ConsenSGX: Scaling Anonymous Communications Networks with Trusted Execution Environments

Open access

Abstract

Anonymous communications networks enable individuals to maintain their privacy online. The most popular such network is Tor, with about two million daily users; however, Tor is reaching limits of its scalability. One of the main scalability bottlenecks of Tor and similar network designs originates from the requirement of distributing a global view of the servers in the network to all network clients. This requirement is in place to avoid epistemic attacks, in which adversaries who know which parts of the network certain clients do and do not know about can rule in or out those clients from being responsible for particular network traffic.

In this work, we introduce a novel solution to this scalability problem by leveraging oblivious RAM constructions and trusted execution environments in order to enable clients to fetch only the parts of the network view they require, without the directory servers learning which parts are being fetched. We compare the performance of our design with the current Tor mechanism and other related works to show one to two orders of magnitude better performance from an end-to-end perspective. We analyse the requirements to actually deploy such a scheme today and conclude that it would only require a small fraction (<2.5%) of the relays to have the required hardware support; moreover, these relays can perform their roles with minimal network bandwidth requirements.

If the inline PDF is not rendering correctly, you can download the PDF file here.

  • [1] C. Aguilar-Melchor J. Barrier L. Fousse and M.-O. Killijian. XPIR: Private Information Retrieval for Everyone. Proceedings on Privacy Enhancing Technologies 2016.

  • [2] A. Ahmad K. Kim M. I. Sarfaraz and B. Lee. OBLIVIATE: A Data Oblivious Filesystem for Intel SGX. In 25th Network and Distributed System Security Symposium (NDSS) 2018.

  • [3] I. Anati S. Gueron S. Johnson and V. Scarlata. Innovative Technology for CPU Based Attestation and Sealing 2013. https://software.intel.com/en-us/articles/innovative-technology-for-cpu-based-attestation-and-sealing.

  • [4] S. Angel H. Chen K. Laine and S. Setty. PIR with compressed queries and amortized query processing. In 39th IEEE Symposium on Security and Privacy (S&P). IEEE 2018.

  • [5] ARM. ARM Security Technology: Building a Secure System using TrustZone Technology 2015. http://infocenter.arm.com/help/topic/com.arm.doc.prd29-genc-009492c/PRD29-GENC-009492C_trustzone_security_whitepaper.pdf.

  • [6] R. Barbulescu and S. Duquesne. Updating Key Size Estimations for Pairings. Cryptology ePrint Archive Report 2017/334 2017.

  • [7] J. Bi M. Liu and X. Wang. Cryptanalysis of a homomorphic encryption scheme from ISIT 2008. In IEEE International Symposium on Information Theory (ISIT) 2012.

  • [8] D. Bleichenbacher A. Kiayias and M. Yung. Decoding of Interleaved Reed Solomon Codes over Noisy Data. In International Colloquium on Automata Languages and Programming. Springer 2003.

  • [9] D. Boneh C. Gentry B. Lynn and H. Shacham. Aggregate and Verifiably Encrypted Signatures from Bilinear Maps. In International Conference on the Theory and Applications of Cryptographic Techniques. Springer 2003.

  • [10] D. Boneh B. Lynn and H. Shacham. Short signatures from the Weil pairing. In International Conference on the Theory and Application of Cryptology and Information Security. Springer 2001.

  • [11] Z. Brakerski and V. Vaikuntanathan. Efficient Fully Homomorphic Encryption from (Standard) LWE. SIAM Journal on Computing 2014.

  • [12] F. Brasser U. Müller A. Dmitrienko K. Kostiainen S. Capkun and A. Sadeghi. Software Grand Exposure: SGX Cache Attacks Are Practical. In 11th USENIX Workshop on O˙ensive Technologies (WOOT) 2017.

  • [13] Brave. Brave Private Tabs with Tor. https://brave.com/tor-tabs-beta Accessed September 2018.

  • [14] J. V. Bulck M. Minkin O. Weisse D. Genkin B. Kasikci F. Piessens M. Silberstein T. F. Wenisch Y. Yarom and R. Strackx. Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution. In 27th USENIX Security Symposium 2018.

  • [15] B. Chor O. Goldreich E. Kushilevitz and M. Sudan. Private Information Retrieval. In IEEE Foundations of Computer Science (FOCS) 1995.

  • [16] D. Coppersmith and M. Sudan. Reconstructing Curves in Three (and Higher) Dimensional Space from Noisy Data. In 35th ACM Symposium on Theory of Computing (STOC) 2003.

  • [17] F. Dall G. De Micheli T. Eisenbarth D. Genkin N. Heninger A. Moghimi and Y. Yarom. Cachequote: Efficiently Recovering Long-Term Secrets of SGX EPID via Cache Attacks. IACR Transactions on Cryptographic Hardware and Embedded Systems 2018.

  • [18] G. Danezis and R. Clayton. Route Fingerprinting in Anonymous Communications. In 6th IEEE International Conference on Peer-to-Peer Computing. IEEE 2006.

  • [19] G. Danezis and P. Syverson. Bridging and Fingerprinting: Epistemic Attacks on Route Selection. In 8th Privacy Enhancing Technologies Symposium (PETS). Springer 2008.

  • [20] S. Devadas M. van Dijk C. W. Fletcher L. Ren E. Shi and D. Wichs. Onion ORAM: A Constant Bandwidth Blowup Oblivious RAM. In Theory of Cryptography Conference (TCC). Springer 2016.

  • [21] R. Dingledine N. Mathewson and P. Syverson. Tor: The Second-Generation Onion Router. In 13th USENIX Security Symposium 2004.

  • [22] J. R. Douceur. The Sybil attack. In International Workshop on Peer-to-Peer Systems. Springer 2002.

  • [23] T. Elahi K. Bauer M. AlSabah R. Dingledine and I. Goldberg. Changing of the Guards: A Framework for Understanding and Improving Entry Guard Selection in Tor. In 11th ACM Workshop on Privacy in the Electronic Society (WPES). ACM 2012.

  • [24] C. Fletcher M. Naveed L. Ren E. Shi and E. Stefanov. Bucket ORAM: Single Online Roundtrip Constant Bandwidth Oblivious RAM. Cryptology ePrint Archive Report 2015/1065 2015.

  • [25] I. Goldberg. Improving the Robustness of Private Information Retrieval. In 28th IEEE Symposium on Security and Privacy (S&P) 2007.

  • [26] O. Goldreich and R. Ostrovsky. Software Protection and Simulation on Oblivious RAMs. Journal of the ACM (JACM) 1996.

  • [27] S. Gueron. Intel® Advanced Encryption Standard (AES) New Instructions Set 2010. https://www.intel.com/content/dam/doc/white-paper/advanced-encryption-standard-new-instructions-set-paper.pdf.

  • [28] Intel. SGX Virtualization. https://01.org/intel-software-guard-extensions/sgx-virtualization. Accessed February 2018.

  • [29] Intel. Intel Trusted Execution Technology 2007. http://www.intel.com/technology/security/. Accessed September 2018.

  • [30] Intel. Software Guard Extensions (Intel® SGX) Data Center Attestation Primitives: ECDSA Quote Library API 2018. https://download.01.org/intel-sgx/dcap-1.0/docs/SGX_ECDSA_QuoteGenReference_DCAP_API_Linux_1.0.pdf.

  • [31] A. Kapadia and N. Triandopoulos. Halo: High-Assurance Locate for Distributed Hash Tables. In 16th Network and Distributed System Security Symposium (NDSS) 2008.

  • [32] D. Kaplan J. Powell and T. Woller. AMD Memory Encryption 2016. https://developer.amd.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf.

  • [33] S. Karandikar S. Devadas A. Ou K. Asanovic I. Lebedev D. Song and D. Lee. Keystone Open-source Secure Hardware Enclave 2018. https://keystone-enclave.org/. Accessed September 2018.

  • [34] T. Kim and R. Barbulescu. Extended Tower Number Field Sieve: A New Complexity for the Medium Prime Case. In CRYPTO. Springer 2016.

  • [35] P. Kocher J. Horn A. Fogh D. Genkin D. Gruss W. Haas M. Hamburg M. Lipp S. Mangard T. Prescher M. Schwarz and Y. Yarom. Spectre Attacks: Exploiting Speculative Execution. In 40th IEEE Symposium on Security and Privacy (S&P) 2019.

  • [36] S. Lee M.-W. Shih P. Gera T. Kim H. Kim and M. Peinado. Inferring Fine-grained Control Flow Inside SGX Enclaves with Branch Shadowing. In 26th USENIX Security Symposium 2017.

  • [37] T. Lepoint and M. Tibouchi. Cryptanalysis of a (Somewhat) Additively Homomorphic Encryption Scheme Used in PIR. In 3rd Workshop on Applied Homomorphic Cryptography and Encrypted Computing (WAHC) 2015.

  • [38] M. Lipp M. Schwarz D. Gruss T. Prescher W. Haas A. Fogh J. Horn S. Mangard P. Kocher D. Genkin Y. Yarom and M. Hamburg. Meltdown: Reading Kernel Memory from User Space. In 27th USENIX Security Symposium 2018.

  • [39] E. K. Lua J. Crowcroft M. Pias R. Sharma and S. Lim. A Survey and Comparison of Peer-to-Peer Overlay Network Schemes. IEEE Communications Surveys & Tutorials 2005.

  • [40] W. Lueks and I. Goldberg. Sublinear Scaling for Multi-Client Private Information Retrieval. In International Conference on Financial Cryptography and Data Security (FC). Springer 2015.

  • [41] N. Mathewson. Proposal 300: Walking Onions: Scaling and Saving Bandwidth. https://gitweb.torproject.org/torspec.git/tree/proposals/300-walking-onions.txt 2019. Accessed February 2019.

  • [42] P. Maymounkov and D. Mazieres. Kademlia: A Peer-to-Peer Information System Based on the XOR Metric. In International Workshop on Peer-to-Peer Systems. Springer 2002.

  • [43] J. McLachlan A. Tran N. Hopper and Y. Kim. Scalable Onion Routing with Torsk. In 16th ACM Conference on Computer and Communications Security (CCS) 2009.

  • [44] C. A. Melchor and P. Gaborit. A Fast Private Information Retrieval Protocol. In IEEE International Symposium on Information Theory (ISIT) 2008.

  • [45] P. Mishra R. Poddar J. Chen A. Chiesa and R. A. Popa. Oblix: An Efficient Oblivious Search Index. In 39th IEEE Symposium on Security and Privacy (S&P). IEEE 2018.

  • [46] P. Mittal and N. Borisov. ShadowWalker: Peer-to-peer Anonymous Communication using Redundant Structured Topologies. In 16th ACM Conference on Computer and Communications Security (CCS) pages 161–172. ACM 2009.

  • [47] P. Mittal and N. Borisov. Information Leaks in Structured Peer-to-Peer Anonymous Communication Systems. ACM Transactions on Information and System Security (TISSEC) 2012.

  • [48] P. Mittal F. Olumofin C. Troncoso N. Borisov and I. Goldberg. PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval. In 20th USENIX Security Symposium 2011.

  • [49] Mozilla. Fusion: Firefox USIng Onions 2018. https://wiki.mozilla.org/Security/Fusion. Accessed September 2018.

  • [50] A. Nambiar and M. Wright. Salsa: A Structured Approach to Large-Scale Anonymity. In 13th ACM Conference on Computer and Communications Security (CCS) 2006.

  • [51] O. Ohrimenko F. Schuster C. Fournet A. Mehta S. Nowozin K. Vaswani and M. Costa. Oblivious multi-party machine learning on trusted processors. In 25th USENIX Security Symposium 2016.

  • [52] L. Øverlier and P. Syverson. Locating Hidden Servers. In IEEE Symposium on Security and Privacy (S&P) 2006.

  • [53] A. Panchenko S. Richter and A. Rache. NISAN: Network Information Service for Anonymization Networks. In 16th ACM Conference on Computer and Communications Security (CCS) 2009.

  • [54] S. Patel G. Persiano and K. Yeo. Private Stateful Information Retrieval. In 25th ACM Conference on Computer and Communications Security (CCS) 2018.

  • [55] A. M. Piotrowska J. Hayes T. Elahi S. Meiser and G. Danezis. The Loopix Anonymity System. In 26th USENIX Security Symposium 2017.

  • [56] A. Rane C. Lin and M. Tiwari. Raccoon: Closing Digital Side-channels Through Obfuscated Execution. In 24th USENIX Security Symposium 2015.

  • [57] O. Regev. On Lattices Learning With Errors Random Linear Codes and Cryptography. Journal of the ACM (JACM) 2009.

  • [58] L. Ren C. Fletcher A. Kwon E. Stefanov E. Shi M. van Dijk and S. Devadas. Constants Count: Practical Improvements to Oblivious RAM. In 24th USENIX Security Symposium 2015.

  • [59] M. Rennhard and B. Plattner. Introducing MorphMix: Peer-to-Peer Based Anonymous Internet Usage with Collusion Detection. In 1st ACM Workshop on Privacy in the Electronic Society (WPES) 2002.

  • [60] S. Sasy S. Gorbunov and C. W. Fletcher. ZeroTrace: Oblivious Memory Primitives from Intel SGX. In 25th Network and Distributed System Security Symposium (NDSS) 2018.

  • [61] M. Schuchard A. W. Dean V. Heorhiadi N. Hopper and Y. Kim. Balancing the Shadows. In 9th ACM Workshop on Privacy in the Electronic Society (WPES) 2010.

  • [62] M. Schwarz S. Weiser D. Gruss C. Maurice and S. Mangard. Malware Guard Extension: Using SGX to Conceal Cache Attacks. In International Conference on Detection of Intrusions and Malware and Vulnerability Assessment. Springer 2017.

  • [63] S. Shinde Z. L. Chua V. Narayanan and P. Saxena. Preventing Page Faults from Telling Your Secrets. In 11th ACM Asia Conference on Computer and Communications Security (AsiaCCS) 2016.

  • [64] R. Snader and N. Borisov. Improving Security and Performance in the Tor Network through Tunable Path Selection. IEEE Transactions on Dependable and Secure Computing 2011.

  • [65] E. Stefanov E. Shi and D. Song. Towards Practical Oblivious RAM. In 19th Network and Distributed System Security Symposium (NDSS) 2012.

  • [66] E. Stefanov M. Van Dijk E. Shi C. Fletcher L. Ren X. Yu and S. Devadas. Path ORAM: An Extremely Simple Oblivious RAM Protocol. In 20th ACM Conference on Computer and Communications Security (CCS) 2013.

  • [67] I. Stoica R. Morris D. Karger M. F. Kaashoek and H. Balakrishnan. Chord: A Scalable Peer-to-Peer Lookup Service for Internet Applications. ACM SIGCOMM Computer Communication Review 2001.

  • [68] P. Tabriz and N. Borisov. Breaking the collusion detection mechanism of MorphMix. In 6th International Workshop on Privacy Enhancing Technologies (PET) pages 368–383. Springer 2006.

  • [69] The Tor Project. Tor Directory Services v3. https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt. Accessed September 2018.

  • [70] The Tor Project. Tor Metrics. https://metrics.torproject.org/. Accessed September 2018.

  • [71] The Tor Project. Who Uses Tor? https://www.torproject.org/about/torusers.html.en. Accessed September 2018.

  • [72] United Nations. Universal Declaration of Human Rights (Article 12) 1948. http://www.un.org/en/universal-declaration-human-rights/. Accessed September 2018.

  • [73] C. Wacek H. Tan K. S. Bauer and M. Sherr. An Empirical Evaluation of Relay Selection in Tor. In 20th Network and Distributed System Security Symposium (NDSS) 2013.

  • [74] D. S. Wallach. A Survey of Peer-to-Peer Security Issues. In 2002 Mext-NSF-JSPS International Conference on Software Security: Theories and Systems (ISSS). Springer 2003.

  • [75] P. Wang and Y. Kim. Myrmic: Secure and Robust DHT Routing 2006.

  • [76] Q. Wang P. Mittal and N. Borisov. In search of an anonymous and secure lookup: attacks on structured peer-to-peer anonymous communication systems. In 17th ACM Conference on Computer and Communications Security (CCS) pages 308–318. ACM 2010.

  • [77] X. Wang H. Chan and E. Shi. Circuit ORAM: On Tightness of the Goldreich-Ostrovsky Lower Bound. In 22nd ACM Conference on Computer and Communications Security (CCS) 2015.

  • [78] R. Wojtczuk and J. Rutkowska. Attacking Intel Trusted Execution Technology. Invisible Things Lab 2009.

  • [79] R. Wojtczuk and J. Rutkowska. Attacking SMM Memory via Intel CPU Cache Poisoning. Invisible Things Lab 2009.

  • [80] M. Wright M. Adler B. N. Levine and C. Shields. Defending Anonymous Communications Against Passive Logging Attacks. In 24th IEEE Symposium on Security and Privacy (S&P). IEEE 2003.

  • [81] Y. Xu W. Cui and M. Peinado. Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems. In 36th IEEE Symposium on Security and Privacy (S&P) 2015.

  • [82] B. Zantout and R. Haraty. I2P Data Communication System. In 10th International Conference on Networks (ICN) 2011.

Search
Journal information
Metrics
All Time Past Year Past 30 Days
Abstract Views 0 0 0
Full Text Views 99 99 51
PDF Downloads 48 48 18