Skip to content

FICS/smcsgx

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits

common

common

 
 

eval_app

eval_app

 
 

eval_enclave

eval_enclave

 
 

include

include

 
 

input

input

 
 

log

log

 
 

nonsfe

nonsfe

 
 

nonsfe_v2

nonsfe_v2

 
 

perf_eval

perf_eval

 
 

sample_libcrypto

sample_libcrypto

 
 

send_app

send_app

 
 

send_enclave

send_enclave

 
 

sfe

sfe

 
 

sfe_v2

sfe_v2

 
 

yao

yao

 
 

.gitignore

.gitignore

 
 

CCS.params

CCS.params

 
 

HOWTO.txt

HOWTO.txt

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

build_runs.sh

build_runs.sh

 
 

deploy.sh

deploy.sh

 
 

inp.txt

inp.txt

 
 

Repository files navigation

Hybrid Secure Function Evaluation (SFE) using Garbled Circuits and SGX

Developed by researchers from the Florida Institute for Cybersecurity Research (FICS Research)

The goal of secure function evaluation (SFE), sometimes referred to as secure multiparty computation (SMC), is to enable multiple parties to compute and receive the output of a function without learning the private inputs from any other party.

We propose a hybrid two-party SFE (2P-SFE) scheme where the function is partitioned into a sequence of round functions. Some of these rounds functions are evaluated within an SGX enclave while others are evaluated using a garbled circuit.

Our protocols involve two parties: the sender (Alice) and the evaluator (Bob).

  • Evaluator implementation is comprised of: State Machine + Socket + Enclave + SGX Remote Attestation + YAO (garbled circuits)
  • Sender implementation is comprised of: State Machine + Socket + Enclave + YAO
Setup Notes
  1. Use "#if defined(_MSC_VER)" for Windows compilation
  2. Use "#elif defined(__GNUC__)" for Linux gcc/make compilation
  3. All code was developed for Linux
  4. Make sure to disable UT mode in both app files for real testing
  5. Make sure to disable simulation mode in the Makefile for hardware run
  6. Use "__INTEL_COMPILER" for Intel compilers
  7. Make sure YAO is built
  8. Make sure CCS.params is present in the top-level directory
  9. Private key files (.pem) in enclave subdirectories were pulled from the Intel SGX SDK sample code and left for completeness
  10. Run make within the sample_libcrypto subdirectory at first to generate libsample_libcrypto.so
Repository Contents

Sub-directories:

  • common: code common to both evaluator's and sender's application
  • eval_app and eval_enclave: application and enclave code for Bob
  • include: various header files to be included
  • input: contains input for the test cases used in our evaluation
  • log: example logs leftover from testing
  • nonsfe: early artifacts (naive); C++ versions of the case study applications, later integrated into application/enclave code
  • nonsfe_v2: same as above, but with changes made to fit the hybrid protocol
  • perf_eval: contains template benchmarking scripts used by deploy.sh
  • sample_libcrypto: contains sample crypto library APIs; pulled from Intel SGX SDK https://github.com/intel/linux-sgx/tree/master/sdk/sample_libcrypto (Linux 2.5 Open Source Gold Release)
  • send_app and send_enclave: application and enclave code for Alice
  • sfe: early artifacts (with side-channel mitigations); C++ versions of the case study applications, later integrated into application/enclave code
  • sfe_v2: same as above, but with changes made to fit the hybrid protocol
  • yao: source files used to build Yao objects for garbled circuit evaluation rounds

Top-level files:

  • build_runs.sh: script for generating runs of all or specific test programs (millionaires, Dijkstra, or database); will run make clean and make
  • CCS.params: needed in top-level directory for compilation of YAO
  • deploy.sh: deploy script for making static builds of run configurations; make target and also used by build_runs.sh.
  • HOWTO.txt: commands and parameters for running specific applications
  • inp.txt: likely an artifact of early testing of GC implementation
  • Makefile
  • README.md
Building/Running the Code

Build using the build_runs.sh script, which will call make. Once built, refer to the included HOWTO.txt file for invocation instructions.

Frigate Dependencies

We adapt Frigate (garbled circuit compiler and execution environment) for evaluation of round functions within garbled circuits. Successful compilation of the Frigate component (YAO) may be best achieved on a system with Bison version 2.7.1 and Flex version 2.5.37. Frigate is available at https://bitbucket.org/bmood/frigaterelease.

AsiaCCS'19 paper citation

This repository contains the implementation of the hybrid protocols presented in our AsiaCCS'19 paper. The full BibTeX citation for our paper is as follows:

@inproceedings{smcsgx19,
    author = {Choi, Joseph I. and Tian, Dave (Jing) and Hernandez, Grant and Patton, Christopher and Mood, Benjamin and Shrimpton, Thomas and Butler, Kevin R. B. and Traynor, Patrick},
    title = {{A Hybrid Approach to Secure Function Evaluation using SGX}},
    booktitle = {Proceedings of the ACM Asia Conference on Computer and Communications Security (AsiaCCS'19)},
    year = 2019}

Our full version, with proofs, is available on arXiv: https://arxiv.org/abs/1905.01233.

About

A Hybrid protocol using SMC and SGX

Resources

Readme
Activity
Custom properties

Stars

8 stars

Watchers

6 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages