Secure Multiparty Computation from SGX

Abstract : Isolated Execution Environments (IEE) offered by novel commodity hardware such as Intel's SGX deployed in Skylake processors permit executing software in a protected environment that shields it from a malicious operating system; it also permits a remote user to obtain strong interactive attestation guarantees on both the code running in an IEE and its input/output behaviour. In this paper we show how IEEs provide a new path to constructing general secure multiparty computation (MPC) protocols. Our protocol is intuitive and elegant: it uses code within an IEE to play the role of a trusted third party (TTP), and the attestation guarantees of SGX to bootstrap secure communications between participants and the TTP. In our protocol the load of communications and computations on participants only depends on the size of each party's inputs and outputs and is thus small and independent from the intricacy of the functionality to be computed. The remaining computational load-essentially that of computing the functionality-is moved to an untrusted party running an IEE-enabled machine, an appealing feature for Cloud-based scenarios. However, as often the case even with the simplest cryptographic protocols, we found that there is a large gap between this intuitively appealing solution and a protocol with rigorous security guarantees. We bridge this gap through a comprehensive set of results that include: i. a detailed construction of a protocol for secure computation for arbitrary functionalities; ii. formal security definitions for the security of the overall protocol and that of its components; and iii. a modular security analysis of our protocol that relies on a novel notion of labeled attested computation. We implemented and extensively evaluated our solution on SGX-enabled hardware, providing detailed measurements of our protocol as well as comparisons with software-only MPC solutions. Furthermore, we show the cost induced by using constant-time, i.e., timing side channel resilient, code in our implementation.
Type de document :
Communication dans un congrès
International Conference on Financial Cryptography and Data Security 2017 (FC'17), Apr 2017, Sliema, Malta. Financial Cryptography and Data Security. FC 2017. Lecture Notes in Computer Science, vol. 10322, pp. 477-497. Springer, 2017, 〈10.1007/978-3-319-70972-7_27〉
Liste complète des métadonnées

https://hal.archives-ouvertes.fr/hal-01898742
Contributeur : Guillaume Scerri <>
Soumis le : jeudi 18 octobre 2018 - 17:27:08
Dernière modification le : dimanche 21 octobre 2018 - 01:09:04

Fichier

2016-1057.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

Citation

Raad Bahmani, Manuel Barbosa, Ferdinand Brasser, Bernardo Portela, Ahmad-Reza Sadeghi, et al.. Secure Multiparty Computation from SGX. International Conference on Financial Cryptography and Data Security 2017 (FC'17), Apr 2017, Sliema, Malta. Financial Cryptography and Data Security. FC 2017. Lecture Notes in Computer Science, vol. 10322, pp. 477-497. Springer, 2017, 〈10.1007/978-3-319-70972-7_27〉. 〈hal-01898742〉

Partager

Métriques

Consultations de la notice

37

Téléchargements de fichiers

32