research-article

A security-preserving compiler for distributed programs: from information-flow policies to cryptographic mechanisms

Authors:

Cédric Fournet,

Gurvan Le Guernic,

Tamara RezkAuthors Info & Claims

CCS '09: Proceedings of the 16th ACM conference on Computer and communications security

Pages 432 - 441

https://doi.org/10.1145/1653662.1653715

Published: 09 November 2009 Publication History

Abstract

We enforce information flow policies in programs that run at multiple locations, with diverse levels of security.

We build a compiler from a small imperative language with locality and security annotations down to distributed code linked to concrete cryptographic libraries. Our compiler splits source programs into local threads; inserts checks on auxiliary variables to enforce the source control flow; implements shared distributed variables using instead a series of local replicas with explicit updates; and finally selects cryptographic mechanisms for securing the communication of updates between locations.

We establish computational soundness for our compiler: under standard assumptions on cryptographic primitives, all confidentiality and integrity properties of the source program also hold with its distributed code, despite the presence of active adversaries that control all communications and some of the program locations. We also present performance results for the code obtained by compiling sample programs.

References

[1]

M. Abadi and P. Rogaway. Reconciling two views of cryptography (the computational soundness of formal encryption). Journal of Cryptology, 15 (2): 103--127, 2002.

Digital Library

[2]

B. Alpern, M. N. Wegman, and F. K. Zadeck. Detecting equality of values in programs. In Proc. of the ACM Symp. on Principles of Programming Languages, pages 1--11, Jan. 1988.

Digital Library

[3]

M. Backes, B. Pfitzmann, and M. Waidner. A composable cryptographic library with nested operations. In 10th ACM Conference on Computer and Communications Security, pages 220--230, 2003.

Digital Library

[4]

S. Chong and A. C. Myers. Decentralized robustness. In 19th IEEE Computer Security Foundations Workshop, (CSFW-19 2006), pages 242--256. IEEE Computer Society, 2006.

Digital Library

[5]

H. Comon-Lundh and V. Cortier. Computational soundness of observational equivalence. In CCS'08: Proceedings of the 15th ACM conference on Computer and communications security, pages 109--118. ACM, 2008.

Digital Library

[6]

R. Cytron, J. Ferrante, B. K. Rosen, and M. N. Wegman. Efficiently computing static single assignment form and the control dependence graph. ACM Transactions on Programming Languages and Systems, 13 (4): 451--490, Oct. 1991.

Digital Library

[7]

C. Fournet and T. Rezk. Cryptographically sound implementations for typed information-flow security. In 35th Symposium on Principles of Programming Languages (POPL'08), pages 323--335. ACM, Jan. 2008.

Digital Library

[8]

P. Laud. Semantics and program analysis of computationally secure information flow. In 10th European Symposium on Programming (ESOP 2001), volume 2028 of phLNCS. Springer-Verlag, Apr. 2001.

Digital Library

[9]

P. Laud. On the computational soundness of cryptographically-masked flows. In ph35th Symposium on Principles of Programming Languages (POPL'08), pages 337--348. ACM Press, 2008.

Digital Library

[10]

A. C. Myers and B. Liskov. Complete, safe information flow with decentralized labels. In 19th IEEE Symposium on Research in Security and Privacy (RSP), Oakland, California, May 1998.

[11]

A. C. Myers and B. Liskov. Protecting privacy using the decentralized label model. ACM Trans. Softw. Eng. Methodol., 9 (4): 410--442, 2000.

Digital Library

[12]

A. C. Myers, A. Sabelfeld, and S. Zdancewic. Enforcing robust declassification and qualified robustness. Journal of Computer Security, 14 (2): 157--196, 2006.

[13]

B. K. Rosen, M. N. Wegman, and F. K. Zadeck. Global value numbers and redundant computations. In ACM Symposium on Principles of Programming Languages, pages 12--27. ACM, Jan. 1988.

Digital Library

[14]

A. Sabelfeld and A. Myers. Language-based information-flow security. IEEE Journal on Selected Areas in Communications, 21 (1), 2003.

Digital Library

[15]

S. Zdancewic and A. Myers. Robust declassification. In 14th IEEE Computer Security Foundations Workshop, pages 15--23, 2001.

Digital Library

[16]

S. Zdancewic, L. Zheng, N. Nystrom, and A. C. Myers. Secure program partitioning. ACM Trans. Comput. Syst., 20 (3): 283--328, 2002.

Digital Library

[17]

L. Zheng, S. Chong, A. Myers, and S. Zdancewic. Using replication and partitioning to build secure distributed systems. In 15th IEEE Symposium on Security and Privacy, 2003.

Digital Library

Cited By

Li XHoushmand FLesani M(2022)HAMRAZ: Resilient Partitioning and Replication2022 IEEE Symposium on Security and Privacy (SP)10.1109/SP46214.2022.9833661(2267-2284)Online publication date: May-2022
https://doi.org/10.1109/SP46214.2022.9833661
Ho SProtzenko JBichhawat ABhargavan K(2022)Noise: A Library of Verified High-Performance Secure Channel Protocol Implementations2022 IEEE Symposium on Security and Privacy (SP)10.1109/SP46214.2022.9833621(107-124)Online publication date: May-2022
https://doi.org/10.1109/SP46214.2022.9833621
Acay CRecto RGancher JMyers AShi EFreund SYahav E(2021)Viaduct: an extensible, optimizing compiler for secure distributed programsProceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3453483.3454074(740-755)Online publication date: 19-Jun-2021
https://dl.acm.org/doi/10.1145/3453483.3454074
Show More Cited By

Index Terms

A security-preserving compiler for distributed programs: from information-flow policies to cryptographic mechanisms
1. Security and privacy
  1. Software and application security
    1. Software security engineering
2. Software and its engineering
  1. Software organization and properties
    1. Software functional properties
      1. Correctness
        Access protection

Recommendations

Cryptographically sound implementations for typed information-flow security
POPL '08: Proceedings of the 35th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages

In language-based security, confidentiality and integrity policies conveniently specify the permitted flows of information between different parts of a program with diverse levels of trust. These policies enable a simple treatment of security, and they ...
Cryptographically sound implementations for typed information-flow security
POPL '08

In language-based security, confidentiality and integrity policies conveniently specify the permitted flows of information between different parts of a program with diverse levels of trust. These policies enable a simple treatment of security, and they ...
Improved convertible authenticated encryption scheme with provable security

Convertible authenticated encryption (CAE) schemes allow a signer to produce an authenticated ciphertext such that only a designated recipient can decrypt it and verify the recovered signature. The conversion property further enables the designated ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '09: Proceedings of the 16th ACM conference on Computer and communications security

November 2009

664 pages

ISBN:9781605588940

DOI:10.1145/1653662

General Chair:
Ehab Al-Shaer
University of North Carolina, Charlotte, USA
,
Program Chairs:
Somesh Jha
University of Wisconsin, USA
,
Angelos D. Keromytis
Columbia University, USA and Symantec Research Labs Europe, France

Copyright © 2009 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 09 November 2009

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS '09

Sponsor:

SIGSAC

CCS '09: 16th ACM Conference on Computer and Communications Security 2009

November 9 - 13, 2009

Illinois, Chicago, USA

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

24
Total Citations
View Citations
607
Total Downloads

Downloads (Last 12 months)21
Downloads (Last 6 weeks)11

Reflects downloads up to 08 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Li XHoushmand FLesani M(2022)HAMRAZ: Resilient Partitioning and Replication2022 IEEE Symposium on Security and Privacy (SP)10.1109/SP46214.2022.9833661(2267-2284)Online publication date: May-2022
https://doi.org/10.1109/SP46214.2022.9833661
Ho SProtzenko JBichhawat ABhargavan K(2022)Noise: A Library of Verified High-Performance Secure Channel Protocol Implementations2022 IEEE Symposium on Security and Privacy (SP)10.1109/SP46214.2022.9833621(107-124)Online publication date: May-2022
https://doi.org/10.1109/SP46214.2022.9833621
Acay CRecto RGancher JMyers AShi EFreund SYahav E(2021)Viaduct: an extensible, optimizing compiler for secure distributed programsProceedings of the 42nd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3453483.3454074(740-755)Online publication date: 19-Jun-2021
https://dl.acm.org/doi/10.1145/3453483.3454074
Kim BHeo SLee JJeong SLee YKim H(2021)Compiler-Assisted Semantic-Aware Encryption for Efficient and Secure Serverless ComputingIEEE Internet of Things Journal10.1109/JIOT.2020.30315508:7(5645-5656)Online publication date: 1-Apr-2021
https://doi.org/10.1109/JIOT.2020.3031550
Oak AAhmadian ABalliu MSalvaneschi G(2021)Language Support for Secure Software Development with Enclaves2021 IEEE 34th Computer Security Foundations Symposium (CSF)10.1109/CSF51468.2021.00037(1-16)Online publication date: Jun-2021
https://doi.org/10.1109/CSF51468.2021.00037
Ben Said NCristescu I(2020)End-to-end information flow security for web services orchestrationScience of Computer Programming10.1016/j.scico.2019.102376187(102376)Online publication date: Feb-2020
https://doi.org/10.1016/j.scico.2019.102376
Ngo MNaumann DRezk T(2020)Type-Based Declassification for FreeFormal Methods and Software Engineering10.1007/978-3-030-63406-3_11(181-197)Online publication date: 19-Dec-2020
https://doi.org/10.1007/978-3-030-63406-3_11
Namjoshi KTabajara L(2020)Witnessing Secure CompilationVerification, Model Checking, and Abstract Interpretation10.1007/978-3-030-39322-9_1(1-22)Online publication date: 16-Jan-2020
https://dl.acm.org/doi/10.1007/978-3-030-39322-9_1
Patrignani MAhmed AClarke D(2019)Formal Approaches to Secure CompilationACM Computing Surveys10.1145/328098451:6(1-36)Online publication date: 4-Feb-2019
https://dl.acm.org/doi/10.1145/3280984
Gollamudi AChong SArden O(2019)Information Flow Control for Distributed Trusted Execution Environments2019 IEEE 32nd Computer Security Foundations Symposium (CSF)10.1109/CSF.2019.00028(304-30414)Online publication date: Jun-2019
https://doi.org/10.1109/CSF.2019.00028
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten