Venue | Category |
---|---|
DSN'20 | SGX Storage |
SeGShare: Secure Group File Sharing in the Cloud using Enclaves1. SummaryMotivation of this paperFile Sharing SystemImplementation and Evaluation2. Strength (Contributions of the paper)3. Weakness (Limitations of the paper)4. Some Insights (Future work)
Present a new architecture for end-to-end encrypted, group-based file sharing using Intel SGX
the drawbacks of current solutions
For permission revocation: it is necessary to re-encrypt the file with a new key and distribute the new key to many users (involves expensive cryptographic operations)
Key reason for throughput improvement
Attacker Model
Group-based permission
System Design
Establish user trust in enclave Establish enclave trust in users
It uses the file manager components to read and write the required relations. It is the key to enable dynamic groups without re-encryption.
trusted file manager: encrypt/decrypt the content of all files that should be written/read with PAE_Enc/PAE_Dec using a unique file key per file. ( is derived from a root key ) untrusted file manager: passed/received all encrypted data, and handle the actual memory access.
Content store: regular files and its corresponding ACL files Group store: group list files and member list files
Immediate revocation
membership updates are enforced instantly without time-consuming re-encryption of files.
a permission update only requires
Probabilistic authenticated encryption (PAE) Provide the confidentiality and integrity of content files, permissions, existing groups, and group memberships
Extensions
Deduplication
Introducing a third store
For each uploaded content file: calculate an HMAC over the file's content using the root key (as the fingerprint)
plaintext data is deduplicated and only a single copy is encrypted
Rollback protection for individual files/whole file system
Implementation
Evaluation
- Memory isolation
- Attestation: allows to establish a secure channel between an external party and an enclave
this secure channel can be used to deploy sensitive data (e.g., encryption keys) directly into the enclave.
- Data sealing
- Protected file system library : a library shipped with Intel SGX SDK, provides a subset of the file API, e.g., file creation, file writing, and file reading.
- Switchless calls: In SGX's SDK, calls into the enclave are replaced by writing tasks into an untrusted buffer and enclave worker threads asynchronously perform the task.
- Pure cryptographically protected file sharing systems
- TEE-supported file sharing systems: NEXUS, Pesos