8 May 2018
San Francesco - Via della Quarquonia 1 (Classroom 2 )
The introduction of Intel SGX (Software Guard Extensions) into the mass market has sparkled a wave of new systems that allow to run trusted services over untrusted hardware infrastructures.
In this talk, I will first briefly introduce the basic mechanisms of Intel SGX.
Then, I will present two recent systems where SGX is used for different purposes.
X-Search ([1]) offers private web-search guarantees under strong adversarial models while being more resistant to re-identification attacks than state of the-art competitors (e.g. TOR) and outperforming in terms of latency and throughput.
EndBox ([2]) is a system that securely executes middlebox functions (e.g. routing, firewalling, bandwidth-shaping, etc.) on client machines at the network edge. Its design combines a virtual private network (VPN) with middlebox functions that are hardware-protected by Intel SGX.
[1] Sonia Ben Mokhtar, Antoine Boutet, Pascal Felber, Marcelo Pasin, Rafael Pires and Valerio Schiavoni
X-Search: Revisiting Private Web Search using Intel SGX.
Proceedings of Middleware 2017 (18th ACM/IFIP/USENIX Middleware).
[2] David Goltzsche, Signe Rüsch, Manuel Nieke, Sébastien Vaucher, Nico Weichbrodt, Valerio Schiavoni, Pierre-Louis Aublin, Paolo Costa, Christof Fetzer, Pascal Felber, Peter Pietzuch, Rüdiger Kapitza. EndBox: Scalable Middlebox Functions Using Client-Side Trusted Execution
To appear in Proceedings of DSN 2018 (48th IEEE/IFIP International Conference on Dependable Systems and Networks).
relatore:
Schiavoni, Valerio
Units:
SysMA