VC3: Trustworthy Data Analytics in the Cloud using SGX

FelixSchuster∗,ManuelCosta,CedricFournet,ChristosGkantsidis´MarcusPeinado,GloriaMainar-Ruiz,MarkRussinovich

MicrosoftResearch

Outline

•  Introduction•  Background•  DesignOverview•  JobDeployment•  JobExecutionandVerification•  RegionalSelf-Integrity•  Implementation•  Evaluation•  RelatedWork•  Conclusion

Introduction

• Cloudprovidersallowcomputersintodatacentersandmakethemavailableon-demand• Usershavetheabilitytorentoutcomputingcapacitytorunlarge-scaledistributedcomputationsbasedonframeworkslikeMapReduce• Amajorconcernforusersistheabilitytotrustthecloudproviderwiththeircodeanddata

Introduction (cont’d)

• Concerns:•  Singlemaliciousinsiderwithadminaccessinthecloudcanleakormanipulatesensitiveuserdata•  Externalattackersattempttoaccessdata(e.g.exploitvulnerabilitiesinanOS)•  Externalattackersmaytamperwithusers’computations

• CloudUserExpectations•  Confidentialityandintegrityforbothcodeanddata•  Verifiabilityofexecutionofthecodeoverdata

• MultipartycomputationtechniquesmayaddressthesedemandsusingFullyHomomorphicEncryption(FHE)•  However,FHEisnotefficientformostcomputations

Introduction (cont’d)

• VerifiableConfidentialCloudComputing(VC3)•  AsystemthatallowsuserstorunMapReducecomputationsinthecloudwhilekeepingtheircodeanddatasecretandensuringcorrectnessandcompletenessoftheirresults

•  ThreatModel•  Powerfulattackersthatmayhavetheabilitytocontrolthewholecloudproviderssoftwareandhardwareinfrastructure

•  ToolsUsed•  TrustedSGXprocessors•  RananunmodifiedHadoop

Introduction (cont’d)

• Challenges:•  PartitionthesystemintotrustedanduntrustedpartstominimizeitsTCB•  Guaranteeintegrityforthewholedistributedcomputation•  Protectthecoderunningintheisolatedmemoryregionsfromattacksduetounsafememoryaccesses

Background

• MapReduce•  Apopularprogrammingmodelforprocessinglargedatasets:userswritemapandreducefunctions,andexecutionoffunctionsisautomaticallyparallelizedanddistributed

•  IntelSGX•  Setofx86-64ISAextensions

•  Setsupprotectedexecutionenvironments(calledenclaves)withoutrequiringtrustinanythingbutprocessorandcodeputintheenclaves

Adversary Model

• Awareofexternalattackersthatmaytrytocontroltheentiresoftwarestackinacloudprovider’sinfrastructure,includingthehypervisorandOS• AssumetheattackerisunabletophysicallyopenandmanipulatetatleasttheSGX-enabledprocessorpackages

Design Overview

• Goal:Maintainconfidentialityandintegrityofcodeanddata• ResearchersdesignedVC3toachievegoodperformanceandkeeplargesoftwarecomponentsoutoftheTCB• VC3allowsuserstoimplementMapReducejobsbywriting,testing,anddebuggingmapandreducefunctions• Whenmapandreducefunctionsarereadyforproduction,userscompileandencryptthecode,andobtainaprivateenclaveE-code•  Inthecloud,enclavescontainingE-andE+areinitializedandl

Design Overview

Job Deployment

• Afterthedeploymentofauserscodetothecloud,cryptographicprotocolsareexchangedandtheactualMapReducejobexecutionstarts• CloudAttestation

•  SGXremoteattestationforenclavesisachievedthroughquotesissuedbyQE•  Threatmodelexcludesphysicalattacks,todefendagainstsuchattacks,theyusedanadditionalCloudQE•  CloudQEwascreatedbythecloudproviderwhenanewSGX-enabledsystemiscreated

Job Deployment

• KeyExchange•  ToexecuteMapReducejobs,enclavesneedtogetkeystodecrypttheresults•  ResearcherscreatedtheirownkeyexchangeprotocolwhichisdesignedtoimplementaconventionalMapReducejobthatworkswithHadoop

Job Execution & Verification

• Keyexchangesandencryptioncodewillhelpcodeanddatabesafefromattacks• ResearchershavetoencryptdatainaMapReducejobandthiscapabilityneedstoworkwithinHadoop

Region Self-Integrity

•  Finalaspectofdesignistoenforcearegionofself-integrityforusercodeloadedintoenclaves•  Establishefficientcommunicationchannels

•  Leadstoabroadenattacksurfaceonenclaves•  Twosolutions:

•  Region-write-integrity•  Region-read-write-integrity

Discussion

•  SeveralAttackScenarios:•  InformationLeakage

•  OnebasicprincipleofMapReduceisthatkey-valuepairswiththesamekeyneedtobeprocessedbythesamereducer

•  Anetworkattackercancountthenumberofpairsbeingdeliveredandchangethepairs•  ReplayAttacks

•  AttackerscantrytofullyorpartiallyreplayapastMapReducejob

Implementation

• VC3wasimplementedusingC++forWindows64-bitandHDInsightdistributionofHadoop•  SGXEmulation

•  ResearchersimplementedVC3inanSGXEmulatorwhichwassuccessful•  Aswell,createdtheirownemulator,howevertheemulatordoesnotprovidesecurityguarantees

Evaluation

• Researcherschoseamixofreal-worldapplicationsandbenchmarkstoevaluatetheVC3system•  ThefollowingtableshowstheapplicationsusedtoevaluateVC3

Conclusion

• VC3createdasanapproachfortheverifiableandconfidentialexecutionofMapReducejobsinuntrustedcloudenvironments• VC3isabletobesuccessfulimplementedandhasstrongsecurityguarantees• VC3isabletoachievesecurecloudcomputations