Applied Mathematics Seminar——PoS4MPC: Automated Security Policy Synthesis for Secure Multi-party Computation
报告人:Fu Song (Shanghai Tech Univ.)
时间:2022-09-28 10:00-12:00
地点:腾讯会议 959-118-326 (https://meeting.tencent.com/dm/GM0e9Aof7xd4)
Abstract:
Secure multi-party computation (MPC) is a promising technique for privacy-persevering applications. A number of MPC frameworks have been proposed to reduce the burden of designing customized protocols, allowing non-experts to quickly develop and deploy MPC applications. To improve performance, recent MPC frameworks allow users to declare variables secret only for these which are to be protected. However, in practice, it is usually highly non-trivial for non-experts to specify secret variables: declaring too many degrades the performance while declaring too less compromises privacy. To address this problem, in this work we propose an automated security policy synthesis approach to declare as few secret variables as possible but without compromising security. Our approach is a synergistic integration of type inference and symbolic reasoning. The former is able to quickly infer a sound—but sometimes conservative—security policy, whereas the latter allows to identify secret variables in a security policy that can be declassified in a precise manner. Moreover, the results from symbolic reasoning are fed back to type inference to refine the security types even further. We implement our approach in a new tool PoS4MPC. Experimental results on five typical MPC applications confirm the efficacy of our approach.
Bio:
宋富是上海科技大学常任副教授,研究员,博士生导师,系统与安全中心主任,主要研究系统与软件安全验证和测试技术、及相关逻辑和自动机理论。宋富于2013年获巴黎狄德罗大学博士学位,曾在华东师范大学担任讲师和副研究员。主持和参与多项国家自然科学基金委青年、面上和重点项目,曾获上海市浦江人才和上海市晨光学者人才计划资助,2021年获亚马逊研究奖,已在国际著名会议或期刊(如CAV、TACAS、FM、AAAI、IJCAI、I&C)发表多篇论文。
