1. Secure Multiparty Computation from SGX 2017 FinancialCryptography IntelSGX MPC
    Bernardo Portela, Manuel Barbosa, Guillaume Scerri, Bogdan Warinschi, Raad Bahmani, Ferdinand Brasser, Ahmad-Reza Sadeghi
    [View PDF on fc17.ifca.ai]
    [Show BibTex Citation]

    @inproceedings{DBLP:conf/fc/BahmaniBBPSSW17,
    author = {Raad Bahmani and
    Manuel Barbosa and
    Ferdinand Brasser and
    Bernardo Portela and
    Ahmad{-}Reza Sadeghi and
    Guillaume Scerri and
    Bogdan Warinschi},
    editor = {Aggelos Kiayias},
    title = {Secure Multiparty Computation from {SGX}},
    booktitle = {Financial Cryptography and Data Security - 21st International Conference,
    {FC} 2017, Sliema, Malta, April 3-7, 2017, Revised Selected Papers},
    series = {Lecture Notes in Computer Science},
    volume = {10322},
    pages = {477--497},
    publisher = {Springer},
    year = {2017},
    url = {https://doi.org/10.1007/978-3-319-70972-7\_27},
    doi = {10.1007/978-3-319-70972-7\_27},
    timestamp = {Mon, 16 Sep 2019 15:28:43 +0200},
    biburl = {https://dblp.org/rec/bib/conf/fc/BahmaniBBPSSW17},
    bibsource = {dblp computer science bibliography, https://dblp.org}
    }

Isolated Execution Environments (IEE) offered by novel commodity hardware such as Intel’s SGX deployed in Skylake processors permit executing software in a protected environment that shields it from a malicious operating system; it also permits a remote user to obtain strong interactive attestation guarantees on both the code running in an IEE and its input/output behaviour. In this paper we show how IEEs provide a new path to constructing general secure multiparty computation (MPC) protocols. Our protocol is intuitive and elegant: it uses code within an IEE to play the role of a trusted third party (TTP), and the attestation guarantees of SGX to bootstrap secure communications between participants and the TTP. In our protocol the load of communications and computations on participants only depends on the size of each party’s inputs and outputs and is thus small and independent from the intricacy of the functionality to be computed. The remaining computational load– essentially that of computing the functionality – is moved to an untrusted party running an IEE-enabled machine, an appealing feature for Cloud-based scenarios. However, as often the case even with the simplest cryptographic protocols, we found that there is a large gap between this intuitively appealing solution and a protocol with rigorous security guarantees. We bridge this gap through a comprehensive set of results that include: i. a detailed construction of a protocol for secure computation for arbitrary functionalities; ii. formal security definitions for the security of the overall protocol and that of its components; and iii. a modular security analysis of our protocol that relies on a novel notion of labeled attested computation. We implemented and extensively evaluated our solution on SGX-enabled hardware, providing detailed measurements of our protocol as well as comparisons with software-only MPC solutions. Furthermore, we show the cost induced by using constant-time, i.e., timing side channel resilient, code in our implementation.

  1.