administrative domains or multiple commercially distinct infrastructures (Method III).
- the other computers may be chosen from different public cloud providers such as Google, Amazon, and/or Microsoft.
- Method III is able to thwart attacks from an attacker at Threat Level III.
Abstract
Description
Claims
Priority Applications (8)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DK16828463.6T DK3326345T3 (en) | 2015-07-21 | 2016-07-20 | SYSTEMS AND METHODS FOR EXECUTING PRIVATE PROGRAMS ON UNSECURE COMPUTERS |
JP2018523361A JP6880017B2 (en) | 2015-07-21 | 2016-07-20 | Systems and processes for running private programs on untrusted computers |
KR1020187005125A KR102315831B1 (en) | 2015-07-21 | 2016-07-20 | Systems and processes for running private programs on untrusted computers |
CA2998323A CA2998323C (en) | 2015-07-21 | 2016-07-20 | Systems and processes for executing private programs on untrusted computers |
CN201680054703.XA CN108476198B (en) | 2015-07-21 | 2016-07-20 | Method and system for executing computer program |
EP16828463.6A EP3326345B1 (en) | 2015-07-21 | 2016-07-20 | Systems and processes for executing private programs on untrusted computers |
AU2016297559A AU2016297559B2 (en) | 2015-07-21 | 2016-07-20 | Systems and processes for executing private programs on untrusted computers |
IL257040A IL257040B (en) | 2015-07-21 | 2018-01-21 | Systems and processes for executing private programs on untrusted computers |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/804,713 | 2015-07-21 | ||
US14/804,713 US10110566B2 (en) | 2015-07-21 | 2015-07-21 | Systems and processes for executing private programs on untrusted computers |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2017015357A1 true WO2017015357A1 (en) | 2017-01-26 |
Family
ID=57834671
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/US2016/043117 WO2017015357A1 (en) | 2015-07-21 | 2016-07-20 | Systems and processes for executing private programs on untrusted computers |
Country Status (10)
Country | Link |
---|---|
US (2) | US10110566B2 (en) |
EP (1) | EP3326345B1 (en) |
JP (1) | JP6880017B2 (en) |
KR (1) | KR102315831B1 (en) |
CN (1) | CN108476198B (en) |
AU (1) | AU2016297559B2 (en) |
CA (1) | CA2998323C (en) |
DK (1) | DK3326345T3 (en) |
IL (1) | IL257040B (en) |
WO (1) | WO2017015357A1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2021507438A (en) * | 2017-12-18 | 2021-02-22 | ユニバーシティ オブ セントラル フロリダ リサーチ ファウンデーション,インコーポレイテッド | How to Securely Execute Code Acting on Encrypted Data on Public Computers |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10348503B2 (en) * | 2016-12-12 | 2019-07-09 | Sap Portals Israel Ltd. | Client side actions validation |
US11232224B2 (en) | 2018-03-15 | 2022-01-25 | Servicenow, Inc. | Database encryption |
CN109446828B (en) * | 2018-11-07 | 2020-10-13 | 北京邮电大学 | Secure multi-party computing method and device |
US11042634B2 (en) * | 2018-12-21 | 2021-06-22 | Fujitsu Limited | Determining information leakage of computer-readable programs |
WO2020240246A1 (en) * | 2019-05-29 | 2020-12-03 | Commissariat A L 'energie Atomique Et Aux Energies Alternatives | A computer-implemented method for obfuscating a program code |
US20200220851A1 (en) | 2019-12-13 | 2020-07-09 | TripleBlind, Inc. | Systems and methods for efficient computations on split data and split algorithms |
US11431688B2 (en) | 2019-12-13 | 2022-08-30 | TripleBlind, Inc. | Systems and methods for providing a modified loss function in federated-split learning |
US11853793B2 (en) | 2020-10-09 | 2023-12-26 | Samsung Electronics Co., Ltd. | Methods and system for on-device AI model parameter run-time protection |
JPWO2023007633A1 (en) * | 2021-07-28 | 2023-02-02 | ||
US20240004998A1 (en) * | 2022-07-01 | 2024-01-04 | Nxp B.V. | Method for protecting a machine learning model from a side channel attack |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060259744A1 (en) * | 2005-05-11 | 2006-11-16 | Wolfgang Matthes | Method for information processing |
US7430670B1 (en) * | 1999-07-29 | 2008-09-30 | Intertrust Technologies Corp. | Software self-defense systems and methods |
US20110225417A1 (en) * | 2006-12-13 | 2011-09-15 | Kavi Maharajh | Digital rights management in a mobile environment |
US20120066510A1 (en) * | 2010-09-15 | 2012-03-15 | At&T Intellectual Property I, L.P. | Methods, systems, and computer program products for performing homomorphic encryption and decryption on individual operations |
US20120159459A1 (en) * | 2010-12-17 | 2012-06-21 | Cisco Technology, Inc. | Optimizing symbol manipulation language-based executable applications for distributed execution |
US20140331279A1 (en) * | 2013-05-03 | 2014-11-06 | Selim Aissi | Security engine for a secure operating environment |
Family Cites Families (73)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6067620A (en) * | 1996-07-30 | 2000-05-23 | Holden; James M. | Stand alone security device for computer networks |
US6477648B1 (en) * | 1997-03-23 | 2002-11-05 | Novell, Inc. | Trusted workstation in a networked client/server computing system |
US6957341B2 (en) * | 1998-05-14 | 2005-10-18 | Purdue Research Foundation | Method and system for secure computational outsourcing and disguise |
AU2001243365A1 (en) * | 2000-03-02 | 2001-09-12 | Alarity Corporation | System and method for process protection |
US7895643B2 (en) * | 2002-03-16 | 2011-02-22 | Trustedflow Systems, Inc. | Secure logic interlocking |
US8220058B2 (en) * | 2003-09-25 | 2012-07-10 | Oracle America, Inc. | Rendering and encryption engine for application program obfuscation |
US7415618B2 (en) * | 2003-09-25 | 2008-08-19 | Sun Microsystems, Inc. | Permutation of opcode values for application program obfuscation |
US20050069138A1 (en) * | 2003-09-25 | 2005-03-31 | Sun Microsystems, Inc., A Delaware Corporation | Application program obfuscation |
US7363620B2 (en) * | 2003-09-25 | 2008-04-22 | Sun Microsystems, Inc. | Non-linear execution of application program instructions for application program obfuscation |
US7353499B2 (en) * | 2003-09-25 | 2008-04-01 | Sun Microsystems, Inc. | Multiple instruction dispatch tables for application program obfuscation |
WO2008007305A2 (en) * | 2006-07-12 | 2008-01-17 | Koninklijke Philips Electronics N.V. | Method and system for obfuscating a gryptographic function |
US20090249492A1 (en) * | 2006-09-21 | 2009-10-01 | Hans Martin Boesgaard Sorensen | Fabrication of computer executable program files from source code |
US9411976B2 (en) * | 2006-12-01 | 2016-08-09 | Maidsafe Foundation | Communication system and method |
US20120084544A1 (en) * | 2010-10-04 | 2012-04-05 | Ralph Robert Farina | Methods and systems for providing and controlling cryptographically secure communications across unsecured networks between a secure virtual terminal and a remote system |
US8538012B2 (en) * | 2007-03-14 | 2013-09-17 | Intel Corporation | Performing AES encryption or decryption in multiple modes with a single instruction |
US8312518B1 (en) * | 2007-09-27 | 2012-11-13 | Avaya Inc. | Island of trust in a service-oriented environment |
US8762736B1 (en) * | 2008-04-04 | 2014-06-24 | Massachusetts Institute Of Technology | One-time programs |
US8209744B2 (en) * | 2008-05-16 | 2012-06-26 | Microsoft Corporation | Mobile device assisted secure computer network communication |
US8171306B2 (en) * | 2008-11-05 | 2012-05-01 | Microsoft Corporation | Universal secure token for obfuscation and tamper resistance |
US8832778B2 (en) * | 2009-08-04 | 2014-09-09 | Carnegie Mellon University | Methods and apparatuses for user-verifiable trusted path in the presence of malware |
US8347398B1 (en) * | 2009-09-23 | 2013-01-01 | Savvystuff Property Trust | Selected text obfuscation and encryption in a local, network and cloud computing environment |
US20110202765A1 (en) * | 2010-02-17 | 2011-08-18 | Microsoft Corporation | Securely move virtual machines between host servers |
US9703586B2 (en) * | 2010-02-17 | 2017-07-11 | Microsoft Technology Licensing, Llc | Distribution control and tracking mechanism of virtual machine appliances |
US8862895B2 (en) * | 2010-04-27 | 2014-10-14 | Fuji Xerox Co., Ltd. | Systems and methods for communication, storage, retrieval, and computation of simple statistics and logical operations on encrypted data |
US20110296164A1 (en) * | 2010-05-28 | 2011-12-01 | Mcafee, Inc. | System and method for providing secure network services |
US8601498B2 (en) * | 2010-05-28 | 2013-12-03 | Security First Corp. | Accelerator system for use with secure data storage |
EP3029592B1 (en) * | 2010-08-18 | 2018-07-25 | Security First Corp. | Systems and methods for securing virtual machine computing environments |
US8700906B2 (en) * | 2011-01-14 | 2014-04-15 | Microsoft Corporation | Secure computing in multi-tenant data centers |
US9647989B2 (en) | 2011-04-27 | 2017-05-09 | Symantec Corporation | System and method of data interception and conversion in a proxy |
US9077525B2 (en) * | 2011-06-24 | 2015-07-07 | Microsoft Technology Licensing, Llc | User-controlled data encryption with obfuscated policy |
WO2013009290A1 (en) * | 2011-07-11 | 2013-01-17 | Hewlett-Packard Development Company, Lp | Policy based data management |
US20130019092A1 (en) * | 2011-07-14 | 2013-01-17 | Barracuda Inc. | System to Embed Enhanced Security / Privacy Functions Into a User Client |
GB2497070B (en) * | 2011-11-17 | 2015-11-25 | Advanced Risc Mach Ltd | Cryptographic support instructions |
EP3089399B1 (en) * | 2011-11-28 | 2019-07-24 | Porticor Ltd. | Methods and devices for securing keys for a non-secured, distributed environment with applications to virtualization and cloud-computing security and management |
US9208319B2 (en) * | 2011-12-15 | 2015-12-08 | Microsoft Technology Licensing, Llc | Code base partitioning system |
WO2013104969A1 (en) * | 2012-01-09 | 2013-07-18 | Koninklijke Philips N.V. | Virtual machine device having key driven obfuscation and method |
US8615656B2 (en) * | 2012-01-09 | 2013-12-24 | The Mitre Corporation | Secure remote peripheral encryption tunnel |
EP2831800B1 (en) * | 2012-03-26 | 2020-05-06 | Irdeto B.V. | Method for protecting data |
EP2645618A1 (en) * | 2012-03-30 | 2013-10-02 | British Telecommunications Public Limited Company | Method and system for network data access |
EP2672673B1 (en) * | 2012-06-07 | 2016-05-25 | Alcatel Lucent | Apparatus and method for secure data processing |
EP2672672A1 (en) * | 2012-06-07 | 2013-12-11 | Alcatel-Lucent | Secure data processing |
US8656482B1 (en) * | 2012-08-20 | 2014-02-18 | Bitdefender IPR Management Ltd. | Secure communication using a trusted virtual machine |
WO2014059136A2 (en) * | 2012-10-12 | 2014-04-17 | Safelylocked, Llc. | Techniqued for secure data exchange |
US9176838B2 (en) * | 2012-10-19 | 2015-11-03 | Intel Corporation | Encrypted data inspection in a network environment |
US9535715B2 (en) * | 2012-12-14 | 2017-01-03 | Microsoft Technology Licensing, Llc | Booting from a trusted network image |
GB2508894A (en) * | 2012-12-14 | 2014-06-18 | Ibm | Preventing a trusted boot device from being booted in a virtual machine |
US8909967B1 (en) * | 2012-12-31 | 2014-12-09 | Emc Corporation | Technique for secure computation |
US9503268B2 (en) * | 2013-01-22 | 2016-11-22 | Amazon Technologies, Inc. | Securing results of privileged computing operations |
US10063380B2 (en) * | 2013-01-22 | 2018-08-28 | Amazon Technologies, Inc. | Secure interface for invoking privileged operations |
US9055038B1 (en) * | 2013-02-04 | 2015-06-09 | Stealth Software Technologies, Inc. | Apparatus, system, and method to garble programs |
US9141823B2 (en) * | 2013-03-15 | 2015-09-22 | Veridicom, Sa De Cv | Abstraction layer for default encryption with orthogonal encryption logic session object; and automated authentication, with a method for online litigation |
US9104862B2 (en) * | 2013-04-01 | 2015-08-11 | Uniquesoft, Llc | Secure computing device using new software versions |
US9361456B2 (en) * | 2013-04-01 | 2016-06-07 | Uniquesoft, Llc | Secure computing device using a library of programs |
US10275593B2 (en) * | 2013-04-01 | 2019-04-30 | Uniquesoft, Llc | Secure computing device using different central processing resources |
US9558358B2 (en) * | 2013-06-27 | 2017-01-31 | Visa International Service Association | Random number generator in a virtualized environment |
WO2015026336A1 (en) * | 2013-08-21 | 2015-02-26 | Intel Corporation | Processing data privately in the cloud |
CN103559458B (en) * | 2013-10-09 | 2016-08-17 | 广州华迅网络科技有限公司 | Data hash acquisition methods and system thereof |
US9235692B2 (en) * | 2013-12-13 | 2016-01-12 | International Business Machines Corporation | Secure application debugging |
AU2015277000C1 (en) * | 2014-06-18 | 2019-11-28 | Visa International Service Association | Efficient methods for authenticated communication |
WO2016033610A1 (en) * | 2014-08-29 | 2016-03-03 | Visa International Service Association | Methods for secure cryptogram generation |
US9584517B1 (en) * | 2014-09-03 | 2017-02-28 | Amazon Technologies, Inc. | Transforms within secure execution environments |
CN104243166A (en) * | 2014-09-05 | 2014-12-24 | 深圳市中兴移动通信有限公司 | Recording encryption method and device |
US9735968B2 (en) * | 2014-10-20 | 2017-08-15 | Microsoft Technology Licensing, Llc | Trust service for a client device |
CA2970195A1 (en) * | 2014-12-16 | 2016-06-23 | Kyndi, Inc. | Method and apparatus for randomizing computer instruction sets, memory registers and pointers |
EP3257227B1 (en) * | 2015-02-13 | 2021-03-31 | Visa International Service Association | Confidential communication management |
US9596263B1 (en) * | 2015-02-23 | 2017-03-14 | Amazon Technolgies, Inc. | Obfuscation and de-obfuscation of identifiers |
US10484168B2 (en) * | 2015-03-02 | 2019-11-19 | Dell Products L.P. | Methods and systems for obfuscating data and computations defined in a secure distributed transaction ledger |
US9712503B1 (en) * | 2015-03-23 | 2017-07-18 | Amazon Technologies, Inc. | Computing instance migration |
WO2016164275A1 (en) * | 2015-04-04 | 2016-10-13 | Eric Greenberg | Security system for data communications including key management and privacy |
WO2016168487A1 (en) * | 2015-04-14 | 2016-10-20 | Gigavation, Inc. | Paravirtualized security threat protection of a computer-driven system with networked devices |
US9753931B2 (en) * | 2015-05-19 | 2017-09-05 | Cryptomove, Inc. | Security via data concealment |
US20180089415A1 (en) * | 2015-06-11 | 2018-03-29 | International Business Machines Corporation | User trusted device for detecting a virtualized environment |
US9667606B2 (en) * | 2015-07-01 | 2017-05-30 | Cyphermatrix, Inc. | Systems, methods and computer readable medium to implement secured computational infrastructure for cloud and data center environments |
-
2015
- 2015-07-21 US US14/804,713 patent/US10110566B2/en active Active
-
2016
- 2016-07-20 EP EP16828463.6A patent/EP3326345B1/en active Active
- 2016-07-20 CN CN201680054703.XA patent/CN108476198B/en active Active
- 2016-07-20 AU AU2016297559A patent/AU2016297559B2/en active Active
- 2016-07-20 JP JP2018523361A patent/JP6880017B2/en active Active
- 2016-07-20 DK DK16828463.6T patent/DK3326345T3/en active
- 2016-07-20 KR KR1020187005125A patent/KR102315831B1/en active IP Right Grant
- 2016-07-20 CA CA2998323A patent/CA2998323C/en active Active
- 2016-07-20 WO PCT/US2016/043117 patent/WO2017015357A1/en active Application Filing
-
2018
- 2018-01-21 IL IL257040A patent/IL257040B/en active IP Right Grant
- 2018-09-28 US US16/146,212 patent/US10652216B2/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7430670B1 (en) * | 1999-07-29 | 2008-09-30 | Intertrust Technologies Corp. | Software self-defense systems and methods |
US20060259744A1 (en) * | 2005-05-11 | 2006-11-16 | Wolfgang Matthes | Method for information processing |
US20110225417A1 (en) * | 2006-12-13 | 2011-09-15 | Kavi Maharajh | Digital rights management in a mobile environment |
US20120066510A1 (en) * | 2010-09-15 | 2012-03-15 | At&T Intellectual Property I, L.P. | Methods, systems, and computer program products for performing homomorphic encryption and decryption on individual operations |
US20120159459A1 (en) * | 2010-12-17 | 2012-06-21 | Cisco Technology, Inc. | Optimizing symbol manipulation language-based executable applications for distributed execution |
US20140331279A1 (en) * | 2013-05-03 | 2014-11-06 | Selim Aissi | Security engine for a secure operating environment |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2021507438A (en) * | 2017-12-18 | 2021-02-22 | ユニバーシティ オブ セントラル フロリダ リサーチ ファウンデーション,インコーポレイテッド | How to Securely Execute Code Acting on Encrypted Data on Public Computers |
JP7177849B2 (en) | 2017-12-18 | 2022-11-24 | ユニバーシティ オブ セントラル フロリダ リサーチ ファウンデーション,インコーポレイテッド | How to safely run code that operates on encrypted data on public computers |
Also Published As
Publication number | Publication date |
---|---|
IL257040A (en) | 2018-03-29 |
US10110566B2 (en) | 2018-10-23 |
CN108476198B (en) | 2020-09-22 |
AU2016297559B2 (en) | 2020-09-03 |
EP3326345A1 (en) | 2018-05-30 |
US10652216B2 (en) | 2020-05-12 |
US20170026342A1 (en) | 2017-01-26 |
US20190044915A1 (en) | 2019-02-07 |
DK3326345T3 (en) | 2021-10-11 |
KR102315831B1 (en) | 2021-10-22 |
AU2016297559A1 (en) | 2018-03-15 |
CN108476198A (en) | 2018-08-31 |
EP3326345A4 (en) | 2019-03-27 |
JP6880017B2 (en) | 2021-06-02 |
IL257040B (en) | 2020-02-27 |
EP3326345B1 (en) | 2021-10-06 |
CA2998323C (en) | 2022-06-07 |
JP2018522291A (en) | 2018-08-09 |
CA2998323A1 (en) | 2017-01-26 |
KR20180084732A (en) | 2018-07-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
AU2016297559B2 (en) | Systems and processes for executing private programs on untrusted computers | |
CN110995409B (en) | Mimicry defense arbitration method and system based on partial homomorphic encryption algorithm | |
US9819657B2 (en) | Protection of memory interface | |
US10367637B2 (en) | Modular exponentiation with transparent side channel attack countermeasures | |
Kounavis et al. | Encrypting the internet | |
US8000473B2 (en) | Method and apparatus for generating cryptographic sets of instructions automatically and code generator | |
US20150215117A1 (en) | White box encryption apparatus and method | |
Iqbal et al. | An efficient grayscale image encryption scheme based on variable length row-column swapping operations | |
EP3698262B1 (en) | Protecting modular inversion operation from external monitoring attacks | |
KR100480998B1 (en) | Security apparatus and method for digital hardware system | |
Gupta et al. | An enhanced python based approach of secret sharing scheme with encryption | |
Lee et al. | Systematization of Shuffling Countermeasures: With an Application to CRYSTALS-Dilithium | |
Nimbe et al. | An improved symmetric cipher encryption for securing data | |
Ramamoorthy et al. | Recursively Seeded Image Encryption Algorithm | |
Karstens | Deniable Encryption | |
Kariapper | Cryptography in the Cloud: Securing Data in Cloud with Encryption |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 16828463 Country of ref document: EP Kind code of ref document: A1 |
|
DPE1 | Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101) | ||
WWE | Wipo information: entry into national phase |
Ref document number: 257040 Country of ref document: IL |
|
ENP | Entry into the national phase |
Ref document number: 2018523361 Country of ref document: JP Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
ENP | Entry into the national phase |
Ref document number: 20187005125 Country of ref document: KR Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2016828463 Country of ref document: EP |
|
ENP | Entry into the national phase |
Ref document number: 2998323 Country of ref document: CA |
|
ENP | Entry into the national phase |
Ref document number: 2016297559 Country of ref document: AU Date of ref document: 20160720 Kind code of ref document: A |