Outsourced computing is widely used today. However, current approaches for protecting client data in outsourced computing fall short: use of cryptographic techniques like fully-homomorphic encryption incurs substantial costs, whereas use of hardware-assisted trusted execution environments has been shown to be vulnerable to run-time and side-channel attacks. We present Blinded Memory (BliMe), an architecture to realize efficient and secure outsourced computation. BliMe consists of a novel and minimal set of instruction set architecture (ISA) extensions implementing a taint-tracking policy to ensure the confidentiality of client data even in the presence of server vulnerabilities. To secure outsourced computation, the BliMe extensions can be used together with an attestable, fixed-function hardware security module (HSM) and an encryption engine that provides atomic decrypt-and-taint and encrypt-and-untaint operations. Clients rely on remote attestation and key agreement with the HSM to ensure that their data can be transferred securely to and from the encryption engine and will always be protected by BliMe's taint-tracking policy while at the server. We provide an RTL implementation BliMe-BOOM based on the BOOM RISC-V core. BliMe-BOOM requires no reduction in clock frequency relative to unmodified BOOM, and has minimal power ($<\!1.5\%$) and FPGA resource ($\leq\!9.0\%$) overheads. Various implementations of BliMe incur only moderate performance overhead ($8--25\%$). We also provide a machine-checked security proof of a simplified model ISA with BliMe extensions.
翻译:外包计算如今已被广泛使用。然而,当前保护外包计算中客户端数据的方法存在不足:使用全同态加密等密码学技术会带来高昂成本,而借助硬件辅助的可信执行环境已被证明易受运行时攻击和侧信道攻击。我们提出Blinded Memory(BliMe),一种实现高效且安全外包计算的架构。BliMe包含一套新颖且精简的指令集架构(ISA)扩展,通过实施污点追踪策略来确保客户端数据的机密性,即使服务器存在漏洞也能提供保护。为实现安全外包计算,BliMe扩展可与可验证的固定功能硬件安全模块(HSM)及提供原子化解密并污点标记与加密并去污点操作的加密引擎协同使用。客户端依赖远程证明及与HSM的密钥协商,确保数据能够安全传输至加密引擎并从中返回,且始终在服务器端受BliMe污点追踪策略的保护。我们基于BOOM RISC-V内核提供了BliMe-BOOM的寄存器传输级(RTL)实现。相较于未修改的BOOM,BliMe-BOOM无需降低时钟频率,且功耗(<1.5%)与FPGA资源(≤9.0%)开销极低。BliMe的多项实现仅产生适度的性能开销(8%–25%)。我们还提供了包含BliMe扩展的简化模型ISA的机器检验安全证明。
相关内容
- Today (iOS and OS X): widgets for the Today view of Notification Center
- Share (iOS and OS X): post content to web services or share content with others
- Actions (iOS and OS X): app extensions to view or manipulate inside another app
- Photo Editing (iOS): edit a photo or video in Apple's Photos app with extensions from a third-party apps
- Finder Sync (OS X): remote file storage in the Finder with support for Finder content annotation
- Storage Provider (iOS): an interface between files inside an app and other apps on a user's device
- Custom Keyboard (iOS): system-wide alternative keyboards
Source: iOS 8 Extensions: Apple’s Plan for a Powerful App Ecosystem
微信扫码咨询专知VIP会员