Forum for Science, Industry and Business

Sponsored by:     3M 
Search our Site:

 

New system allows cloud customers to detect program-tampering

12.09.2013
A new version of 'zero-knowledge proofs' allows cloud customers to verify the proper execution of their software with a single packet of data

For small and midsize organizations, the outsourcing of demanding computational tasks to the cloud — huge banks of computers accessible over the Internet — can be much more cost-effective than buying their own hardware.

But it also poses a security risk: A malicious hacker could rent space on a cloud server and use it to launch programs that hijack legitimate applications, interfering with their execution.

In August, at the International Cryptology Conference, researchers from MIT and Israel's Technion and Tel Aviv University presented a new system that can quickly verify that a program running on the cloud is executing properly. That amounts to a guarantee that no malicious code is interfering with the program's execution.

The same system also protects the data used by applications running in the cloud, cryptographically ensuring that the user won't learn anything other than the immediate results of the requested computation. If, for instance, hospitals were pooling medical data in a huge database hosted on the cloud, researchers could look for patterns in the data without compromising patient privacy.

Although the paper reports new theoretical results, the researchers have also built working code that implements their system. At present, it works only with programs written in the C programming language, but adapting it to other languages should be straightforward.

The new work, like much current research on secure computation, requires that computer programs be represented as circuits. So the researchers' system includes a "circuit generator" that automatically converts C code to circuit diagrams. The circuits it produces, however, are much smaller than those produced by its predecessors, so by itself, the circuit generator may find other applications in cryptography.

Zero knowledge

Alessandro Chiesa, a graduate student in electrical engineering and computer science at MIT and one of the paper's authors, says that because the new system protects both the integrity of programs running in the cloud and the data they use, it's a good complement to the cryptographic technique known as homomorphic encryption, which protects the data transmitted by the users of cloud applications.

Joining Chiesa on the paper are Madars Virza, also a graduate student in electrical engineering and computer science; the Technion's Daniel Genkin and Eli Ben-Sasson, who was a visiting professor at MIT for the past two years; and Tel Aviv University's Eran Tromer, who was a postdoc at MIT. The researchers' system implements a so-called zero-knowledge proof, a type of mathematical game invented by MIT professors Shafi Goldwasser and Silvio Micali and their colleague Charles Rackoff of the University of Toronto. In its cryptographic application, a zero-knowledge proof enables one of the game's players to prove to the other that he or she knows a secret key without actually divulging it.

But as its name implies, a zero-knowledge proof is a more general method for proving mathematical theorems — and the correct execution of a computer program can be redescribed as a theorem. So zero-knowledge proofs are by definition able to establish whether or not a computer program is executing correctly.

The problem is that existing implementations of zero-knowledge proofs — except in cases where they've been tailored to particular algorithms — take as long to execute as the programs they're trying to verify. That's fine for password verification, but not for a computation substantial enough that it might be farmed out to the cloud.

The researchers' innovation is a practical, succinct zero-knowledge proof for arbitrary programs. Indeed, it's so succinct that it can typically fit in a single data packet.

Linear thinking

As Chiesa explains, his and his colleagues' approach depends on a variation of what's known as a "probabilistically checkable proof," or PCP. "With a standard mathematical proof, if you want to verify it, you have to go line by line from the start to the end," Chiesa says. "If you were to skip one line, potentially, that could fool you. Traditional proofs are very fragile in this respect." "The PCP theorem says that there is a way to rewrite proofs so that instead of reading them line by line," Chiesa adds, "what you can do is flip a few coins and probabilistically sample three or four lines and have a probabilistic guarantee that it's correct."

The problem, Virza says, is that "the current known constructions of the PCP theorem, though great in theory, have quite bad practical realizations." That's because the theory assumes that an adversary who's trying to produce a fraudulent proof has unbounded computational capacity. What Chiesa, Virza and their colleagues do instead is assume that the adversary is capable only of performing simple linear operations.

"This assumption is, of course, false in practice," Virza says. "So we use a cryptographic encoding to force the adversary to only linear evaluations. There is a way to encode numbers into such a form that you can add those numbers, but you can't do anything else. This is how we sidestep the inefficiencies of the PCP theorem."

Written by Larry Hardesty, MIT News Office

Andrew Carleen | EurekAlert!
Further information:
http://www.mit.edu

More articles from Information Technology:

nachricht Deep Learning predicts hematopoietic stem cell development
21.02.2017 | Helmholtz Zentrum München - Deutsches Forschungszentrum für Gesundheit und Umwelt

nachricht Sensors embedded in sports equipment could provide real-time analytics to your smartphone
16.02.2017 | University of Illinois College of Engineering

All articles from Information Technology >>>

The most recent press releases about innovation >>>

Die letzten 5 Focus-News des innovations-reports im Überblick:

Im Focus: Breakthrough with a chain of gold atoms

In the field of nanoscience, an international team of physicists with participants from Konstanz has achieved a breakthrough in understanding heat transport

In the field of nanoscience, an international team of physicists with participants from Konstanz has achieved a breakthrough in understanding heat transport

Im Focus: DNA repair: a new letter in the cell alphabet

Results reveal how discoveries may be hidden in scientific “blind spots”

Cells need to repair damaged DNA in our genes to prevent the development of cancer and other diseases. Our cells therefore activate and send “repair-proteins”...

Im Focus: Dresdner scientists print tomorrow’s world

The Fraunhofer IWS Dresden and Technische Universität Dresden inaugurated their jointly operated Center for Additive Manufacturing Dresden (AMCD) with a festive ceremony on February 7, 2017. Scientists from various disciplines perform research on materials, additive manufacturing processes and innovative technologies, which build up components in a layer by layer process. This technology opens up new horizons for component design and combinations of functions. For example during fabrication, electrical conductors and sensors are already able to be additively manufactured into components. They provide information about stress conditions of a product during operation.

The 3D-printing technology, or additive manufacturing as it is often called, has long made the step out of scientific research laboratories into industrial...

Im Focus: Mimicking nature's cellular architectures via 3-D printing

Research offers new level of control over the structure of 3-D printed materials

Nature does amazing things with limited design materials. Grass, for example, can support its own weight, resist strong wind loads, and recover after being...

Im Focus: Three Magnetic States for Each Hole

Nanometer-scale magnetic perforated grids could create new possibilities for computing. Together with international colleagues, scientists from the Helmholtz Zentrum Dresden-Rossendorf (HZDR) have shown how a cobalt grid can be reliably programmed at room temperature. In addition they discovered that for every hole ("antidot") three magnetic states can be configured. The results have been published in the journal "Scientific Reports".

Physicist Dr. Rantej Bali from the HZDR, together with scientists from Singapore and Australia, designed a special grid structure in a thin layer of cobalt in...

All Focus news of the innovation-report >>>

Anzeige

Anzeige

Event News

Booth and panel discussion – The Lindau Nobel Laureate Meetings at the AAAS 2017 Annual Meeting

13.02.2017 | Event News

Complex Loading versus Hidden Reserves

10.02.2017 | Event News

International Conference on Crystal Growth in Freiburg

09.02.2017 | Event News

 
Latest News

Impacts of mass coral die-off on Indian Ocean reefs revealed

21.02.2017 | Earth Sciences

Novel breast tomosynthesis technique reduces screening recall rate

21.02.2017 | Medical Engineering

Use your Voice – and Smart Homes will “LISTEN”

21.02.2017 | Trade Fair News

VideoLinks
B2B-VideoLinks
More VideoLinks >>>