MACS Project Meeting, January 2018

Date:
Monday, January 29, 2018

Location:
Boston University, Hariri Seminar Room, MCS building room 180

Schedule:

11 – 12:15
12:15 – 1:15 Lunch (provided)
1:15 – 2:15
  • Malte Schwarzkopf, Conclave: Secure Multi-Party Computation on Big Data (pdf)
  • Chenglu Jin, Secure Sensor Function
2:15 – 2:30 Break
2:30 – 3 Srini Devadas, Discussion on Meltdown and Spectre attacks and implications on the MACS project (pptx)
3 – 4 Faculty-only discussion

Selected abstracts:

Yossi Gilad, Stadium: A Distributed Metadata-Private Messaging System

Private communication over the Internet remains a challenging problem. Even if messages are encrypted, it is hard to deliver them without revealing metadata about which pairs of users are communicating. Scalable anonymity systems, such as Tor, are susceptible to traffic analysis attacks that leak metadata. In contrast, the largest-scale systems with metadata privacy require passing all messages through a small number of providers, requiring a high operational cost for each provider and limiting their deployability in practice.

This paper presents Stadium, a point-to-point messaging system that provides metadata and data privacy while scaling its work efficiently across hundreds of low-cost providers operated by different organizations. Much like Vuvuzela, the current largest-scale metadata-private system, Stadium achieves its provable guarantees through differential privacy and the addition of noisy cover traffic. The key challenge in Stadium is limiting the information revealed from the many observable traffic links of a highly distributed system, without requiring an overwhelming amount of noise. To solve this challenge, Stadium introduces techniques for distributed noise generation and differentially private routing as well as a verifiable parallel mixnet design where the servers collaboratively check that others follow the protocol. We show that Stadium can scale to support 4x more users than Vuvuzela using servers that cost an order of magnitude less to operate than Vuvuzela nodes.

 

Vinod Vaikuntanathan, Gazelle: A Low Latency Framework for Secure Neural Network Inference

The growing popularity of cloud-based machine learning raises a natural question about the privacy guarantees that can be provided in such a setting. Our work tackles this problem in the context where a client wishes to classify private images using a convolutional neural network (CNN) trained by a server. Our goal is to build efficient protocols whereby the client can acquire the classification result without revealing their input to the server, while guaranteeing the privacy of the server’s neural network.

To this end, we design GAZELLE, a scalable and low-latency system for secure neural network inference, using an intricate combination of homomorphic encryption and traditional two-party computation techniques (such as garbled circuits). GAZELLE makes three contributions. First, we design the GAZELLE homomorphic encryption library which provides fast algorithms for basic homomorphic operations such as SIMD (single instruction multiple data) addition, SIMD multiplication and ciphertext permutation. Second, we implement the GAZELLE homomorphic linear algebra kernels which map neural network layers to optimized homomorphic matrix-vector multiplication and convolution routines. Third, we design optimized encryption switching protocols which seamlessly convert between homomorphic and garbled circuit encodings to enable implementation of complete neural network inference.

We evaluate our protocols on benchmark neural networks trained on the MNIST and CIFAR-10 datasets and show that GAZELLE outperforms the best existing systems such as MiniONN by 20x and Chameleon by 30x in online runtime. Similarly when compared with fully homomorphic approaches like CryptoNets we demonstrate three orders of magnitude faster online run-time.

 

Malte Schwarzkopf, Conclave: Secure Multi-Party Computation on Big Data

Secure multi-party computation (MPC) allows mutually distrusting parties
to run joint computations without revealing any private data.
Unfortunately, current MPC algorithms scale poorly with the size of the
data processed. This makes MPC on “big data” prohibitively slow and
inhibits many use cases.

Most analytics queries, however, can maintain the end-to-end security
guarantee without running entirely under MPC’s cryptographic
techniques. Conclave is a query compiler that automatically
accelerates such queries by transforming a relational query into a
combination of scalable, local, cleartext processing and small, isolated
MPC steps. For further speedups, Conclave introduces new hybrid
MPC-cleartext protocols that rely on existing trust relationships
between parties to run additional steps outside MPC.

Our Conclave prototype generates code for local, scalable cleartext
processing in Spark, and for secure MPC using the Sharemind framework,
and manages its execution. In experiments, Conclave scales to data sets
between three and six orders of magnitude larger than state-of-the-art
MPC frameworks can support, and delivers results in minutes.