Practical Data-in-use Protection using Binary Decision Diagrams

Oleg Mazonka, Esha Sarkar, Eduardo Chielle, Nektarios Georgios Tsoutsos, Michail Maniatakos
2020 IEEE Access  
Protection of data-in-use, contrary to the protection of data-at-rest or data-in-transit, remains a challenge. Cryptography advances such as Fully Homomorphic Encryption (FHE) provide theoretical, albeit impractical, solutions to functionally-complete computation over encrypted operands, necessary for general-purpose computation. In this work, we propose a practical data-in-use protection mechanism that, contrary to application-specific homomorphic encryption approaches, focuses on arbitrary
more » ... putation native to established programming languages, such as C++. Therefore, our work provides a more efficient alternative to FHE schemes that can be used for general-purpose computation. Specifically, we use Binary Decision Diagrams (BDD) to transform high-level programming operations to their equivalents working on protected data. To automate this, we develop a framework that allows automatic conversion of program expressions over encrypted operands into efficient circuits that are reduced using BDDs and can simulate corresponding composed operations. Our experimental results show that our methodology is orders of magnitude faster than state-of-the-art FHE schemes and enables execution of real C++ applications with practical overheads. Our framework is complemented with security analysis proving resistance to different attack methods. INDEX TERMS Data security, privacy, data privacy, security.
doi:10.1109/access.2020.2970120 fatcat:v2vsmqwykzcyhedowufxb6azse