Exploring the use of Intel SGX for Secure Many-Party Applications SysTEX’16 K. A. Kucuk University of Oxford, UK December 12, 2016 Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 1 /23
Overview 1. Introduction 2. Trustworthy Remote Entity (TRE) 3. SGX-based TRE 4. Results Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 2 /23
Yao’s Millionaires’ Problem Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 3 /23
Multi Party Computation (MPC) Limited scalability, Cryptographic primitives Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 4 /23
Ideal MPC Third Party, Trust Issues Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 5 /23
Many Party Application: Road Pricing Location-based services ..diminishes the privacy Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 6 /23
Many Party Application: Smart Grid aggregate measurements over multiple consumers Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 7 /23
A Possible Solution ... Trustworthy Remote Entity (TRE) P 2 P 1 P n ICR TRE card ( ICR ) = n TRE ◮ Based on Trusted Computing ◮ Essentially a verifiable trusted third party (vTTP) ◮ Comparable to the idealised version (TTP) in the MPC world Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 8 /23
TPM-based TRE Using TXT and TPM ◮ Final State Attestation (FSA) ◮ Bare-metal, event-driven ◮ Privacy Preserving ◮ Small TCB, Optimized Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 9 /23
Other TRE possibilities Intel SGX; sgxTRE, Middlebox, Compute Provider ARM TrustZone Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 10 /23
Contributions SGX-based TRE ◮ SGX Benchmarks ◮ Design and Prototype ◮ Comparison Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 11 /23
Requirements Security and Performance Req. ◮ Secure Computation and Communication ◮ Secure Attestation ◮ Scalability and Latency Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 12 /23
Adversary Model Malicious Operator of TRE ◮ Dolev-Yao Network Adv. ◮ SMM, BIOS, OS ◮ Physical Access Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 13 /23
Benchmarking Functionalities Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 14 /23
Implementation: Architecture Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 15 /23
Implementation: Flow Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 16 /23
Implementation: Abstract Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 17 /23
Experiment Skylake SGX machine ◮ Dell Latitude E5570 ◮ June 2016 SGX SDK ◮ Basic Network ◮ Simulated SMDs ◮ DLMS-COSEM Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 18 /23
Results: Comparison of TPM-based and SGX-based Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 19 /23
Results: Performance of SGX-based TRE Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 20 /23
Security Evaluation SGX-based TRE ◮ No Outside Calls ◮ No Secret dependent access patterns ◮ SGX features. Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 21 /23
Conclusion SGX-based TRE ◮ Template for Many Party apps ◮ Comparison of approaches ◮ Smaller TCB ◮ Stronger Adversary Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 22 /23
Questions Any comments? Kubilay Ahmet Kucuk, kucuk@cs.ox.ac.uk, University of Oxford Exploring the use of Intel SGX for Secure Many-Party Applications slide 23 /23
Recommend
More recommend