Security Seminar: Blinded Memory with N. Asokan
Outsourcing computing to remote processors is compelling, but cryptographic techniques like homomorphic encryption incur high costs. Trusted Execution Environments (TEEs) provide secure outsourced computing, but recent attacks question their security. I will discuss Blinded Memory (BliMe), which uses minimal processor extensions and taint-tracking to ensure data confidentiality against server malware, run-time, or side-channel attacks. BliMe employs Instruction Set Architecture (ISA) extensions with a hardware security module (HSM) and encryption engine for secure outsourced computing. I'll cover the architecture, current status, and challenges.
Time: Thu 2024-05-16 16.00 - 17.00
Location: Amiga, Kistagången 16
Video link: Zoom
Language: English
Participating: Prof. N. Asokan, University of Waterloo, Canada
Speaker
Prof. N. Asokan, University of Waterloo, Canada
Title
Blinded Memory
Abstract
Outsourcing computing to a remote processor is popular and compelling. Cryptographic techniques like homomorphic encryption allow a client to outsource computation on sensitive data while ensuring that the data cannot be leaked. However, such techniques incur substantial computation and communication costs. Leveraging hardware assistance to efficiently ensure security is thus an attractive proposition. Trusted Execution Environments (TEEs), which saw widespread deployment in the early 2000s by mobile device manufacturers to run sensitive computations on commodity devices, can help to realize secure outsourced computing. But the security guarantees provided by traditional TEEs have been called into question by various recent attacks that exploit the inherent complexity of modern hardware and software. In this talk, I will describe Blinded Memory (BliMe): on-going work by my students to design minimal processor extensions that can help to efficiently realize secure outsourced computing. BliMe consists of a minimal set of Instruction Set Architecture (ISA) extensions that use taint-tracking to ensure confidentiality of sensitive (client) data even in the presence of server malware, run-time attacks, or side-channel attacks. To secure outsourced computation, BliMe extensions can be used together with an attestable, fixed-function hardware security module (HSM) and an encryption engine that provides atomic decrypt-and-taint and encrypt-and-untaint operations. I will describe the overall architecture, the current status of the work, and the challenges we face.
Bio
N. Asokan is a professor of computer science and a David R. Cheriton Chair at the University of Waterloo where he also serves as the executive director of the Cybersecurity and Privacy Institute. Asokan is a Fellow of the ACM, the IEEE, and the Royal Society of Canada. His research focuses on systems security. More information about his work is on his website at https://asokan.org/asokan/ or via X/Twitter @nasokan