research-article

JCrypt: Towards Computation over Encrypted Data

Authors:

Julian DolbyAuthors Info & Claims

PPPJ '16: Proceedings of the 13th International Conference on Principles and Practices of Programming on the Java Platform: Virtual Machines, Languages, and Tools

Article No.: 8, Pages 1 - 12

https://doi.org/10.1145/2972206.2972209

Published: 29 August 2016 Publication History

Abstract

Cloud computing allows clients to upload data and computation to untrusted servers, which leads to potential violations to the confidentiality of client data. We propose JCrypt, a static program analysis which transforms a Java program into an equivalent one, so that it performs computation over encrypted data and preserves data confidentiality. JCrypt minimizes computation over encrypted data. It consists of two stages. The first stage is a type-based information flow analysis which partitions the program so that only sensitive parts need to be encrypted. The second stage is an inter-procedural data-flow analysis, similar to the classical Available Expressions. It deduces the appropriate encryption scheme for sensitive variables. We implemented JCrypt for Java and showed that our analysis is effective and practical using five benchmark suites. JCrypt encrypts a significantly larger percentage of benchmarks compared to MrCrypt, the closest related work.

References

[1]

J. A. Bank, A. C. Myers, and B. Liskov. Parameterized types for Java. In Proceedings of the 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL '97, pages 132--145, New York, NY, USA, 1997. ACM.

Digital Library

[2]

S. Chong, J. Liu, A. C. Myers, X. Qi, K. Vikram, L. Zheng, and X. Zheng. Secure web applications via automatic partitioning. In Proceedings of Twenty-first ACM SIGOPS Symposium on Operating Systems Principles, SOSP '07, pages 31--44, New York, NY, USA, 2007. ACM.

Digital Library

[3]

M. Cooney. IBM touts encryption innovation: New technology performs calculations on encrypted data without decrypting it. Network World, June 2009.

[4]

W. Dietl and P. MÃijller. Universes: Lightweight ownership for JML. Journal of Object Technology, 4(8):5--32, 2005.

[5]

A. J. Feldman, W. P. Zeller, M. J. Freedman, and E. W. Felten. SPORC: Group collaboration using untrusted cloud resources. In Proceedings of the 9th USENIX Conference on Operating Systems Design and Implementation, OSDI'10, Berkeley, CA, USA, 2010. USENIX Association.

Digital Library

[6]

C. Gentry. Fully homomorphic encryption using ideal lattices. In Proceedings of the Forty-first Annual ACM Symposium on Theory of Computing, STOC '09, pages 169--178, New York, NY, USA, 2009. ACM.

Digital Library

[7]

C. Gentry. Computing arbitrary functions of encrypted data. Commun. ACM, 53(3):97--105, Mar. 2010.

Digital Library

[8]

C. Gentry and S. Halevi. Implementing Gentry's fully-homomorphic encryption scheme. In Proceedings of the 30th Annual International Conference on Theory and Applications of Cryptographic Techniques: Advances in Cryptology, EUROCRYPT'11, pages 129--148, Berlin, Heidelberg, 2011. Springer-Verlag.

Digital Library

[9]

W. Huang, W. Dietl, A. Milanova, and M. D. Ernst. Inference and checking of object ownership. In Proceedings of the 26th European Conference on Object-Oriented Programming, ECOOP'12, pages 181--206, Berlin, Heidelberg, 2012. Springer-Verlag.

Digital Library

[10]

W. Huang, Y. Dong, and A. Milanova. Type-based taint analysis for Java web applications. In Proceedings of the 17th International Conference on Fundamental Approaches to Software Engineering - Volume 8411, pages 140--154, New York, NY, USA, 2014. Springer-Verlag New York, Inc.

Digital Library

[11]

W. Huang, Y. Dong, and A. Milanova. Type-based taint analysis for Java web applications. Technical report, Rensselaer Polytechnic Institute, Department of Computer Science, 2014.

[12]

W. Huang, Y. Dong, A. Milanova, and J. Dolby. Scalable and precise taint analysis for Android. In Proceedings of the 2015 International Symposium on Software Testing and Analysis, ISSTA 2015, pages 106--117, New York, NY, USA, 2015. ACM.

Digital Library

[13]

W. Huang, A. Milanova, W. Dietl, and M. D. Ernst. Reim & ReImInfer: Checking and inference of reference immutability and method purity. In Proceedings of the ACM International Conference on Object Oriented Programming Systems Languages and Applications, OOPSLA '12, pages 879--896, New York, NY, USA, 2012. ACM.

Digital Library

[14]

O. Lhoták and L. Hendren. Scaling Java points-to analysis using SPARK. In Proceedings of the 12th International Conference on Compiler Construction, CC'03, pages 153--169, Berlin, Heidelberg, 2003. Springer-Verlag.

Digital Library

[15]

N. Liu, X. Yang, X. H. Sun, J. Jenkins, and R. Ross. YARNsim: Simulating Hadoop YARN. In Cluster, Cloud and Grid Computing (CCGrid), 2015 15th IEEE/ACM International Symposium on, pages 637--646, May 2015.

Digital Library

[16]

P. Mahajan, S. Setty, S. Lee, A. Clement, L. Alvisi, M. Dahlin, and M. Walfish. Depot: Cloud storage with minimal trust. ACM Trans. Comput. Syst., 29(4):12:1--12:38, Dec. 2011.

Digital Library

[17]

A. Milanova and W. Huang. Dataflow and type-based formulations for reference immutability. In 19th International Workshop on Foundations of Object-Oriented Languages, FOOL'12, 2012.

[18]

A. Milanova and W. Huang. Inference and checking of context-sensitive pluggable types. In Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering, FSE '12, pages 26:1--26:4, New York, NY, USA, 2012. ACM.

Digital Library

[19]

A. Milanova and W. Huang. Composing polymorphic information flow systems with reference immutability. In Proceedings of the 15th Workshop on Formal Techniques for Java-like Programs, FTfJP '13, pages 5:1--5:7, New York, NY, USA, 2013. ACM.

Digital Library

[20]

A. Milanova, W. Huang, and Y. Dong. CFL-reachability and context-sensitive integrity types. In Proceedings of the 2014 International Conference on Principles and Practices of Programming on the Java Platform: Virtual Machines, Languages, and Tools, PPPJ '14, pages 99--109, New York, NY, USA, 2014. ACM.

[21]

R. Padhye and U. P. Khedker. Interprocedural data flow analysis in Soot using value contexts. In Proceedings of the 2Nd ACM SIGPLAN International Workshop on State Of the Art in Java Program Analysis, SOAP '13, pages 31--36, New York, NY, USA, 2013. ACM.

Digital Library

[22]

R. A. Popa, C. M. S. Redfield, N. Zeldovich, and H. Balakrishnan. CryptDB: Protecting confidentiality with encrypted query processing. In Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles, SOSP '11, pages 85--100, New York, NY, USA, 2011. ACM.

Digital Library

[23]

S. Rass and D. Slamanig. Cryptography for Security and Privacy in Cloud Computing. Artech House, Inc., Norwood, MA, USA, 2013.

Digital Library

[24]

A. Sampson, W. Dietl, E. Fortuna, D. Gnanapragasam, L. Ceze, and D. Grossman. Enerj: Approximate data types for safe and general low-power computation. In Proceedings of the 32Nd ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI '11, pages 164--174, New York, NY, USA, 2011. ACM.

Digital Library

[25]

M. Shah, E. Stark, R. A. Popa, and N. Zeldovich. Language support for efficient computation over encrypted data. In Off the Beaten Track Workshop: Underrepresented Problems for Programming Language Researchers, Philadelphia, PA, January 2012.

[26]

S. D. Tetali, M. Lesani, R. Majumdar, and T. Millstein. MrCrypt: Static analysis for secure cloud computations. In Proceedings of the 2013 ACM SIGPLAN International Conference on Object Oriented Programming Systems Languages & Applications, OOPSLA '13, pages 271--286, New York, NY, USA, 2013. ACM.

Digital Library

[27]

S. Zdancewic, L. Zheng, N. Nystrom, and A. C. Myers. Untrusted hosts and confidentiality: Secure program partitioning. In Proceedings of the Eighteenth ACM Symposium on Operating Systems Principles, SOSP '01, pages 1--14, New York, NY, USA, 2001. ACM.

Digital Library

Cited By

Mangipudi SChuprikov PEugster PViering MSavvides S(2023)Generalized Policy-Based Noninterference for Efficient Confidentiality-PreservationProceedings of the ACM on Programming Languages10.1145/35912317:PLDI(267-291)Online publication date: 6-Jun-2023
https://dl.acm.org/doi/10.1145/3591231
Fischer AFuhry BKußmaul JJanneck JKerschbaum FBodden E(2022)Computation on Encrypted Data Using Dataflow AuthenticationACM Transactions on Privacy and Security10.1145/351300525:3(1-36)Online publication date: 19-May-2022
https://dl.acm.org/doi/10.1145/3513005
Mazza SPatel DViola I(2021)Homomorphic-Encrypted Volume RenderingIEEE Transactions on Visualization and Computer Graphics10.1109/TVCG.2020.303043627:2(635-644)Online publication date: Mar-2021
https://doi.org/10.1109/TVCG.2020.3030436
Show More Cited By

Recommendations

MrCrypt: static analysis for secure cloud computations
OOPSLA '13: Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applications

In a common use case for cloud computing, clients upload data and computation to servers that are managed by a third-party infrastructure provider. We describe MrCrypt, a system that provides data confidentiality in this setting by executing client ...
MrCrypt: static analysis for secure cloud computations
OOPSLA '13

In a common use case for cloud computing, clients upload data and computation to servers that are managed by a third-party infrastructure provider. We describe MrCrypt, a system that provides data confidentiality in this setting by executing client ...
Confidential deniable authentication using promised signcryption

In a deniable authentication protocol, a receiver is convinced that a received message is indeed from a particular sender, but cannot prove this to any third party. Deniable authentication protocols satisfy deniability and intended receiver properties. ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

PPPJ '16: Proceedings of the 13th International Conference on Principles and Practices of Programming on the Java Platform: Virtual Machines, Languages, and Tools

August 2016

186 pages

ISBN:9781450341356

DOI:10.1145/2972206

Conference Chair:
Yudi Zheng
University of Lugano
,
General Chair:
Walter Binder,
Program Chair:
Petr Tůma

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

In-Cooperation

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 29 August 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

PPPJ '16

PPPJ '16: Virtual Machines, Languages, and Tools

August 29 - September 2, 2016

Lugano, Switzerland

Acceptance Rates

PPPJ '16 Paper Acceptance Rate 14 of 31 submissions, 45%;

Overall Acceptance Rate 29 of 58 submissions, 50%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

13
Total Citations
View Citations
143
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)1

Reflects downloads up to 27 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Mangipudi SChuprikov PEugster PViering MSavvides S(2023)Generalized Policy-Based Noninterference for Efficient Confidentiality-PreservationProceedings of the ACM on Programming Languages10.1145/35912317:PLDI(267-291)Online publication date: 6-Jun-2023
https://dl.acm.org/doi/10.1145/3591231
Fischer AFuhry BKußmaul JJanneck JKerschbaum FBodden E(2022)Computation on Encrypted Data Using Dataflow AuthenticationACM Transactions on Privacy and Security10.1145/351300525:3(1-36)Online publication date: 19-May-2022
https://dl.acm.org/doi/10.1145/3513005
Mazza SPatel DViola I(2021)Homomorphic-Encrypted Volume RenderingIEEE Transactions on Visualization and Computer Graphics10.1109/TVCG.2020.303043627:2(635-644)Online publication date: Mar-2021
https://doi.org/10.1109/TVCG.2020.3030436
Fischer AFuhry BKerschbaum FBodden E(2020)Computation on Encrypted Data using Dataflow AuthenticationProceedings on Privacy Enhancing Technologies10.2478/popets-2020-00022020:1(5-25)Online publication date: 7-Jan-2020
https://doi.org/10.2478/popets-2020-0002
Milanova A(2020)FlowCFL: generalized type-based reachability analysis: graph reduction and equivalence of CFL-based and type-based reachabilityProceedings of the ACM on Programming Languages10.1145/34282464:OOPSLA(1-29)Online publication date: 13-Nov-2020
https://dl.acm.org/doi/10.1145/3428246
Fischer AJanneck JKussmaul JKratzschmar NKerschbaum FBodden E(2020)PASAPTO: Policy-aware Security and Performance Trade-off Analysis--Computation on Encrypted Data with Restricted Leakage2020 IEEE 33rd Computer Security Foundations Symposium (CSF)10.1109/CSF49147.2020.00024(230-245)Online publication date: Jun-2020
https://doi.org/10.1109/CSF49147.2020.00024
Dathathri RSaarikivi OChen HLaine KLauter KMaleki SMusuvathi MMytkowicz TMcKinley KFisher K(2019)CHET: an optimizing compiler for fully-homomorphic neural-network inferencingProceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation10.1145/3314221.3314628(142-156)Online publication date: 8-Jun-2019
https://dl.acm.org/doi/10.1145/3314221.3314628
Baudart GDolby JDuesterwald EHirzel MShinnar ABoix EGabriel R(2018)Protecting chatbots from toxic contentProceedings of the 2018 ACM SIGPLAN International Symposium on New Ideas, New Paradigms, and Reflections on Programming and Software10.1145/3276954.3276958(99-110)Online publication date: 24-Oct-2018
https://dl.acm.org/doi/10.1145/3276954.3276958
Dong YMilanova ADolby J(2018)SecureMRACM SIGPLAN Notices10.1145/3200691.317852053:1(389-390)Online publication date: 10-Feb-2018
https://dl.acm.org/doi/10.1145/3200691.3178520
Dong YMilanova ADolby JSingh MWilliams LKuhn RXie T(2018)SecureMRProceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security10.1145/3190619.3190638(1-13)Online publication date: 10-Apr-2018
https://dl.acm.org/doi/10.1145/3190619.3190638
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents