Foundations of Hardware-Based Attested Computation and Application to SGX

Manuel Barbosa, Bernardo Portela, Guillaume Scerri, Bogdan Warinschi

Research output: Chapter in Book/Report/Conference proceedingConference Contribution (Conference Proceeding)

35 Citations (Scopus)

Abstract

Exciting new capabilities of modern trusted hardware technologies allow for the execution of arbitrary code within environments completely isolated from the rest of the system and provide cryptographic mechanisms for securely reporting on these executions to remote parties.

Rigorously proving security of protocols that rely on this type of hardware faces two obstacles. The first is to develop models appropriate for the induced trust assumptions (e.g., what is the correct notion of a party when the peer one wishes to communicate with is a specific instance of an an outsourced program). The second is to develop scalable analysis methods, as the inherent stateful nature of the platforms precludes the application of existing modular analysis techniques that require high degrees of independence between the components.

We give the first steps in this direction by studying three cryptographic tools which have been commonly associated with this new generation of trusted hardware solutions. Specifically, we provide formal security definitions, generic constructions and security analysis for attested computation, key-exchange for attestation and secure outsourced computation. Our approach is incremental: each of the concepts relies on the previous ones according to an approach that is quasi-modular. For example we show how to build a secure outsourced computation scheme from an arbitrary attestation protocol combined together with a key-exchange and an encryption scheme.
Original languageEnglish
Title of host publication2016 IEEE European Symposium on Security and Privacy (EuroS&P 2016)
Subtitle of host publicationProceedings of a meeting held 21-24 March 2016, Saarbrucken, Germany
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Pages245-260
Number of pages16
ISBN (Electronic)9781509017522
ISBN (Print)9781509017539, 9781509017515
DOIs
Publication statusPublished - 12 May 2016

Fingerprint

Dive into the research topics of 'Foundations of Hardware-Based Attested Computation and Application to SGX'. Together they form a unique fingerprint.

Cite this