Outsourced computing is widely used today. However, current approaches for protecting client data in outsourced computing fall short: use of cryptographic techniques like fully-homomorphic encryption incurs substantial costs, whereas use of hardware-assisted trusted execution environments has been shown to be vulnerable to server malware, run-time attacks, and side-channel attacks. We present Blinded Memory (BliMe), an architecture to realize efficient and secure outsourced computation. BliMe consists of a novel and minimal set of ISA extensions implementing a taint-tracking policy to ensure the confidentiality of client data even in the presence of server vulnerabilities. To secure outsourced computation, the BliMe extensions can be used together with an attestable, fixed-function hardware security module (HSM) and an encryption engine that provides atomic decrypt-and-taint and encrypt-and-untaint operations. Clients rely on remote attestation and key agreement with the HSM to ensure that their data can be transferred securely to and from the encryption engine and will always be protected by BliMe's taint-tracking policy while at the server. We provide a machine-checked security proof of BliMe extensions, and an RTL implementation BliMe-BOOM based on the BOOM RISC-V core. BliMe-BOOM incurs no reduction in clock frequency relative to unmodified BOOM, nor does it use significantly more power (<0.5%) or FPGA resources (<5.5%). Various implementations of BliMe (on FPGA and the gem5 simulator) incur only moderate performance overhead (8-25%).
翻译:外包计算如今被广泛使用。然而,当前保护外包计算中客户端数据的方法存在不足:使用全同态加密等密码技术会产生高昂成本,而使用硬件辅助的可信执行环境已被证明易受服务器恶意软件、运行时攻击和侧信道攻击的影响。我们提出了盲化内存(BliMe),一种实现高效安全外包计算的架构。BliMe由一组新颖且极简的ISA扩展构成,它实现了一种污点追踪策略,即使在服务器存在漏洞的情况下也能确保客户端数据的机密性。为了保障外包计算的安全性,BliMe扩展可与可认证的、固定功能的硬件安全模块(HSM)以及提供原子性解密-污点标记和加密-去污点操作的加密引擎结合使用。客户端依赖与HSM的远程认证及密钥协商,确保其数据能安全地传入和传出加密引擎,并且在服务器上始终受到BliMe污点追踪策略的保护。我们提供了BliMe扩展的机器检验安全证明,并基于BOOM RISC-V内核实现了RTL级实现BliMe-BOOM。与未修改的BOOM相比,BliMe-BOOM未导致时钟频率降低,也未显著增加功耗(<0.5%)或FPGA资源消耗(<5.5%)。BliMe的多种实现(基于FPGA和gem5模拟器)仅带来适度的性能开销(8-25%)。
相关内容
- Today (iOS and OS X): widgets for the Today view of Notification Center
- Share (iOS and OS X): post content to web services or share content with others
- Actions (iOS and OS X): app extensions to view or manipulate inside another app
- Photo Editing (iOS): edit a photo or video in Apple's Photos app with extensions from a third-party apps
- Finder Sync (OS X): remote file storage in the Finder with support for Finder content annotation
- Storage Provider (iOS): an interface between files inside an app and other apps on a user's device
- Custom Keyboard (iOS): system-wide alternative keyboards
Source: iOS 8 Extensions: Apple’s Plan for a Powerful App Ecosystem
微信扫码咨询专知VIP会员