Remove client-side enclave dependency #64
Comments
ankurdave
pushed a commit
that referenced
this issue
Nov 20, 2018
Add `encrypt()` and `decrypt()` util functions to remove client side enclave dependency when encrypting and decrypting Reorder outputted cipher in enclave crypto functions to match Java's ordering. Was previously `(IV, MAC, data)`, is now `(IV, data, MAC)` Co-authored by @ankurdave Fixes #37 WIP on #64
ankurdave
added a commit
to ankurdave/opaque
that referenced
this issue
Feb 11, 2019
- Encryption (Utils.encryptInternalRowsFlatbuffers) now uses Java crypto on the driver and an enclave on the workers, controlled by a flag. - Decryption is only called from the driver, so always uses Java crypto. - For sorting, the `FindRangeBounds` preprocessing task is shipped to a single worker, where it uses the existing enclave implementation. (Thanks to András Méhes.) Fixes mc2-project#64.
ankurdave
added a commit
that referenced
this issue
Feb 11, 2019
- Encryption (Utils.encryptInternalRowsFlatbuffers) now uses Java crypto on the driver and an enclave on the workers, controlled by a flag. - Decryption is only called from the driver, so always uses Java crypto. - For sorting, the `FindRangeBounds` preprocessing task is shipped to a single worker, where it uses the existing enclave implementation. (Thanks to András Méhes.) Fixes #64.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The client uses
ecall_encrypt,ecall_decrypt, andecall_find_range_bounds. The first two should be reimplemented using a Java AES library. The latter should be run on a worker instead of the driver.After this is done, then
ecall_decryptcan be removed (#37).The text was updated successfully, but these errors were encountered: