11 research outputs found
Keys in the Clouds: Auditable Multi-device Access to Cryptographic Credentials
Personal cryptographic keys are the foundation of many secure services, but
storing these keys securely is a challenge, especially if they are used from
multiple devices. Storing keys in a centralized location, like an
Internet-accessible server, raises serious security concerns (e.g. server
compromise). Hardware-based Trusted Execution Environments (TEEs) are a
well-known solution for protecting sensitive data in untrusted environments,
and are now becoming available on commodity server platforms.
Although the idea of protecting keys using a server-side TEE is
straight-forward, in this paper we validate this approach and show that it
enables new desirable functionality. We describe the design, implementation,
and evaluation of a TEE-based Cloud Key Store (CKS), an online service for
securely generating, storing, and using personal cryptographic keys. Using
remote attestation, users receive strong assurance about the behaviour of the
CKS, and can authenticate themselves using passwords while avoiding typical
risks of password-based authentication like password theft or phishing. In
addition, this design allows users to i) define policy-based access controls
for keys; ii) delegate keys to other CKS users for a specified time and/or a
limited number of uses; and iii) audit all key usages via a secure audit log.
We have implemented a proof of concept CKS using Intel SGX and integrated this
into GnuPG on Linux and OpenKeychain on Android. Our CKS implementation
performs approximately 6,000 signature operations per second on a single
desktop PC. The latency is in the same order of magnitude as using
locally-stored keys, and 20x faster than smart cards.Comment: Extended version of a paper to appear in the 3rd Workshop on
Security, Privacy, and Identity Management in the Cloud (SECPID) 201
SoK: A Systematic Review of TEE Usage for Developing Trusted Applications
Trusted Execution Environments (TEEs) are a feature of modern central
processing units (CPUs) that aim to provide a high assurance, isolated
environment in which to run workloads that demand both confidentiality and
integrity. Hardware and software components in the CPU isolate workloads,
commonly referred to as Trusted Applications (TAs), from the main operating
system (OS). This article aims to analyse the TEE ecosystem, determine its
usability, and suggest improvements where necessary to make adoption easier. To
better understand TEE usage, we gathered academic and practical examples from a
total of 223 references. We summarise the literature and provide a publication
timeline, along with insights into the evolution of TEE research and
deployment. We categorise TAs into major groups and analyse the tools available
to developers. Lastly, we evaluate trusted container projects, test
performance, and identify the requirements for migrating applications inside
them.Comment: In The 18th International Conference on Availability, Reliability and
Security (ARES 2023), August 29 -- September 01, 2023, Benevento, Italy. 15
page
Mitigator: Privacy policy compliance using Intel SGX
Privacy policies have been known to be hard to read and understand by internet users and yet users are obliged to accept these one-sided terms of usage of their data before they can effectively use websites. Although research has been conducted into alternative representations of privacy policies, it does not consider whether the website provider actually adheres to the data handling practices outlined in the privacy policy. However, there has been significant research towards achieving compliance of internal processing systems to access control policies that capture some aspects of privacy policies, such as those related to confidentiality of collected information, the time period of its retention, and its disclosure to third parties. Apart from the fact that these access control policies may not be designed to be translatable to machine-readable or simplified text policies, such systems suffer from two related drawbacks: first, they assume a large trusted computing base (TCB) and in particular, the operating system is included within their TCB. Secondly, as they are only aimed at achieving compliance of different internal data processing systems to these access control policies, they do not seek to provide users of any proof of a compliant system.
On the other hand, trusted hardware seeks to reduce the TCB on a remote machine that a user needs to trust in order to run a program and obtain its results. Trusted hardware platforms provide two novel security properties: they disallow a malicious operating system from learning secrets from the program state and secondly, they allow the user to verify that the OS has not modified the program before or while running it, as long as the user trusts the hardware platform. Our goal is to design an architecture that uses an underlying trusted hardware platform to run a program, named the decryptor, that only hands users' data to a target program that has been determined to be compliant with a privacy policy model. As both of these programs are run on a trusted hardware platform, users can verify that the decryptor is indeed the correct, unmodified program. Most importantly, in our architecture, we provide trustworthy information about the verifier program used on the server side to a client program such that it can ensure that the target program has been checked for compliance with a privacy policy model by a valid verifier program. Such a verifier program should be made open-sourced so that it can be checked by experts. Our second contribution lies in implementing this architecture on the Intel SGX hardware platform, using a shim layer, namely the Graphene-SGX library. Finally, we also evaluate our system for its efficiency and find that it has a very small overhead in comparison with a setup that does not provide such guarantees
Towards more Secure and Efficient Password Databases
Password databases form one of the backbones of nowadays web applications.
Every web application needs to store its users’ credentials (email and password) in
an efficient way, and in popular applications (Google, Facebook, Twitter, etc.) these
databases can grow to store millions of user credentials simultaneously. However,
despite their critical nature and susceptibility to targeted attacks, the techniques
used for securing password databases are still very rudimentary, opening the way to
devastating attacks. Just in the year of 2016, and as far as publicly disclosed, there
were more than 500 million passwords stolen in internet hacking attacks.
To solve this problem we commit to study several schemes like property-preserving
encryption schemes (e.g. deterministic encryption), encrypted data-structures that
support operations (e.g. searchable encryption), partially homomorphic encryption
schemes, and commodity trusted hardware (e.g. TPM and Intel SGX).
In this thesis we propose to make a summary of the most efficient and secure techniques
for password database management systems that exist today and recreating
them to accommodate a new and simple universal API.
We also propose SSPM(Simple Secure Password Management), a new password
database scheme that simultaneously improves efficiency and security of current
solutions existing in literature. SSPM is based on Searchable Symmetric Encryption
techniques, more specifically ciphered data structures, that allow efficient queries
with the minimum leak of access patterns. SSPM adapts these structures to work
with the necessary operation of password database schemes preserving the security
guarantees.
Furthermore, SSPM explores the use of trusted hardware to minimize the revelation
of access patterns during the execution of operations and protecting the storage
of cryptographic keys. Experimental results with real password databases shows us
that SSPM has a similar performance compared with the solutions used today in
the industry, while simultaneous increasing the offered security conditions
TMPS: Ticket-Mediated Password Strengthening
We introduce the notion of Ticket-Mediated Password Strengthening (TMPS), a technique for allowing users to derive keys from passwords while imposing a strict limit on the number of guesses of their password any attacker can make, and strongly protecting the users\u27 privacy. We describe the security requirements of TMPS, and then a set of efficient and practical protocols to implement a TMPS scheme, requiring only hash functions, CCA2-secure encryption, and blind signatures. We provide several variant protocols, including an offline symmetric-only protocol that uses a local trusted computing environment, and online variants that use group signatures or stronger trust assumptions instead of blind signatures. We formalize the security of our scheme by defining an ideal functionality in the Universal Composability (UC) framework, and by providing game-based definitions of security. We prove that our protocol realizes the ideal functionality in the random oracle model (ROM) under adaptive corruptions with erasures, and prove that security with respect to the ideal/real definition implies security with respect to the game-based definitions
Privacy Preserving Deep Neural Network Prediction using Trusted Hardware
In recent years machine learning has gained a lot of attention not only in the scientific community but also in user-facing applications. Today, many applications utilise machine learning to take advantage of its capabilities. With such applications, users actively or passively input data that is used by state-of-the-art algorithms to generate accurate predictions. Due to the extensive work necessary to fine-tune these algorithms for a specific task, they are predominantly executed in the cloud where they can be protected from competitors or malicious users. As a result, users' privacy might be at risk as their data is sent to and processed by remote cloud services. Depending on the application, users might expose highly sensitive data, meaning a malicious provider could harvest extensive amounts of personal data from its users.
In order to protect user privacy without compromising the confidentiality guarantees of traditional solutions, we propose using trusted hardware for privacy preserving deep neural network predictions. Our solution consists of a hardware-backed prediction service and a client device that connects to said service. All machine learning computations executed by the prediction service that depend on input data are protected by a trusted hardware component, called a Trusted Execution Environment. This can be verified by users via remote attestation to ensure their data remains protected. In addition, we have built a proof-of-concept implementation of our solution using Intel Software Guard Extensions (SGX). Compared to existing solutions relying on homomorphic encryption, our proof-of-concept implementation vastly increases the set of supported machine learning algorithms. Moreover, our implementation is tightly integrated into the existing pipeline of machine learning tools by supporting the Open Neural Network Exchange (ONNX) Format. Furthermore, we focus on minimising our Trusted Computing Base (TCB), thus our proof-of-concept implementation only consists of 4,500 lines of code. Additionally, we achieve a 7x increase in throughput whilst decreasing the latency 40x compared to prior work. In our tests, SGX reduced throughput by 11% and increased latency by 21% compared to our baseline implementation without SGX
Modelos de gerenciamento de enclaves para execução segura de componentes de software
Orientador: Carlos Alberto MazieroTese (doutorado) - Universidade Federal do Paraná, Setor de Ciências Exatas, Programa de Pós-Graduação em Informática. Defesa : Curitiba, 04/12/2020Inclui referências: p. 106-115Área de concentração: Ciência da ComputaçãoResumo: A confidencialidade dos dados está se mostrando cada vez mais importante para os usuários de computadores, seja em um ambiente corporativo ou até mesmo em um ambiente doméstico. Atualmente, não somente dados sensíveis às empresas estão trafegando pela rede ou sendo manipulados pelos mais diversos programas de computador, mas também tem-se um intenso uso de aplicações para transações bancárias e outras aplicações de uso corriqueiro que manipulam dados sensíveis dos usuários, os quais devem ter sua confidencialidade e integridade garantidas. Nesse sentido, tem-se variadas soluções sendo propostas para manter a confidencialidade e integridade dos dados, dentre elas a arquitetura Intel SGX (Software Guard Extensions), a qual possui mecanismos para que as aplicações e os dados sejam encapsulados em uma área protegida da memória com acesso restrito, impossibilitando o acesso nessa região de memória a outras aplicações ou ao próprio sistema operacional. A utilização de tais mecanismos para prover a confidencialidade e integridade dos dados sensíveis da aplicação acarreta em um impacto de desempenho durante a sua execução, devido às restrições e verificações impostas pela arquitetura Intel SGX. O presente trabalho busca analisar os modelos de programação que são aplicados em soluções que utilizam a arquitetura Intel SGX e apresentar alternativas que buscam um uso mais eficiente dos recursos providos por tal arquitetura e também a redução do impacto de desempenho decorrente de sua utilização. Assim, são apresentados dois modelos de gerenciamento: (i) compartilhamento de enclaves; e (ii) pool de enclaves. Para a aplicação de tais modelos, é proposta uma arquitetura de um provedor de enclaves, que oferece um desacoplamento entre o enclave e a aplicação que o utiliza, permitindo aplicar os modelos de gerenciamento propostos e oferecer os recursos providos pelos enclaves às aplicações na forma de serviços. Um protótipo é construído para avaliar a arquitetura e modelos propostos, com os testes de desempenho demonstrando consideráveis reduções no impacto para requisição de enclaves, enquanto garante boa resposta para atender múltiplas requisições simultâneas. Assim, conclui-se que a utilização de modelos arquiteturais de software podem trazer benefícios no gerenciamento de recursos e ganho de desempenho na execução de aplicações seguras. Palavras-chave: Intel SGX, modelos de programação, arquitetura de software, padrões de projeto, desempenho, otimização de recursos.Abstract: Data confidentiality is becoming increasingly important to computer users, whether in a corporate environment or even in a home environment. Not only are business-sensitive data currently being trafficked across the network or being handled by a variety of software, but there is also an intense use of applications for banking transactions and other commonly used applications that manipulate sensitive user data, which must have their confidentiality and integrity guaranteed. In this sense, there are several solutions being proposed to maintain the confidentiality and integrity of the data, among them the Intel SGX (Software Guard Extensions) architecture, which has mechanisms to encapsulate applications and data in a protected area of memory having restricted access, making it impossible to access this region of memory to other applications or to the operating system. The use of such mechanisms to provide the confidentiality and integrity of sensitive data results in a performance impact during the application execution, due to the restrictions and verifications imposed by the Intel SGX architecture. The present work aims to analyze the programming models that are applied in solutions that use the Intel SGX architecture and present alternatives that seek a more efficient use of the resources provided by this architecture and also the reduction of the performance impact due to its use. Thus, two management models are presented: (i) enclave sharing; and (ii) enclave pool. In order to apply such models, an architecture of an enclave provider is proposed, which offers a decoupling between the enclave and the application that uses it, allowing to apply the proposed management models and offering the resources provided by the enclaves to the applications in "as a service" format. A prototype is built to evaluate the proposed architecture and models, with the performance tests demonstrating considerable reductions in the impact for enclave requests, while guaranteeing good response to attend simultaneous requests. Thus, it is concluded that the use of architectural software models can bring benefits in resource management and performance gains in the execution of secure applications. Keywords: Intel SGX, programming models, software architecture, design patterns, performance, resource optimization