{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:18:02Z","timestamp":1750220282803,"version":"3.41.0"},"reference-count":51,"publisher":"Association for Computing Machinery (ACM)","issue":"3","license":[{"start":{"date-parts":[[2022,5,19]],"date-time":"2022-05-19T00:00:00Z","timestamp":1652918400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by-nc-nd\/4.0\/"}],"funder":[{"name":"German Federal Ministry for Economic Affairs and Climate Action","award":["03EI4002E"],"award-info":[{"award-number":["03EI4002E"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Priv. Secur."],"published-print":{"date-parts":[[2022,8,31]]},"abstract":"<jats:p>Encrypting data before sending it to the cloud ensures data confidentiality but requires the cloud to compute on encrypted data. Trusted execution environments, such as Intel SGX enclaves, promise to provide a secure environment in which data can be decrypted and then processed. However, vulnerabilities in the executed program give attackers ample opportunities to execute arbitrary code inside the enclave. This code can modify the dataflow of the program and leak secrets via SGX side channels. Fully homomorphic encryption would be an alternative to compute on encrypted data without data leaks. However, due to its high computational complexity, its applicability to general-purpose computing remains limited. Researchers have made several proposals for transforming programs to perform encrypted computations on less powerful encryption schemes. Yet current approaches do not support programs making control-flow decisions based on encrypted data.<\/jats:p>\n          <jats:p>\n            We introduce the concept of\n            <jats:italic>dataflow authentication<\/jats:italic>\n            (DFAuth) to enable such programs. DFAuth prevents an adversary from arbitrarily deviating from the dataflow of a program. Our technique hence offers protections against the side-channel attacks described previously. We implemented two flavors of DFAuth, a Java bytecode-to-bytecode compiler, and an SGX enclave running a small and program-independent trusted code base. We applied DFAuth to a neural network performing machine learning on sensitive medical data and a smart charging scheduler for electric vehicles. Our transformation yields a neural network with encrypted weights, which can be evaluated on encrypted inputs in\n            <jats:inline-formula content-type=\"math\/tex\">\n              <jats:tex-math notation=\"LaTeX\" version=\"MathJax\">\\( 12.55 \\,\\mathrm{m}\\mathrm{s} \\)<\/jats:tex-math>\n            <\/jats:inline-formula>\n            . Our protected scheduler is capable of updating the encrypted charging plan in approximately 1.06 seconds.\n          <\/jats:p>","DOI":"10.1145\/3513005","type":"journal-article","created":{"date-parts":[[2022,5,19]],"date-time":"2022-05-19T13:10:35Z","timestamp":1652965835000},"page":"1-36","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["Computation on Encrypted Data Using Dataflow Authentication"],"prefix":"10.1145","volume":"25","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-8561-5861","authenticated-orcid":false,"given":"Andreas","family":"Fischer","sequence":"first","affiliation":[{"name":"FZI Research Center for Information Technology, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9608-4063","authenticated-orcid":false,"given":"Benny","family":"Fuhry","sequence":"additional","affiliation":[{"name":"Camelot ITLab, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2727-0313","authenticated-orcid":false,"given":"J\u00f6rn","family":"Ku\u00dfmaul","sequence":"additional","affiliation":[{"name":"SAP Security Research, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1385-3884","authenticated-orcid":false,"given":"Jonas","family":"Janneck","sequence":"additional","affiliation":[{"name":"SAP Security Research, Germany"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4288-2286","authenticated-orcid":false,"given":"Florian","family":"Kerschbaum","sequence":"additional","affiliation":[{"name":"University of Waterloo, Canada"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3470-3647","authenticated-orcid":false,"given":"Eric","family":"Bodden","sequence":"additional","affiliation":[{"name":"Heinz Nixdorf Institute, Paderborn University, and Fraunhofer IEM, Germany"}]}],"member":"320","published-online":{"date-parts":[[2022,5,19]]},"reference":[{"key":"e_1_3_2_2_2","unstructured":"MPIR. n.d. MPIR: Multiple Precision Integers and Rationals. Retrieved February 23 2022 from http:\/\/mpir.org."},{"key":"e_1_3_2_3_2","unstructured":"Neuroph. n.d. Neuroph\u2014Java Neural Network Framework. Retrieved February 23 2022 from http:\/\/neuroph.sourceforge.net."},{"key":"e_1_3_2_4_2","unstructured":"Libsodium. n.d. The Sodium Crypto Library (libsodium). Retrieved February 23 2022 from https:\/\/download.libsodium.org\/doc\/."},{"key":"e_1_3_2_5_2","doi-asserted-by":"publisher","DOI":"10.1145\/73560.73561"},{"key":"e_1_3_2_6_2","volume-title":"Proceedings of the Workshop on Hardware and Architectural Support for Security and Privacy (HASP\u201913)","author":"Anati Ittai","year":"2013","unstructured":"Ittai Anati, Shay Gueron, Simon P. Johnson, and Vincent R. Scarlata. 2013. Innovative technology for CPU based attestation and sealing. In Proceedings of the Workshop on Hardware and Architectural Support for Security and Privacy (HASP\u201913)."},{"key":"e_1_3_2_7_2","volume-title":"Proceedings of the 22nd European Symposium on Research in Computer Security (ESORICS\u201917)","author":"Barbosa Manuel","year":"2017","unstructured":"Manuel Barbosa, Dario Catalano, and Dario Fiore. 2017. Labeled homomorphic encryption\u2014Scalable and privacy-preserving processing of outsourced data. In Proceedings of the 22nd European Symposium on Research in Computer Security (ESORICS\u201917)."},{"key":"e_1_3_2_8_2","article-title":"The power of verification queries in message authentication and authenticated encryption","author":"Bellare Mihir","year":"2004","unstructured":"Mihir Bellare, Oded Goldreich, and Anton Mityagin. 2004. The power of verification queries in message authentication and authenticated encryption. IACR Cryptolology ePrint Archive. Retrieved February 23, 2022 from http:\/\/eprint.iacr.org\/2004\/309.","journal-title":"IACR Cryptolology ePrint Archive."},{"key":"e_1_3_2_9_2","doi-asserted-by":"publisher","DOI":"10.1007\/s00145-008-9026-x"},{"key":"e_1_3_2_10_2","doi-asserted-by":"publisher","DOI":"10.1007\/11761679_25"},{"volume-title":"Proceedings of the 9th International Conference on Theory and Practice of Public-Key Cryptography, (PKC\u201906)","author":"Bernstein Daniel J.","key":"e_1_3_2_11_2","unstructured":"Daniel J. Bernstein. 2006. Curve25519: New Diffie-Hellman speed records. In Proceedings of the 9th International Conference on Theory and Practice of Public-Key Cryptography, (PKC\u201906)."},{"key":"e_1_3_2_12_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-00468-1_5"},{"key":"e_1_3_2_13_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-19571-6_16"},{"key":"e_1_3_2_14_2","volume-title":"Proceedings of the 11th USENIX Workshop on Offensive Technologies (WOOT\u201917)","author":"Brasser Ferdinand","year":"2017","unstructured":"Ferdinand Brasser, Urs M\u00fcller, Alexandra Dmitrienko, Kari Kostiainen, Srdjan Capkun, and Ahmad-Reza Sadeghi. 2017. Software grand exposure: SGX cache attacks are practical. In Proceedings of the 11th USENIX Workshop on Offensive Technologies (WOOT\u201917)."},{"key":"e_1_3_2_15_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-45608-8_11"},{"key":"e_1_3_2_16_2","doi-asserted-by":"publisher","DOI":"10.1145\/2972206.2972209"},{"key":"e_1_3_2_17_2","article-title":"US Secure Hash Algorithms (SHA and HMAC-SHA)","author":"Eastlake D.","year":"2006","unstructured":"D. Eastlake and T. Hansen. 2006. US Secure Hash Algorithms (SHA and HMAC-SHA). RFC 4634 (Informational). IETF.","journal-title":"RFC 4634 (Informational)."},{"key":"e_1_3_2_18_2","doi-asserted-by":"publisher","DOI":"10.1109\/TIT.1985.1057074"},{"key":"e_1_3_2_19_2","doi-asserted-by":"publisher","DOI":"10.2478\/popets-2020-0002"},{"key":"e_1_3_2_20_2","doi-asserted-by":"publisher","DOI":"10.1109\/CSF49147.2020.00024"},{"key":"e_1_3_2_21_2","doi-asserted-by":"publisher","DOI":"10.1109\/TSG.2019.2914274"},{"key":"e_1_3_2_22_2","volume-title":"Proceedings of the 30th International Conference on Advances in Cryptology (CRYPTO\u201911)","author":"Gennaro Rosario","year":"2011","unstructured":"Rosario Gennaro, Craig Gentry, and Bryan Parno. 2011. Non-interactive verifiable computing: Outsourcing computation to untrusted workers. In Proceedings of the 30th International Conference on Advances in Cryptology (CRYPTO\u201911)."},{"key":"e_1_3_2_23_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-42045-0_16"},{"key":"e_1_3_2_24_2","doi-asserted-by":"publisher","DOI":"10.1145\/1536414.1536440"},{"key":"e_1_3_2_25_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-32009-5_49"},{"key":"e_1_3_2_26_2","volume-title":"Proceedings of the 33rd International Conference on Machine Learning (ICML\u201916)","author":"Gilad-Bachrach Ran","year":"2016","unstructured":"Ran Gilad-Bachrach, Nathan Dowlin, Kim Laine, Kristin E. Lauter, Michael Naehrig, and John Wernsing. 2016. CryptoNets: Applying neural networks to encrypted data with high throughput and accuracy. In Proceedings of the 33rd International Conference on Machine Learning (ICML\u201916)."},{"key":"e_1_3_2_27_2","doi-asserted-by":"publisher","DOI":"10.1145\/2488608.2488678"},{"key":"e_1_3_2_28_2","volume-title":"Proceedings of the ACM International Conference on Management of Data (SIGMOD\u201902)","author":"Hacig\u00fcm\u00fc\u015f Hakan","year":"2002","unstructured":"Hakan Hacig\u00fcm\u00fc\u015f, Bala Iyer, Chen Li, and Sharad Mehrotra. 2002. Executing SQL over encrypted data in the database-service-provider model. In Proceedings of the ACM International Conference on Management of Data (SIGMOD\u201902)."},{"key":"e_1_3_2_29_2","doi-asserted-by":"publisher","DOI":"10.1145\/2487726.2488370"},{"key":"e_1_3_2_30_2","volume-title":"Proceedings (Industrial Track) of the 10th International Conference on Applied Cryptography and Network Security (ACNS\u201912)","author":"Hu Yin","year":"2012","unstructured":"Yin Hu, William Martin, and Berk Sunar. 2012. Enhanced flexibility for homomorphic encryption schemes via CRT. In Proceedings (Industrial Track) of the 10th International Conference on Applied Cryptography and Network Security (ACNS\u201912)."},{"key":"e_1_3_2_31_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-662-45608-8_10"},{"key":"e_1_3_2_32_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-79263-5_10"},{"key":"e_1_3_2_33_2","doi-asserted-by":"publisher","DOI":"10.1201\/b17668"},{"key":"e_1_3_2_34_2","article-title":"More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE)","author":"Kivinen T.","year":"2003","unstructured":"T. Kivinen and M. Kojo. 2003. More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE). RFC 3526 (Proposed Standard). IETF.","journal-title":"RFC 3526 (Proposed Standard)"},{"key":"e_1_3_2_35_2","volume-title":"Proceedings of the Cetus Users and Compiler Infastructure Workshop (CETUS\u201911)","author":"Lam Patrick","year":"2011","unstructured":"Patrick Lam, Eric Bodden, Ondrej Lhotak, and Laurie Hendren. 2011. The Soot framework for Java program analysis: A retrospective. In Proceedings of the Cetus Users and Compiler Infastructure Workshop (CETUS\u201911)."},{"key":"e_1_3_2_36_2","volume-title":"Proceedings of the 26th USENIX Security Symposium (USENIX Security\u201917)","author":"Lee Jaehyuk","year":"2017","unstructured":"Jaehyuk Lee, Jinsoo Jang, Yeongjin Jang, Nohyun Kwak, Yeseul Choi, Chongho Choi, Taesoo Kim, Marcus Peinado, and Brent Byunghoon Kang. 2017. Hacking in darkness: Return-oriented programming against secure enclaves. In Proceedings of the 26th USENIX Security Symposium (USENIX Security\u201917)."},{"key":"e_1_3_2_37_2","volume-title":"Proceedings of the 26th USENIX Security Symposium (USENIX Security\u201917)","author":"Lee Sangho","year":"2017","unstructured":"Sangho Lee, Ming-Wei Shih, Prasun Gera, Taesoo Kim, Hyesoon Kim, and Marcus Peinado. 2017. Inferring fine-grained control flow inside SGX enclaves with branch shadowing. In Proceedings of the 26th USENIX Security Symposium (USENIX Security\u201917)."},{"key":"e_1_3_2_38_2","doi-asserted-by":"publisher","DOI":"10.1145\/2694344.2694385"},{"key":"e_1_3_2_39_2","doi-asserted-by":"publisher","DOI":"10.1145\/2487726.2488368"},{"key":"e_1_3_2_40_2","volume-title":"Proceedings of the 8th International Conferenceon Information Security and Cryptology (ICISC\u201905)","author":"Molnar David","year":"2005","unstructured":"David Molnar, Matt Piotrowski, David Schultz, and David A. Wagner. 2005. The program counter security model: Automatic detection and removal of control-flow side channel attacks. In Proceedings of the 8th International Conferenceon Information Security and Cryptology (ICISC\u201905)."},{"key":"e_1_3_2_41_2","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23349"},{"key":"e_1_3_2_42_2","doi-asserted-by":"publisher","DOI":"10.5555\/3241094.3241143"},{"key":"e_1_3_2_43_2","doi-asserted-by":"publisher","DOI":"10.5555\/1756123.1756146"},{"key":"e_1_3_2_44_2","doi-asserted-by":"publisher","DOI":"10.1145\/2043556.2043566"},{"key":"e_1_3_2_45_2","volume-title":"Proceedings of the 24th USENIX Security Symposium (USENIX Security\u201915)","author":"Rane Ashay","year":"2015","unstructured":"Ashay Rane, Calvin Lin, and Mohit Tiwari. 2015. Raccoon: Closing digital side-channels through obfuscated execution. In Proceedings of the 24th USENIX Security Symposium (USENIX Security\u201915)."},{"key":"e_1_3_2_46_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-60876-1_1"},{"key":"e_1_3_2_47_2","unstructured":"Nigel Smart. 2014. Algorithms Key Size and Parameters Report . ENISA."},{"key":"e_1_3_2_48_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-44599-1_13"},{"key":"e_1_3_2_49_2","doi-asserted-by":"publisher","DOI":"10.1109\/SECPRI.2000.848445"},{"key":"e_1_3_2_50_2","doi-asserted-by":"publisher","DOI":"10.1145\/2509136.2509554"},{"key":"e_1_3_2_51_2","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516666"},{"key":"e_1_3_2_52_2","doi-asserted-by":"publisher","DOI":"10.1145\/1554339.1554345"}],"container-title":["ACM Transactions on Privacy and Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3513005","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3513005","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T19:31:20Z","timestamp":1750188680000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3513005"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,5,19]]},"references-count":51,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2022,8,31]]}},"alternative-id":["10.1145\/3513005"],"URL":"https:\/\/doi.org\/10.1145\/3513005","relation":{},"ISSN":["2471-2566","2471-2574"],"issn-type":[{"type":"print","value":"2471-2566"},{"type":"electronic","value":"2471-2574"}],"subject":[],"published":{"date-parts":[[2022,5,19]]},"assertion":[{"value":"2021-04-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2022-01-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2022-05-19","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}