Paper 2016/1057

Secure Multiparty Computation from SGX

Raad Bahmani, Manuel Barbosa, Ferdinand Brasser, Bernardo Portela, Ahmad-Reza Sadeghi, Guillaume Scerri, and Bogdan Warinschi

Abstract

Isolated Execution Environments (IEE) offered by novel commodity hardware such as Intel’s SGX deployed in Skylake processors permit executing software in a protected environment that shields it from a malicious operating system; it also permits a remote user to obtain strong interactive attestation guarantees on both the code running in an IEE and its input/output behaviour. In this paper we show how IEEs provide a new path to constructing general secure multiparty computation (MPC) protocols. Our protocol is intuitive and elegant: it uses code within an IEE to play the role of a trusted third party (TTP), and the attestation guarantees of SGX to bootstrap secure communications between participants and the TTP. In our protocol the load of communications and computations on participants only depends on the size of each party’s inputs and outputs and is thus small and independent from the intricacy of the functionality to be computed. The remaining computational load– essentially that of computing the functionality – is moved to an untrusted party running an IEE-enabled machine, an appealing feature for Cloud-based scenarios. However, as often the case even with the simplest cryptographic protocols, we found that there is a large gap between this intuitively appealing solution and a protocol with rigorous security guarantees. We bridge this gap through a comprehensive set of results that include: i. a detailed construction of a protocol for secure computation for arbitrary functionalities; ii. formal security definitions for the security of the overall protocol and that of its components; and iii. a modular security analysis of our protocol that relies on a novel notion of labeled attested computation. We implemented and extensively evaluated our solution on SGX-enabled hardware, providing detailed measurements of our protocol as well as comparisons with software-only MPC solutions. Furthermore, we show the cost induced by using constant-time, i.e., timing side channel resilient, code in our implementation.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Keywords
Secure HardwareSGXSecure multiparty computationImplementationAttestation
Contact author(s)
guillaume scerri @ uvsq fr
History
2016-11-15: received
Short URL
https://ia.cr/2016/1057
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/1057,
      author = {Raad Bahmani and Manuel Barbosa and Ferdinand Brasser and Bernardo Portela and Ahmad-Reza Sadeghi and Guillaume Scerri and Bogdan Warinschi},
      title = {Secure Multiparty Computation from SGX},
      howpublished = {Cryptology ePrint Archive, Paper 2016/1057},
      year = {2016},
      note = {\url{https://eprint.iacr.org/2016/1057}},
      url = {https://eprint.iacr.org/2016/1057}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.