Secure Multiparty Computation from SGX

Bernardo Portela1,2, Manuel Barbosa1,2, Guillaume Scerri3,4, Bogdan Warinschi5,  Raad Bahmani6, Ferdinand Brasser6, Ahmad-Reza Sadeghi6

1HASLab – INESC TEC, 2DCC-FCUP, 3Laboratoire DAVID – Université de Versailles St-Quentin, 4INRIA, 5University of Bristol, 6Technische Universität Darmstadt

In this paper we show how Isolated Execution Environments (IEE) offered by novel commodity hardware such as Intel’s SGX provide a new path to constructing general secure multiparty computation (MPC) protocols. Our protocol is intuitive and elegant: it uses code within an IEE to play the role of a trusted third party (TTP), and the attestation guarantees of SGX to bootstrap secure communications between participants and the TTP. The load of communications and computations on participants only depends on the size of each party’s inputs and
outputs and is thus small and independent from the intricacies of the functionality to be computed. The remaining computational load– essentially that of computing the functionality – is moved to an untrusted party running an IEE-enabled machine, an attractive feature for Cloud-based scenarios.

Our rigorous modular security analysis relies on the novel notion of labeled attested computation which we put forth in this paper. This notion is a convenient abstraction of the kind of attestation guarantees one can obtain from trusted hardware in multi-user scenarios.

Finally, we present an extensive experimental evaluation of our solution on SGX enabled hardware. Our implementation is open-source and it is functionality agnostic: it can be used to securely outsource to the Cloud arbitrary off-the-shelf collaborative software, such as the one employed on financial data applications, enabling secure collaborative execution over private inputs provided by multiple parties.

keywords: Secure Computation, Provable Security, Trusted Hardware, Cryptography

Presentation: Secure Multiparty Computation from SGX