IRON: Functional Encryption using Intel SGX

Functional encryption (FE) is an extremely powerful cryptographic mechanism that lets an authorized entity compute on encrypted data, and learn the results in the clear. However, all current cryptographic instantiations for general FE are too impractical to be implemented. We construct IRON, a provably secure, and practical FE system using Intel's recent Software Guard Extensions (SGX). We show that IRON can be applied to complex functionalities, and even for simple functions, outperforms the best known cryptographic schemes. We argue security by modeling FE in the context of hardware elements, and prove that IRON satisfies the security model.

[1]  Bogdan Warinschi,et al.  Foundations of Hardware-Based Attested Computation and Application to SGX , 2016, 2016 IEEE European Symposium on Security and Privacy (EuroS&P).

[2]  Ion Stoica,et al.  Opaque: An Oblivious and Encrypted Distributed Analytics Platform , 2017, NSDI.

[3]  Marcus Peinado,et al.  Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems , 2015, 2015 IEEE Symposium on Security and Privacy.

[4]  Dan Boneh,et al.  Architectural Support For Copy And Tamper-Resistant Software PhD Thesis , 2003 .

[5]  Marcus Peinado,et al.  T-SGX: Eradicating Controlled-Channel Attacks Against Enclave Programs , 2017, NDSS.

[6]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[7]  Stefano Tessaro,et al.  On the Relationship between Functional Encryption, Obfuscation, and Fully Homomorphic Encryption , 2013, IMACC.

[8]  Kartik Nayak,et al.  HOP: Hardware makes Obfuscation Practical , 2017, NDSS.

[9]  Ashay Rane,et al.  Raccoon: Closing Digital Side-Channels through Obfuscated Execution , 2015, USENIX Security Symposium.

[10]  Vinod Vaikuntanathan,et al.  Functional Encryption: New Perspectives and Lower Bounds , 2013, IACR Cryptol. ePrint Arch..

[11]  Ruby B. Lee,et al.  Scalable architectural support for trusted software , 2010, HPCA - 16 2010 The Sixteenth International Symposium on High-Performance Computer Architecture.

[12]  Rüdiger Kapitza,et al.  AsyncShock: Exploiting Synchronisation Bugs in Intel SGX Enclaves , 2016, ESORICS.

[13]  Srdjan Capkun,et al.  Software Grand Exposure: SGX Cache Attacks Are Practical , 2017, WOOT.

[14]  Carlos V. Rozas,et al.  Innovative instructions and software model for isolated execution , 2013, HASP '13.

[15]  Amit Sahai,et al.  Functional Encryption: Decentralised and Delegatable , 2015, IACR Cryptol. ePrint Arch..

[16]  Srinivas Devadas,et al.  Sanctum: Minimal Hardware Extensions for Strong Software Isolation , 2016, USENIX Security Symposium.

[17]  Craig Gentry,et al.  Cryptanalyses of Candidate Branching Program Obfuscators , 2017, EUROCRYPT.

[18]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[19]  Zvika Brakerski,et al.  Function-Private Functional Encryption in the Private-Key Setting , 2015, Journal of Cryptology.

[20]  G. Edward Suh,et al.  Aegis: A Single-Chip Secure Processor , 2007, IEEE Design & Test of Computers.

[21]  Mihir Bellare,et al.  Robust Encryption , 2010, TCC.

[22]  Stefan Mangard,et al.  Malware Guard Extension: Using SGX to Conceal Cache Attacks , 2017, DIMVA.

[23]  Abhishek Jain,et al.  Indistinguishability Obfuscation from Compact Functional Encryption , 2015, CRYPTO.

[24]  Srinivas Devadas,et al.  Intel SGX Explained , 2016, IACR Cryptol. ePrint Arch..

[25]  Sebastian Nowozin,et al.  Oblivious Multi-Party Machine Learning on Trusted Processors , 2016, USENIX Security Symposium.

[26]  Amit Sahai,et al.  Functional Encryption for Randomized Functionalities , 2015, TCC.

[27]  Elaine Shi,et al.  GhostRider: A Hardware-Software System for Memory Trace Oblivious Computation , 2015, ASPLOS.

[28]  Jonathan Katz,et al.  Universally Composable Multi-party Computation Using Tamper-Proof Hardware , 2007, EUROCRYPT.

[29]  Christos Gkantsidis,et al.  VC3: Trustworthy Data Analytics in the Cloud Using SGX , 2015, 2015 IEEE Symposium on Security and Privacy.

[30]  Srdjan Capkun,et al.  ROTE: Rollback Protection for Trusted Execution , 2017, USENIX Security Symposium.

[31]  Srinivas Devadas,et al.  A secure processor architecture for encrypted computation on untrusted programs , 2012, STC '12.

[32]  Insik Shin,et al.  SGX-Shield: Enabling Address Space Layout Randomization for SGX Programs , 2017, NDSS.

[33]  Donald E. Porter,et al.  Cooperation and security isolation of library OSes for multi-process applications , 2014, EuroSys '14.

[34]  Shweta Shinde,et al.  Panoply: Low-TCB Linux Applications With SGX Enclaves , 2017, NDSS.

[35]  Yuval Ishai,et al.  Founding Cryptography on Tamper-Proof Hardware Tokens , 2010, IACR Cryptol. ePrint Arch..

[36]  Thomas Morris,et al.  Trusted Platform Module , 2011, Encyclopedia of Cryptography and Security.

[37]  Eric Miles,et al.  Annihilation Attacks for Multilinear Maps: Cryptanalysis of Indistinguishability Obfuscation over GGH13 , 2016, CRYPTO.

[38]  Carlos V. Rozas,et al.  Intel® Software Guard Extensions: EPID Provisioning and Attestation Services , 2016 .

[39]  Galen C. Hunt,et al.  Shielding Applications from an Untrusted Cloud with Haven , 2014, OSDI.

[40]  Nir Bitansky,et al.  Indistinguishability Obfuscation from Functional Encryption , 2018, J. ACM.

[41]  Amit Sahai,et al.  Multi-Input Functional Encryption , 2014, IACR Cryptol. ePrint Arch..

[42]  Brent Waters,et al.  Functional encryption: a new vision for public-key cryptography , 2012, CACM.

[43]  Marcus Peinado,et al.  Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing , 2016, USENIX Security Symposium.

[44]  G. Edward Suh,et al.  AEGIS: architecture for tamper-evident and tamper-resistant processing , 2003 .

[45]  Brent Waters,et al.  Candidate Indistinguishability Obfuscation and Functional Encryption for all Circuits , 2013, 2013 IEEE 54th Annual Symposium on Foundations of Computer Science.

[46]  Alex J. Malozemoff,et al.  5Gen: A Framework for Prototyping Applications Using Multilinear Maps and Matrix Branching Programs , 2016, CCS.

[47]  Elaine Shi,et al.  Formal Abstractions for Attested Execution Secure Processors , 2017, EUROCRYPT.

[48]  Vinod Vaikuntanathan,et al.  Functional Encryption with Bounded Collusions via Multi-party Computation , 2012, CRYPTO.

[49]  Ahmad-Reza Sadeghi,et al.  Secure Multiparty Computation from SGX , 2017, Financial Cryptography.

[50]  Ran Canetti,et al.  Obfuscation of Probabilistic Circuits and Applications , 2015, TCC.

[51]  Yael Tauman Kalai,et al.  One-Time Programs , 2008, CRYPTO.

[52]  Carl A. Gunter,et al.  Controlled Functional Encryption , 2014, CCS.

[53]  David M. Eyers,et al.  SCONE: Secure Linux Containers with Intel SGX , 2016, OSDI.

[54]  Jonathan Katz,et al.  Functional Encryption from (Small) Hardwae Tokens , 2015, IACR Cryptol. ePrint Arch..

[55]  Joan Feigenbaum,et al.  Using Intel Software Guard Extensions for Efficient Two-Party Secure Function Evaluation , 2016, Financial Cryptography Workshops.