skip to main content
research-article
Open Access
Artifacts Available
Artifacts Evaluated & Functional

A language for probabilistically oblivious computation

Published:20 December 2019Publication History
Related Artifact: OblivML software https://doi.org/10.5281/zenodo.3546500
Skip Abstract Section

Abstract

An oblivious computation is one that is free of direct and indirect information leaks, e.g., due to observable differences in timing and memory access patterns. This paper presents Lambda Obliv, a core language whose type system enforces obliviousness. Prior work on type-enforced oblivious computation has focused on deterministic programs. Lambda Obliv is new in its consideration of programs that implement probabilistic algorithms, such as those involved in cryptography. Lambda Obliv employs a substructural type system and a novel notion of probability region to ensure that information is not leaked via the observed distribution of visible events. Probability regions support reasoning about probabilistic correlation and independence between values, and our use of probability regions is motivated by a source of unsoundness that we discovered in the type system of ObliVM, a language for implementing state of the art oblivious algorithms. We prove that Lambda Obliv's type system enforces obliviousness and show that it is expressive enough to typecheck advanced tree-based oblivious RAMs.

Skip Supplemental Material Section

Supplemental Material

a50-darais.webm

References

  1. Johan Agat. 2000. Transforming out Timing Leaks. In POPL.Google ScholarGoogle Scholar
  2. Aslan Askarov, Danfeng Zhang, and Andrew C. Myers. 2010. Predictive black-box mitigation of timing channels. In CCS.Google ScholarGoogle Scholar
  3. Henry G. Baker. 1992. Lively Linear Lisp: “Look Ma, No Garbage!”;. SIGPLAN Not. 27, 8 (Aug. 1992), 89–98. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Tyler Barker. 2016. A Monad for Randomized Algorithms. Electronic Notes in Theoretical Computer Science 325 (2016), 47 – 62. Google ScholarGoogle ScholarCross RefCross Ref
  5. Gilles Barthe, Thomas Espitau, Marco Gaboardi, Benjamin Grégoire, Justin Hsu, and Pierre-Yves Strub. 2018. An AssertionBased Program Logic for Probabilistic Programs. In Programming Languages and Systems, Amal Ahmed (Ed.). Springer International Publishing, Cham, 117–144.Google ScholarGoogle Scholar
  6. Gilles Barthe, Thomas Espitau, Benjamin Gr\’egoire, Justin Hsu, and Pierre-Yves Strub. 2017a. Proving uniformity and independence by self-composition and coupling. In LPAR-21. 21st International Conference on Logic for Programming, Artificial Intelligence and Reasoning (EPiC Series in Computing), Thomas Eiter and David Sands (Eds.), Vol. 46. EasyChair, 385–403. Google ScholarGoogle ScholarCross RefCross Ref
  7. Gilles Barthe, Cédric Fournet, Benjamin Grégoire, Pierre-Yves Strub, Nikhil Swamy, and Santiago Zanella-Béguelin. 2014. Probabilistic Relational Verification for Cryptographic Implementations. In Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL ’14). ACM, New York, NY, USA, 193–205. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Gilles Barthe, Marco Gaboardi, Emilio Jesús Gallego Arias, Justin Hsu, Aaron Roth, and Pierre-Yves Strub. 2015. Higher-order approximate relational refinement types for mechanism design and differential privacy. In ACM SIGPLAN Notices, Vol. 50. ACM, 55–68.Google ScholarGoogle Scholar
  9. Gilles Barthe, Benjamin Grégoire, Justin Hsu, and Pierre-Yves Strub. 2017b. Coupling Proofs Are Probabilistic Product Programs. In Proceedings of the 44th ACM SIGPLAN Symposium on Principles of Programming Languages (POPL 2017). ACM, New York, NY, USA, 161–174. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Gilles Barthe, Justin Hsu, and Kevin Liao. 2020. A Probabilistic Separation Logic. PACMPL 4, POPL (2020).Google ScholarGoogle Scholar
  11. Gilles Barthe, Boris Köpf, Federico Olmedo, and Santiago Zanella Béguelin. 2013. Probabilistic Relational Reasoning for Differential Privacy. ACM Trans. Program. Lang. Syst. 35, 3 (2013), 9:1–9:49.Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Gilles Barthe, Tamara Rezk, Alejandro Russo, and Andrei Sabelfeld. 2010. Security of multithreaded programs by compilation. ACM Transactions on Information and System Security (TISSEC) 13, 3 (2010), 21.Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Marina Blanton, Aaron Steele, and Mehrdad Alisagari. 2013. Data-oblivious Graph Algorithms for Secure Computation and Outsourcing. In ASIA CCS.Google ScholarGoogle Scholar
  14. David Brumley and Dan Boneh. 2003. Remote Timing Attacks Are Practical. In USENIX Security.Google ScholarGoogle Scholar
  15. T-H. Hubert Chan, Kai-Min Chung, Bruce M. Maggs, and Elaine Shi. 2019. Foundations of Differentially Oblivious Algorithms. In Proceedings of the Thirtieth Annual ACM-SIAM Symposium on Discrete Algorithms (SODA ’19). Society for Industrial and Applied Mathematics, Philadelphia, PA, USA, 2448–2467. http://dl.acm.org/citation.cfm?id=3310435.3310585Google ScholarGoogle ScholarCross RefCross Ref
  16. David Darais, Ian Sweet, Chang Liu, and Michael Hicks. 2019. A Language for Probabilistically Oblivious Computation. Technical Report abs/1711.09305. CoRR. arXiv: 1711.09305Google ScholarGoogle Scholar
  17. D. Dolev and A. C. Yao. 1981. On the Security of Public Key Protocols. In Proceedings of the 22nd Annual Symposium on Foundations of Computer Science (SFCS).Google ScholarGoogle Scholar
  18. Maryam Emami, Rakesh Ghiya, and Laurie J. Hendren. 1994. Context-sensitive Interprocedural Points-to Analysis in the Presence of Function Pointers. In PLDI.Google ScholarGoogle Scholar
  19. David Eppstein, Michael T. Goodrich, and Roberto Tamassia. 2010. Privacy-preserving data-oblivious geometric algorithms for geographic data. In GIS.Google ScholarGoogle Scholar
  20. Matthias Felleisen and Robert Hieb. 1992. The revised report on the syntactic theories of sequential control and state. Theoretical computer science 103, 2 (1992), 235–271.Google ScholarGoogle Scholar
  21. Christopher W. Fletcher, Ling Ren, Xiangyao Yu, Marten van Dijk, Omer Khan, and Srinivas Devadas. 2014. Suppressing the Oblivious RAM timing channel while making information leakage and program efficiency trade-offs. In HPCA.Google ScholarGoogle Scholar
  22. Marco Gaboardi, Andreas Haeberlen, Justin Hsu, Arjun Narayan, and Benjamin C Pierce. 2013. Linear dependent types for differential privacy. In ACM SIGPLAN Notices, Vol. 48. ACM, 357–370.Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Michèle Giry. 1982. A categorical approach to probability theory. In Categorical Aspects of Topology and Analysis, B. Banaschewski (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 68–85.Google ScholarGoogle Scholar
  24. J.A. Goguen and J. Meseguer. 1982. Security policy and security models. In IEEE S & P.Google ScholarGoogle Scholar
  25. O. Goldreich. 1987. Towards a theory of software protection and simulation by oblivious RAMs. In STOC.Google ScholarGoogle Scholar
  26. O. Goldreich, S. Micali, and A. Wigderson. 1987. How to play ANY mental game. In STOC.Google ScholarGoogle Scholar
  27. Oded Goldreich and Rafail Ostrovsky. 1996. Software protection and simulation on oblivious RAMs. J. ACM (1996).Google ScholarGoogle Scholar
  28. Michael T. Goodrich, Olga Ohrimenko, and Roberto Tamassia. 2012. Data-Oblivious Graph Drawing Model and Algorithms. CoRR abs/1209.0756 (2012).Google ScholarGoogle Scholar
  29. Matt Hoekstra. 2015. Intel SGX for Dummies (Intel SGX Design Objectives). https://software.intel.com/en- us/blogs/2013/ 09/26/protecting- application- secrets- with- intel- sgx .Google ScholarGoogle Scholar
  30. Justin Hsu. 2017. Probabilistic Couplings for Probabilistic Reasoning. CoRR abs/1710.09951 (2017). arXiv: 1710.09951 http://arxiv.org/abs/1710.09951Google ScholarGoogle Scholar
  31. Daniel Huang and Greg Morrisett. 2016. An Application of Computable Distributions to the Semantics of Probabilistic Programming Languages. In Programming Languages and Systems, Peter Thiemann (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 337–363.Google ScholarGoogle Scholar
  32. Mohammad Islam, Mehmet Kuzu, and Murat Kantarcioglu. 2012. Access Pattern disclosure on Searchable Encryption: Ramification, Attack and Mitigation. In Network and Distributed System Security Symposium (NDSS).Google ScholarGoogle Scholar
  33. Ralf Jung, Jacques-Henri Jourdan, Robbert Krebbers, and Derek Dreyer. 2018. RustBelt: Securing the Foundations of the Rust Programming Language. Proc. ACM Program. Lang. POPL (2018).Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Paul Kocher, Jann Horn, Anders Fogh, , Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom. 2019. Spectre Attacks: Exploiting Speculative Execution. In IEEE Symposium on Security and Privacy (S&P).Google ScholarGoogle Scholar
  35. Paul Kocher, Ruby Lee, Gary McGraw, and Anand Raghunathan. 2004. Security As a New Dimension in Embedded System Design. In Proceedings of the 41st Annual Design Automation Conference (DAC ’04). 753–760. Moderator-Ravi, Srivaths.Google ScholarGoogle ScholarDigital LibraryDigital Library
  36. Paul C. Kocher. 1996. Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems. In CRYPTO.Google ScholarGoogle Scholar
  37. Boris Köpf and Andrey Rybalchenko. 2013. Automation of quantitative information-flow analysis. In Formal Methods for Dynamical Systems.Google ScholarGoogle Scholar
  38. Dexter Kozen. 1979. Semantics of Probabilistic Programs. In Proceedings of the 20th Annual Symposium on Foundations of Computer Science (SFCS ’79). IEEE Computer Society, Washington, DC, USA, 101–114. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. Butler W. Lampson. 1973. A Note on the Confinement Problem. Commun. ACM (1973).Google ScholarGoogle Scholar
  40. Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. 2018. Meltdown: Reading Kernel Memory from User Space. In USENIX Security.Google ScholarGoogle Scholar
  41. Chang Liu, Austin Harris, Martin Maas, Michael Hicks, Mohit Tiwari, and Elaine Shi. 2015a. GhostRider: A HardwareSoftware System for Memory Trace Oblivious Computation. In ASPLOS.Google ScholarGoogle Scholar
  42. Chang Liu, Michael Hicks, and Elaine Shi. 2013. Memory Trace Oblivious Program Execution. In CSF.Google ScholarGoogle Scholar
  43. Chang Liu, Yan Huang, Elaine Shi, Jonathan Katz, and Michael Hicks. 2014. Automating Efficient RAM-Model Secure Computation. In IEEE S & P.Google ScholarGoogle Scholar
  44. Chang Liu, Xiao Shaun Wang, Kartik Nayak, Yan Huang, and Elaine Shi. 2015b. ObliVM: A Programming Framework for Secure Computation. In IEEE S & P.Google ScholarGoogle Scholar
  45. Isaac Liu, Jan Reineke, David Broman, Michael Zimmer, and Edward A. Lee. 2012. A PRET microarchitecture implementation with repeatable timing and competitive performance. In ICCD.Google ScholarGoogle Scholar
  46. Martin Maas, Eric Love, Emil Stefanov, Mohit Tiwari, Elaine Shi, Kriste Asanovic, John Kubiatowicz, and Dawn Song. 2013. Phantom: Practical Oblivious Computation in a Secure Processor. In CCS.Google ScholarGoogle ScholarDigital LibraryDigital Library
  47. David Molnar, Matt Piotrowski, David Schultz, and David Wagner. 2006. The Program Counter Security Model: Automatic Detection and Removal of Control-flow Side Channel Attacks. In ICISC.Google ScholarGoogle Scholar
  48. David Monniaux. 2000. Abstract Interpretation of Probabilistic Semantics. In Seventh International Static Analysis Symposium (SAS’00) (Lecture Notes in Computer Science). Springer Verlag, 322–339. Google ScholarGoogle ScholarCross RefCross Ref
  49. Chunyan Mu and David Clark. 2009. An abstraction quantifying information flow over probabilistic semantics. In Workshop on Quantitative Aspects of Programming Languages (QAPL).Google ScholarGoogle Scholar
  50. Tri Minh Ngo, Mariëlle Stoelinga, and Marieke Huisman. 2014. Effective verification of confidentiality for multi-threaded programs. Journal of computer security 22, 2 (2014).Google ScholarGoogle ScholarCross RefCross Ref
  51. Olga Ohrimenko, Felix Schuster, Cédric Fournet, Aastha Mehta, Sebastian Nowozin, Kapil Vaswani, and Manuel Costa. 2016. Oblivious Multi-party Machine Learning on Trusted Processors. In Proceedings of the 25th USENIX Conference on Security Symposium (SEC’16). USENIX Association, Berkeley, CA, USA, 619–636. http://dl.acm.org/citation.cfm?id=3241094. 3241143Google ScholarGoogle ScholarDigital LibraryDigital Library
  52. Sungwoo Park, Frank Pfenning, and Sebastian Thrun. 2008. A Probabilistic Language Based on Sampling Functions. ACM Trans. Program. Lang. Syst. 31, 1, Article 4 (Dec. 2008), 46 pages. Google ScholarGoogle ScholarDigital LibraryDigital Library
  53. Norman Ramsey and Avi Pfeffer. 2002a. Stochastic Lambda Calculus and Monads of Probability Distributions. In POPL.Google ScholarGoogle Scholar
  54. Norman Ramsey and Avi Pfeffer. 2002b. Stochastic Lambda Calculus and Monads of Probability Distributions. In Proceedings of the 29th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL ’02). ACM, New York, NY, USA, 154–165. Google ScholarGoogle ScholarDigital LibraryDigital Library
  55. Robert Rand and Steve Zdancewic. 2015. VPHL. Electron. Notes Theor. Comput. Sci. 319, C (Dec. 2015), 351–367. Google ScholarGoogle ScholarDigital LibraryDigital Library
  56. Jason Reed and Benjamin C Pierce. 2010. Distance makes the types grow stronger: a calculus for differential privacy. ACM Sigplan Notices 45, 9 (2010), 157–168.Google ScholarGoogle ScholarDigital LibraryDigital Library
  57. Ling Ren, Xiangyao Yu, Christopher W. Fletcher, Marten van Dijk, and Srinivas Devadas. 2013. Design space exploration and optimization of path oblivious RAM in secure processors. In ISCA.Google ScholarGoogle Scholar
  58. Alejandro Russo, John Hughes, David A. Naumann, and Andrei Sabelfeld. 2006. Closing Internal Timing Channels by Transformation. In Annual Asian Computing Science Conference (ASIAN).Google ScholarGoogle Scholar
  59. Alejandro Russo and Andrei Sabelfeld. 2006. Securing interaction between threads and the scheduler. In CSF-W.Google ScholarGoogle Scholar
  60. A. Sabelfeld and A. C. Myers. 2006. Language-based Information-flow Security. IEEE J.Sel. A. Commun. 21, 1 (Sept. 2006).Google ScholarGoogle ScholarDigital LibraryDigital Library
  61. Andrei Sabelfeld and David Sands. 2000. Probabilistic noninterference for multi-threaded programs. In CSF-W.Google ScholarGoogle Scholar
  62. Tetsuya Sato, Alejandro Aguirre, Gilles Barthe, Marco Gaboardi, Deepak Garg, and Justin Hsu. 2019. Formal Verification of Higher-order Probabilistic Programs: Reasoning About Approximation, Convergence, Bayesian Inference, and Optimization. Proc. ACM Program. Lang. 3, POPL, Article 38 (Jan. 2019), 30 pages. Google ScholarGoogle ScholarDigital LibraryDigital Library
  63. Adam Ścibior, Zoubin Ghahramani, and Andrew D. Gordon. 2015. Practical Probabilistic Programming with Monads. In Proceedings of the 2015 ACM SIGPLAN Symposium on Haskell (Haskell ’15). ACM, New York, NY, USA, 165–176. Google ScholarGoogle ScholarDigital LibraryDigital Library
  64. Elaine Shi, T.-H. Hubert Chan, Emil Stefanov, and Mingfei Li. 2011. Oblivious RAM with O((log N ) 3 ) Worst-Case Cost. In ASIACRYPT.Google ScholarGoogle Scholar
  65. Calvin Smith, Justin Hsu, and Aws Albarghouthi. 2019. Trace Abstraction Modulo Probability. Proc. ACM Program. Lang. 3, POPL, Article 39 (Jan. 2019), 31 pages. Google ScholarGoogle ScholarDigital LibraryDigital Library
  66. Geoffrey Smith. 2003. Probabilistic noninterference through weak probabilistic bisimulation. In CSF-W.Google ScholarGoogle Scholar
  67. Geoffrey Smith and Rafael Alpízar. 2006. Secure Information Flow with Random Assignment and Encryption. In Workshop on Formal Methods in Security (FMSE).Google ScholarGoogle Scholar
  68. Geoffrey Smith and Rafael Alpízar. 2007. Fast Probabilistic Simulation, Nontermination, and Secure Information Flow. In PLAS.Google ScholarGoogle Scholar
  69. Emil Stefanov, Marten van Dijk, Elaine Shi, Christopher Fletcher, Ling Ren, Xiangyao Yu, and Srinivas Devadas. 2013. Path ORAM – an Extremely Simple Oblivious RAM Protocol. In CCS.Google ScholarGoogle Scholar
  70. G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten van Dijk, and Srinivas Devadas. 2003. AEGIS: architecture for tamper-evident and tamper-resistant processing. In ICS.Google ScholarGoogle Scholar
  71. David Lie Chandramohan Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell, and Mark Horowitz. 2000. Architectural support for copy and tamper resistant software. SIGOPS Oper. Syst. Rev. 34, 5 (Nov. 2000).Google ScholarGoogle Scholar
  72. Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, and Raoul Strackx. 2018. Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-order Execution. In USENIX Security.Google ScholarGoogle ScholarDigital LibraryDigital Library
  73. Dennis Volpano, Cynthia Irvine, and Geoffrey Smith. 1996. A Sound Type System for Secure Flow Analysis. J. Comput. Secur. 4, 2-3 (Jan. 1996).Google ScholarGoogle ScholarDigital LibraryDigital Library
  74. Xiao Wang, Hubert Chan, and Elaine Shi. 2015. Circuit ORAM: On tightness of the Goldreich-Ostrovsky lower bound. In CCS.Google ScholarGoogle Scholar
  75. Xiao Shaun Wang, Kartik Nayak, Chang Liu, T-H. Hubert Chan, Elaine Shi, Emil Stefanov, and Yan Huang. 2014. Oblivious Data Structures. In CCS.Google ScholarGoogle Scholar
  76. Andrew Chi-Chih Yao. 1986. How to generate and exchange secrets. In FOCS.Google ScholarGoogle Scholar
  77. Samee Zahur and David Evans. 2013. Circuit Structures for Improving Efficiency of Security and Privacy Tools. In S & P.Google ScholarGoogle Scholar
  78. Danfeng Zhang, Aslan Askarov, and Andrew C. Myers. 2011. Predictive Mitigation of Timing Channels in Interactive Systems. In CCS.Google ScholarGoogle Scholar
  79. Danfeng Zhang, Aslan Askarov, and Andrew C. Myers. 2012. Language-based Control and Mitigation of Timing Channels. In PLDI.Google ScholarGoogle Scholar
  80. Danfeng Zhang and Daniel Kifer. 2017. LightDP: Towards Automating Differential Privacy Proofs. In POPL.Google ScholarGoogle Scholar
  81. Danfeng Zhang, Yao Wang, G. Edward Suh, and Andrew C. Myers. 2015. A Hardware Design Language for Timing-Sensitive Information-Flow Security. In ASPLOS.Google ScholarGoogle Scholar
  82. Hengchu Zhang, Edo Roth, Andreas Haeberlen, Benjamin C. Pierce, and Aaron Roth. 2019a. Fuzzi: A Three-level Logic for Differential Privacy. PACMPL 3, ICFP (2019).Google ScholarGoogle Scholar
  83. Hengchu Zhang, Edo Roth, Andreas Haeberlen, Benjamin C. Pierce, and Aaron Roth. 2019b. Fuzzi: A Three-Level Logic for Differential Privacy. CoRR abs/1905.12594 (2019). arXiv: 1905.12594 http://arxiv.org/abs/1905.12594Google ScholarGoogle Scholar
  84. Xiaotong Zhuang, Tao Zhang, and Santosh Pande. 2004. HIDE: an infrastructure for efficiently protecting information leakage on the address bus. SIGARCH Comput. Archit. News 32, 5 (Oct. 2004).Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. A language for probabilistically oblivious computation

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!