Event Scheduled for Oct 11, 2013
Event: ECE Seminar - Secure Computation on Encrypted Data - presented by Marten Van Dijk, Electrical and Computer Engineering, University of Connecticut
Location: Information Technologies Engineering Building (ITEB), room 336
Time: 11:00 am
Details of Event:
Secure Computation on Encrypted Data
Marten Van Dijk, Electrical and Computer Engineering, University of Connecticut
Friday, October 11, 11 am, ITEB 336
Abstract: One of the key issues in cloud computing is how to keep private data private. From financial information to medical records, sensitive data is stored and computed upon in the cloud. Computation requires the data to be exposed to the cloud servers, which may be attacked by malicious applications, hypervisors, operating systems, or by insiders. Encrypted computation has the potential to solve this data privacy problem: e.g., Fully Homomorphic Encryption (FHE) has been coined the Holy Grail of cryptography since it allows an untrusted server to perform computation directly on an encrypted ciphertext without having access to the decryption key. As opposed to current secure hardware solutions (e.g., Intel+TXT, XOM or Aegis), FHE does not require the user to trust any component on the server side -- even the application program can be untrusted.
Motivated by large FHE overheads and FHE's limitations, we solve the problem of placing trust in programs by designing a tamper-resistant single-chip processor called Ascend (Architecture for Secure Computation on ENcrypted Data) that can run untrusted batch programs without leaking information about private input data over its external input/output pins. Ascend uses Path ORAM, an extremely simple, efficient and novel Oblivious RAM protocol for obfuscating memory access patterns. Surprisingly, Ascend incurs only about 5x performance overhead relative to insecure computation, which is orders of magnitude better than what FHE can achieve.
If time permits, we will discuss further ongoing research, in particular, explain how Ascend can be extended to support applications that fit into a streaming model. Simulation results show that with smart scheduling algorithms, the performance overhead of Stream-Ascend relative to an insecure and idealized baseline processor is only 24.5%, 0.7%, and 3.9% for a set of streaming benchmarks in a large dataset processing application.
Based on joint work with S. Devadas, C.W. Fletcher, O. Khan, L. Ren, E. Shi, E. Stefanov, X. Yu.
Bio: Marten van Dijk is an Associate Professor of Electrical and Computing Engineering, University of Connecticut, with over 10 years research experience in system security both in academia (MIT CSAIL) and industry (Philips Research and RSA Laboratories): He has been part of the team that first introduced circuit realizations of Physical Unclonable Functions (PUFs). He has been working on processor architectures that offer strong security guarantees; most notably the design of Aegis, the first single-chip secure processor that verifies integrity and freshness of external memory. Marten's interests are in system security encompassing computer architecture, cryptology, algorithms and other related fields such as information theory, game theory and machine learning.
Sponsored By: Electrical and Computer Engineering
Pamphlet/Flyer: No Pamphlet/Flyer Available