Paper 2023/829
TGh: A TEE/GC Hybrid Enabling Confidential FaaS Platforms
Abstract
Trusted Execution Environments (TEEs) suffer from performance issues when executing certain management instructions, such as creating an enclave, context switching in and out of protected mode, and swapping cached pages. This is especially problematic for short-running, interactive functions in Function-as-a-Service (FaaS) platforms, where existing techniques to address enclave overheads are insufficient. We find FaaS functions can spend more time managing the enclave than executing application instructions. In this work, we propose a TEE/GC hybrid (TGh) protocol to enable confidential FaaS platforms. TGh moves computation out of the enclave onto the untrusted host using garbled circuits (GC), a cryptographic construction for secure function evaluation. Our approach retains the security guarantees of enclaves while avoiding the performance issues associated with enclave management instructions.
Metadata
- Available format(s)
- Category
- Applications
- Publication info
- Preprint.
- Keywords
- trusted execution evironmentsmpcgarbled circuitssgx
- Contact author(s)
-
jgc @ gatech edu
ketanbj @ cc gatech edu
ada @ cc gatech edu - History
- 2023-06-06: approved
- 2023-06-04: received
- See all versions
- Short URL
- https://ia.cr/2023/829
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/829, author = {James Choncholas and Ketan Bhardwaj and Ada Gavrilovska}, title = {{TGh}: A {TEE}/{GC} Hybrid Enabling Confidential {FaaS} Platforms}, howpublished = {Cryptology {ePrint} Archive, Paper 2023/829}, year = {2023}, url = {https://eprint.iacr.org/2023/829} }