A Language for Probabilistically Oblivious Computation
release_shg6qq65cbeifgjm4xloqywcsm
by
David Darais, Ian Sweet, Chang Liu, Michael Hicks
2019
Abstract
An oblivious computation is one that is free of direct and indirect
information leaks, e.g., due to observable differences in timing and memory
access patterns. This paper presents Lambda Obliv, a core language whose type
system enforces obliviousness. Prior work on type-enforced oblivious
computation has focused on deterministic programs. Lambda Obliv is new in its
consideration of programs that implement probabilistic algorithms, such as
those involved in cryptography. Lambda Obliv employs a substructural type
system and a novel notion of probability region to ensure that information is
not leaked via the observed distribution of visible events. Probability regions
support reasoning about probabilistic correlation and independence between
values, and our use of probability regions is motivated by a source of
unsoundness that we discovered in the type system of ObliVM, a language for
implementing state of the art oblivious algorithms. We prove that Lambda
Obliv's type system enforces obliviousness and show that it is expressive
enough to typecheck advanced tree-based oblivious RAMs.
In text/plain
format
Archived Files and Locations
application/pdf 800.2 kB
file_b24gvupksfhwpdoibafsaqxqte
|
arxiv.org (repository) web.archive.org (webarchive) |
1711.09305v3
access all versions, variants, and formats of this works (eg, pre-prints)