Readings on security

  • ★ indicates the required reading for class presentation.
    • indicates optional/background reading.

Differential privacy

Practice

  • ★ Privacy in Pharmacogenetics: An End-to-End Case Study of Personalized Warfarin Dosing, SEC14 [pdf]
  • ★ PINQ: Privacy Integrated Queries, SIGMOD09, [pdf]: dp-sql
  • Distance Makes the Types Grow Stronger: A Calculus for Differential Privacy, ICFP10 [pdf]: dp-pl

Theory

  • ★ Differential Privacy, [pdf]
  • ★ Practical Differential Privacy via Grouping and Smoothing, VLDB13 : non-interactive dp
  • Analyzing Graphs with Node Differential Privacy, TCC13 [pdf]: dp-graph
  • Smooth Sensitivity and Sampling in Private Data Analysis, STOC07 [pdf]: dp-clustering
  • Privacy, Accuracy, and Consistency Too: A Holistic Solution to Contingency Table Release, PODS07, [pdf]: dp-olapcube
  • Membership Privacy: A Unifying Framework For Privacy Definitions, CCS13 [pdf]
    • Differential Privacy: A Survey of Results, TAMC 2008 [pdf]
    • Blowfish Privacy: Tuning Privacy-Utility Trade-offs using Policies, SIGMOD14 [pdf]
    • No Free Lunch in Data Privacy, ICDM11 [pdf]

Multi-party computations

ORAM (access pattern privacy, non-circuit model)

  • ★ Automating Efficient RAM-Model Secure Computation, SP14
  • Burst ORAM: Minimizing ORAM Response Times for Bursty Access Patterns, SEC14

Performance optimization

  • ★ Faster Private Set Intersection Based on OT Extension, SEC14: OT extensions for batched OTs, network as bottleneck, semi-honest, use symmetric encryption not asymmetric
    • Faster Secure Two-Party Computation Using Garbled Circuits, SEC11 [pdf], [src]: protocol optimization

Compiler and runtime systems (1)

  • ★ Wysteria: A Programming Language for Generic, Mixed-mode Multiparty Computations, SP14 [pdf]: MPC, mixed-mode, GC for 2PC, SS for MPC
  • ★ FairplayMP - A Secure Multi-Party Computation System, CCS08, [pdf]:SS + GC, MPC
  • Automatically optimizing secure computation, CCS11: mixed-mode
  • Secure Multi-Party Computation of Boolean Circuits with Applications to Privacy in On-Line Marketplaces, 12, [pdf]: MPC, runtime, GMW

Compiler and runtime systems (2)

  • ★ PICCO: A General-Purpose Compiler for Private Distributed Computation, CCS13 [pdf]: SS, MPC
  • ★ ABY – A Framework for Efficient Mixed-Protocol Secure Two-Party Computation, NDSS15 [pdf]: mixed-protocols
  • PCF: a portable circuit format for scalable two-party secure computation, SEC13 [pdf], [src], [video]: runtime/jit circuit generation, compiler optimization, GC
    • Fairplay — A Secure Two-Party Computation System, SEC04, [pdf]: programming system, 2PC

Enabling new applications

  • ★ Blind Seer: A Scalable Private DBMS [pdf], SP14: query on encrypted data, bloom filter merge tree, index tree on unordered dataset
  • ANONIZE: A Large-Scale Anonymous Survey System, SP14: anonymity between surveyee and result, `cryptographic app, no agg
  • ★ Secure Multiparty Computations on Bitcoin, SP14
  • Private search on key-value stores with hierarchical indexes, ICDE14

Differentially private multi-party computation

  • ★ Our data, Ourselves: Privacy via distributed noise generation, EUROCRYPT06 [pdf]: laplace noising without floating-point numbers, secret sharing
  • ★ RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response, CCS14: randomized responses
  • ★ DJoin: Differentially Private Join Queries over Distributed Databases, OSDI 2012.
  • The limits of two-party differential privacy, 2010.

Cloud security

SGX

  • ★ VC3: Trustworthy Data Analytics in the Cloud, MSR-TR-2014-39 [pdf]: MapReduce on SGX
  • ★ Shielding Applications from an Untrusted Cloud with Haven, SOSP14 [pdf]
  • ICE: A Passive, High-Speed, State-Continuity Scheme, ACSAC14
    • Using Innovative Instructions to Create Trustworthy Software Solutions [pdf]
    • Software guard extensions programming reference, Intel Corp., 2013. No. 329298-001
    • TrInc: small trusted hardware for large distributed systems, NSDI09

Verifiable computation

  • ★ Succinct Non-Interactive Zero Knowledge for a von Neumann Architecture, SEC14 [pdf], SNARKs-for-C [src]
  • Pinocchio: Nearly Practical Verifiable Computation, SP13 [pdf], [src]
  • Verifying computations with state, SOSP13 [pdf]: proof-based verification, untrusted storage, map reduce
  • TRUESET: Faster Verifiable Set Computations, SEC14

Misc.

Malware detection and reverse engineering

  • BareCloud: Bare-metal Analysis-based Evasive Malware Detection, SEC14: malware detection by comparison
  • DSCRETE: Automatic Rendering of Forensic Information from Memory Images via Application Logic Reuse, SEC14: reverse engineering, locate binary of a function, feeding new input to binary function

Information flow analysis

  • ★ Quantifying Information Flow for Dynamic Secrets, SP14
  • ★ Quantitative information flow as network flow capacity, PLDI08 [pdf] quantitative i.f.
  • Bootstrapping Privacy Compliance in Big Data Systems, SP14

Searcheable encryption

  • ★ Dynamic Searchable Encryption via Blind Storage, SP14
  • CryptDB: Protecting Confidentiality with Encrypted Query Processing, SOSP12 [pdf]

Side-channel attacks

  • Scheduler-based Defenses against Cross-VM Side-channels, SEC14
  • Preventing Cryptographic Key Leakage in Cloud Virtual Machines, SEC14