VeritasDB: High Throughput Key-Value Store with Integrity

Applications depend on the safe operation of underlying databases. Alarmingly, cloud-backed database services face threats from exploits in the privileged computing layers (e.g. OS, Hypervisor) and attacks from rogue datacenter administrators, which tamper with the database’s storage and cause it to produce incorrect results. Although integrity verification of outsourced storage and file systems is a well-studied problem, prior techniques impose prohibitive overheads (up to 10x in throughput) and place additional responsibility on clients. We present VeritasDB, a key-value store that guarantees integrity to the client in the presence of exploits or implementation bugs in the database server. VeritasDB is implemented as a network proxy that mediates communication between the unmodified client(s) and the database server, which can be any off-the-shelf database engine (e.g., Redis, RocksDB). Since the proxy is trusted, we use security primitives offered by modern processors, such as Intel SGX enclaves, to protect the proxy’s code and state, thus completely eliminating trust on the cloud provider. To perform integrity checks in the proxy, we design an authenticated Merkle B-tree that leverages features of SGX (protected memory, direct access to unprotected memory from enclave code, and CPU parallelism) to implement several novel optimizations based on caching, concurrency, and compression. On standard YCSB and Visa transaction workloads, we observe an average overhead of 2.8x in throughput and 2.5x in latency, compared to the (insecure) system with no integrity checks — using CPU parallelism, we bring the throughput overhead further down to 1.05x. Thus, VeritasDB provides an order of magnitude improvement over existing techniques for integrity verification.

[1]  Ken Eguro,et al.  Concerto: A High Concurrency Key-Value Store with Integrity , 2017, SIGMOD Conference.

[2]  Srdjan Capkun,et al.  ROTE: Rollback Protection for Trusted Execution , 2017, USENIX Security Symposium.

[3]  Tsuyoshi Murata,et al.  {m , 1934, ACML.

[4]  Graham Cormode,et al.  An improved data stream summary: the count-min sketch and its applications , 2004, J. Algorithms.

[5]  Carlos V. Rozas,et al.  Innovative instructions and software model for isolated execution , 2013, HASP '13.

[6]  Michael T. Goodrich,et al.  Athos: Efficient Authentication of Outsourced File Systems , 2008, ISC.

[7]  Ralph C. Merkle,et al.  A Digital Signature Based on a Conventional Encryption Function , 1987, CRYPTO.

[8]  Charu C. Aggarwal,et al.  Data Streams - Models and Algorithms , 2014, Advances in Database Systems.

[9]  Michael K. Reiter,et al.  Space-Efficient Block Storage Integrity , 2005, NDSS.

[10]  P. Cochat,et al.  Et al , 2008, Archives de pediatrie : organe officiel de la Societe francaise de pediatrie.

[11]  Radu Sion,et al.  CorrectDB: SQL Engine with Practical Query Authentication , 2013, Proc. VLDB Endow..

[12]  Feifei Li,et al.  Dynamic authenticated index structures for outsourced databases , 2006, SIGMOD Conference.

[13]  Adam Silberstein,et al.  Benchmarking cloud serving systems with YCSB , 2010, SoCC '10.

[14]  Moni Naor,et al.  How Efficient Can Memory Checking Be? , 2009, TCC.

[15]  Srinivas Devadas,et al.  Sanctum: Minimal Hardware Extensions for Strong Software Isolation , 2016, USENIX Security Symposium.

[16]  Jonathan Katz,et al.  IntegriDB: Verifiable SQL for Outsourced Databases , 2015, CCS.

[17]  Idit Keidar,et al.  Venus: verification for untrusted cloud storage , 2010, CCSW '10.

[18]  Frank Piessens,et al.  Ariadne: A Minimal Approach to State Continuity , 2016, USENIX Security Symposium.

[19]  Marten van Dijk,et al.  Iris: a scalable cloud file system with efficient integrity checks , 2012, ACSAC '12.

[20]  Leslie Lamport,et al.  How to Make a Multiprocessor Computer That Correctly Executes Multiprocess Programs , 2016, IEEE Transactions on Computers.

[21]  Odysseas Papapetrou,et al.  Sketch-based Querying of Distributed Sliding-Window Data Streams , 2012, Proc. VLDB Endow..

[22]  Jiangtao Li,et al.  Enhanced Privacy ID from Bilinear Pairing for Hardware Authentication and Attestation , 2010, 2010 IEEE Second International Conference on Social Computing.

[23]  Úlfar Erlingsson,et al.  A cool and practical alternative to traditional hash tables , 2006 .

[24]  Mark Silberstein,et al.  Eleos: ExitLess OS Services for SGX Enclaves , 2017, EuroSys.

[25]  Chunxiao Xing,et al.  On the Performance of Intel SGX , 2016, 2016 13th Web Information Systems and Applications Conference (WISA).

[26]  Sunil Prabhakar,et al.  Trustworthy data from untrusted databases , 2013, 2013 IEEE 29th International Conference on Data Engineering (ICDE).

[27]  Manuel Blum,et al.  Checking the correctness of memories , 2005, Algorithmica.

[28]  Gene Tsudik,et al.  Authentication and integrity in outsourced databases , 2006, TOS.