MrCrypt: Static Analysis for Secure Cloud Computations

Conference on Object-Oriented Programming, Systems, Languages, and Applications (OOPSLA 2013), Indianapolis, Indiana, October 26-31, 2013.
Sai Deep Tetali, Mohsen Lesani, Rupak Majumdar, Todd Millstein
In a common use case for cloud computing, clients upload data and computation to servers that are managed by a third-party infrastructure provider. We describe MrCrypt, a system that provides data confidentiality in this setting by executing client computations on encrypted data. MrCrypt statically analyzes a program to identify the set of operations on each input data column, in order to select an appropriate homomorphic encryption scheme for that column, and then transforms the program to operate over encrypted data. The encrypted data and transformed program are uploaded to the server and executed as usual, and the result of the computation is decrypted on the client side. We have implemented MrCrypt for Java and illustrate its practicality on three standard benchmark suites for the Hadoop MapReduce framework. We have also formalized the approach and proven several soundness and security guarantees.