A Hybrid Approach to Secure Function Evaluation Using SGX

05/03/2019
by   Joseph I. Choi, et al.
0

A protocol for two-party secure function evaluation (2P-SFE) aims to allow the parties to learn the output of function f of their private inputs, while leaking nothing more. In a sense, such a protocol realizes a trusted oracle that computes f and returns the result to both parties. There have been tremendous strides in efficiency over the past ten years, yet 2P-SFE protocols remain impractical for most real-time, online computations, particularly on modestly provisioned devices. Intel's Software Guard Extensions (SGX) provides hardware-protected execution environments, called enclaves, that may be viewed as trusted computation oracles. While SGX provides native CPU speed for secure computation, previous side-channel and micro-architecture attacks have demonstrated how security guarantees of enclaves can be compromised. In this paper, we explore a balanced approach to 2P-SFE on SGX-enabled processors by constructing a protocol for evaluating f relative to a partitioning of f. This approach alleviates the burden of trust on the enclave by allowing the protocol designer to choose which components should be evaluated within the enclave, and which via standard cryptographic techniques. We describe SGX-enabled SFE protocols (modeling the enclave as an oracle), and formalize the strongest-possible notion of 2P-SFE for our setting. We prove our protocol meets this notion when properly realized. We implement the protocol and apply it to two practical problems: privacy-preserving queries to a database, and a version of Dijkstra's algorithm for privacy-preserving navigation. Our evaluation shows that our SGX-enabled SFE scheme enjoys a 38x increase in performance over garbled-circuit-based SFE. Finally, we justify modeling of the enclave as an oracle by implementing protections against known side-channels.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
11/03/2021

Introducing a Framework to Enable Anonymous Secure Multi-Party Computation in Practice

Secure Multi-Party Computation (SMPC) allows a set of parties to securel...
research
02/23/2023

A Survey of Secure Computation Using Trusted Execution Environments

As an essential technology underpinning trusted computing, the trusted e...
research
11/12/2020

Customizing Trusted AI Accelerators for Efficient Privacy-Preserving Machine Learning

The use of trusted hardware has become a promising solution to enable pr...
research
01/27/2020

Distributed systems and trusted execution environments: Trade-offs and challenges

Security and privacy concerns in computer systems have grown in importan...
research
09/14/2023

TGh: A TEE/GC Hybrid Enabling Confidential FaaS Platforms

Trusted Execution Environments (TEEs) suffer from performance issues whe...
research
04/08/2020

Improved Secure Efficient Delegated Private Set Intersection

Private Set Intersection (PSI) is a vital cryptographic technique used f...
research
05/06/2022

Private delegated computations using strong isolation

Sensitive computations are now routinely delegated to third-parties. In ...

Please sign up or login with your details

Forgot password? Click here to reset