A Hybrid Approach to Secure Function Evaluation using SGX

Choi, Joseph I.; Tian, Dave; Hernandez, Grant; Patton, Christopher; Mood, Benjamin; Shrimpton, Thomas; Butler, Kevin; Traynor, Patrick

doi:10.1145/3321705.3329835

Cited by 16 publications

(13 citation statements)

References 61 publications

(91 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…(a) The threat model of Aramis is significantly stronger than the prior work on MPC using secure hardware [74], [69], [38], [11], [23], [29], [51], [32], [77], [83], [44]. Specifically, in our threat model, not only is the host operating system outside the Trusted Computing Base, but it is also allowed to observe the entire state of the hardware (including user data).…”

Section: Porthos (Section Iv)mentioning

confidence: 99%

CrypTFlow: Secure TensorFlow Inference

Kumar

Rathee

Chandran

et al. 2020

2020 IEEE Symposium on Security and Privacy (SP)

148

149

View full text Add to dashboard Cite

We present CRYPTFLOW, a first of its kind system that converts TensorFlow inference code into Secure Multi-party Computation (MPC) protocols at the push of a button. To do this, we build three components. Our first component, Athos, is an end-to-end compiler from TensorFlow to a variety of semihonest MPC protocols. The second component, Porthos, is an improved semi-honest 3-party protocol that provides significant speedups for TensorFlow like applications. Finally, to provide malicious secure MPC protocols, our third component, Aramis, is a novel technique that uses hardware with integrity guarantees to convert any semi-honest MPC protocol into an MPC protocol that provides malicious security. The malicious security of the protocols output by Aramis relies on integrity of the hardware and semi-honest security of MPC. Moreover, our system matches the inference accuracy of plaintext TensorFlow.We experimentally demonstrate the power of our system by showing the secure inference of real-world neural networks such as RESNET50 and DENSENET121 over the ImageNet dataset with running times of about 30 seconds for semi-honest security and under two minutes for malicious security. Prior work in the area of secure inference has been limited to semi-honest security of small networks over tiny datasets such as MNIST or CIFAR.

show abstract

Section: Porthos (Section Iv)mentioning

confidence: 99%

CrypTFlow: Secure TensorFlow Inference

Kumar

Rathee

Chandran

et al. 2020

2020 IEEE Symposium on Security and Privacy (SP)

148

149

View full text Add to dashboard Cite

show abstract

“…Recent studies [1], [19], [25], [29], [30], [53], [59] tend to design data-oblivious systems to mitigate the memory access pattern leakage. Specifically, those systems adopt oblivious data structures (e.g., ORAM [63]) and algorithms to hide the access pattern on data as well as the code, which are the core sources exploited by the above attacks.…”

Section: Related Workmentioning

confidence: 99%

“…A wide range of applications have been implemented via oblivious systems, such as file system [1], database [29], collaborative analytics [25], and indexing system [53], [59]. Recent works propose generic programming frameworks [19], [30] that can compile any algorithm as an oblivious circuit running in the enclave. However, all the above systems are not designed and optimised for network measurements.…”

Section: Related Workmentioning

confidence: 99%

OblivSketch: Oblivious Network Measurement as a Cloud Service

Lai

Yuan

Liu

et al. 2021

Proceedings 2021 Network and Distributed System Security Symposium

View full text Add to dashboard Cite

Network function virtualisation enables versatile network functions as cloud services with reduced cost. Specifically, network measurement tasks such as heavy-hitter detection and flow distribution estimation serve many core network functions for improved performance and security of enterprise networks. However, deploying network measurement services in third-party multi-tenant cloud service providers raises critical privacy and security concerns. Recent studies demonstrate that leaking and abusing flow statistics can lead to severe network attacks such as DDoS, network topology manipulation and poisoning, etc. In this paper, we propose OblivSketch, an oblivious network measurement service using Intel SGX. It employs hardware enclave for secure network statistics generation and queries. The statistics are maintained in newly designed oblivious data structures inside the SGX enclave and queried by data-oblivious algorithms to prevent data leakage caused by access patterns to the memory of SGX. To demonstrate the practicality, we implement OblivSketch as a full-fledge service integrated with the off-the-shelf SDN framework. The evaluations demonstrate that OblivSketch consumes a constant and small memory space (6MB) to track a massive amount of flows (from 30k to 1.45m), and it takes no more than 15ms to respond six widely adopted measurement queries for a 5s-trace with 70k flows.

show abstract

“…There are, however, approaches that employ SGX for VC of a specific application domain. Specifically, the SGX scheme has been used to accelerate VC for smart contracts [69], machine learning [70], secure function evaluation [71], and MapReduce [72], [73]. Verifiable ASICs [74] employ a hardware circuit to verify the untrusted hardware modules.…”

Section: B Hardware Approachesmentioning

confidence: 99%

Practical Verifiable Computation by Using a Hardware-Based Correct Execution Environment

et al. 2020

View full text Add to dashboard Cite

The verifiable computation paradigm has been studied extensively as a means to verifying the result of outsourced computation. In said scheme, the verifier requests computation from the prover and verifies the result by checking the output and proof received from the prover. Although they have great potential for various critical applications, verifiable computations have not been widely used in practice, because of their significant performance overhead. Existing cryptography-based approaches incur significant overhead, because a cryptography-based mathematical frame needs to be constructed, which prevents deviation from the correct computation. The proposed approach is to reduce the overhead by trusting the computing hardware platform where the computation is outsourced. If one trusts the hardware to do the computation, the hardware can take the place of the cryptographic computing frame, thereby guaranteeing correct computation. The key challenge of this approach is to define what exactly the hardware should guarantee for verifiable computation. For this, we introduce the concept of Correct Execution Environment (CEE), which guarantees instruction correctness and state preservation. We prove that these two requirements are satisfactory conditions for a correct output. By employing a CEE, the verifiable computation scheme can be simplified, and its overhead can be reduced drastically. The presented experimental results demonstrate that the execution time is approximately 1.7 million times faster and the verification time over 50 times faster than a state-of-the-art cryptographic approach.

show abstract

A Hybrid Approach to Secure Function Evaluation using SGX

Cited by 16 publications

References 61 publications

CrypTFlow: Secure TensorFlow Inference

CrypTFlow: Secure TensorFlow Inference

OblivSketch: Oblivious Network Measurement as a Cloud Service

Practical Verifiable Computation by Using a Hardware-Based Correct Execution Environment

Contact Info

Product

Resources

About