Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove client-side enclave dependency #64

Closed
ankurdave opened this issue Nov 15, 2018 · 0 comments
Closed

Remove client-side enclave dependency #64

ankurdave opened this issue Nov 15, 2018 · 0 comments

Comments

@ankurdave
Copy link
Collaborator

ankurdave commented Nov 15, 2018

The client uses ecall_encrypt, ecall_decrypt, and ecall_find_range_bounds. The first two should be reimplemented using a Java AES library. The latter should be run on a worker instead of the driver.

After this is done, then ecall_decrypt can be removed (#37).

ankurdave pushed a commit that referenced this issue Nov 20, 2018
Add `encrypt()` and `decrypt()` util functions to remove client side enclave dependency when encrypting and decrypting

Reorder outputted cipher in enclave crypto functions to match Java's ordering. Was previously `(IV, MAC, data)`, is now `(IV, data, MAC)`

Co-authored by @ankurdave

Fixes #37 
WIP on #64
ankurdave added a commit to ankurdave/opaque that referenced this issue Feb 11, 2019
- Encryption (Utils.encryptInternalRowsFlatbuffers) now uses Java crypto on the
  driver and an enclave on the workers, controlled by a flag.

- Decryption is only called from the driver, so always uses Java crypto.

- For sorting, the `FindRangeBounds` preprocessing task is shipped to a single
  worker, where it uses the existing enclave implementation. (Thanks to András
  Méhes.)

Fixes mc2-project#64.
ankurdave added a commit that referenced this issue Feb 11, 2019
- Encryption (Utils.encryptInternalRowsFlatbuffers) now uses Java crypto on the
  driver and an enclave on the workers, controlled by a flag.

- Decryption is only called from the driver, so always uses Java crypto.

- For sorting, the `FindRangeBounds` preprocessing task is shipped to a single
  worker, where it uses the existing enclave implementation. (Thanks to András
  Méhes.)

Fixes #64.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant