eCommons

 

Provably Correct Compilation for Distributed Cryptographic Applications

Other Titles

Abstract

Developing secure distributed systems is difficult, and even harder when advanced cryptography must be used to achieve security goals. We present Viaduct, a compiler that transforms high-level programs into secure, efficient distributed realizations. Instead of implementing a system of communicating processes, the Viaduct programmer implements a centralized, sequential program which is automatically compiled into a secure distributed version that uses cryptography. Viaduct programs specify security policies declaratively using information-flow labels, and need not mention cryptographic primitives. Unlike prior compilers for cryptographic libraries, Viaduct is general and extensible: it can efficiently and automatically combine local computation with multiple advanced cryptographic primitives such as commitments, zero-knowledge proofs, secure multiparty computation, and fully homomorphic encryption. We develop a modular security proof for Viaduct that abstracts away from the details of cryptographic mechanisms. Our proof relies on a novel unification of simulation-based security, information-flow control, choreographic programming, and sequentialization techniques for concurrent programs. To our knowledge, this is the first security proof that simultaneously addresses subtleties essential for robust, performant applications, such as multiple cryptographic mechanisms, malicious corruption, and asynchronous communication. Our approach offers a clear path toward leveraging Universal Composability to obtain end-to-end security with fully instantiated cryptographic mechanisms.

Journal / Series

Volume & Issue

Description

147 pages

Sponsorship

Date Issued

2023-08

Publisher

Keywords

Compilers; Cryptography; Distributed Systems; Information Flow Control; Secure Program Partitioning; Security and Privacy

Location

Effective Date

Expiration Date

Sector

Employer

Union

Union Local

NAICS

Number of Workers

Committee Chair

Myers, Andrew

Committee Co-Chair

Committee Member

Shi, Runting
Kozen, Dexter

Degree Discipline

Computer Science

Degree Name

Ph. D., Computer Science

Degree Level

Doctor of Philosophy

Related Version

Related DOI

Related To

Related Part

Based on Related Item

Has Other Format(s)

Part of Related Item

Related To

Related Publication(s)

Link(s) to Related Publication(s)

References

Link(s) to Reference(s)

Previously Published As

Government Document

ISBN

ISMN

ISSN

Other Identifiers

Rights

Attribution 4.0 International

Types

dissertation or thesis

Accessibility Feature

Accessibility Hazard

Accessibility Summary

Link(s) to Catalog Record