Filters








10 Hits in 2.5 sec

HardIDX: Practical and Secure Index with SGX [article]

Benny Fuhry, Florian Hahn Technische Universität Darmstadt
2017 arXiv   pre-print
In this paper we present HardIDX: a hardware-based approach, leveraging Intel's SGX, for search over encrypted data.  ...  HardIDX is deployable as a highly performant encrypted database index: it is logarithmic in the size of the index and searches are performed within a few milliseconds rather than seconds.  ...  CONCLUSION In this paper, we introduce HardIDX -an approach to search for ranges and values over encrypted data using hardware support making it deployable as a secure index in an encrypted database.  ... 
arXiv:1703.04583v1 fatcat:cg6duzwksvb3jgvzrt76h5wmk4

SPEKS: Forward Private SGX-Based Public Key Encryption with Keyword Search

Hyundo Yoon, Soojung Moon, Youngki Kim, Changhee Hahn, Wonjun Lee, Junbeom Hur
2020 Applied Sciences  
In this paper, we present a novel forward private PEKS scheme leveraging Software Guard Extension (SGX), a trusted execution environment provided by Intel.  ...  Lastly, we provide a formal security definition of SGX-based forward private PEKS, as well as a rigorous security proof of the proposed scheme.  ...  Harnessing TEE such as Intel SGX as a building block for SE scheme construction is an effective way to increase efficiency and security of the schemes in practice.  ... 
doi:10.3390/app10217842 fatcat:imkveasaqjfwdjky52krk3v564

Enjoy the Untrusted Cloud: A Secure, Scalable and Efficient SQL-like Query Framework for Outsourcing Data [article]

Yaxing Chen, Qinghua Zheng, Dan Liu, Zheng Yan, Wenhai Sun, Ning Zhang, Wenjing Lou, Y. Thomas Hou
2019 arXiv   pre-print
While the security of the cloud remains a concern, a common practice is to encrypt data before outsourcing them for utilization.  ...  In this work, we leverage the newly hardware-assisted methodology and propose a secure, scalable and efficient SQL-like query framework named QShield.  ...  Rearguard [11] leverages the off-the-shelf SGX to enable secure keyword search. As a concurrent work, HardIDX [12] also utilizes it to build secure index for searchable encryption.  ... 
arXiv:1912.08454v1 fatcat:rpneibrekja75ju533quvr72om

StealthDB: a Scalable Encrypted Database with Full SQL Query Support [article]

Alexey Gribov, Dhinakaran Vinayagamurthy, Sergey Gorbunov
2019 arXiv   pre-print
StealthDB has a very small trusted computing base, scales to large transactional workloads, requires minor DBMS changes, and provides a relatively strong security guarantees at steady state and during  ...  Our prototype on top of Postgres supports the full TPC-C benchmark with a 30% decrease in the average throughput over an unmodified version of Postgres operating on a 2GB unencrypted dataset.  ...  The authors would like to thank the reviewers and the shepherd for their great comments and suggestions on improving the quality of the paper.  ... 
arXiv:1711.02279v2 fatcat:ywqocsuulvbrviacjto5lltbce

StealthDB: a Scalable Encrypted Database with Full SQL Query Support

Dhinakaran Vinayagamurthy, Alexey Gribov, Sergey Gorbunov
2019 Proceedings on Privacy Enhancing Technologies  
StealthDB has a very small trusted computing base, scales to large transactional workloads, requires minor DBMS changes, and provides a relatively strong security guarantees at steady state and during  ...  Our prototype on top of Postgres supports the full TPC-C benchmark with a 30% decrease in the average throughput over an unmodified version of Postgres operating on a 2GB unencrypted dataset.  ...  The authors would like to thank the reviewers and the shepherd for their great comments and suggestions on improving the quality of the paper.  ... 
doi:10.2478/popets-2019-0052 dblp:journals/popets/VinayagamurthyG19 fatcat:nosfqtk4k5ezlmqunuatpfuaqa

The Cloud we Share: Extensible Fine-grained Access Control Enabled Data Sharing in Untrusted Cloud

Alexandros Bakas, Hai-Van Dang, Antonis Michalas, Alexandr Zalitko
2020 IEEE Access  
RELATED WORK In [21] authors present HardIDX, a scheme that supports range queries by utilizing the functionality offered by SGX.  ...  IRON's main functionalities (such as decryption of a file and application of a function on the decrypted file) are executed in the isolated environment offered by SGX.  ...  His research interests include private and secure e-voting systems, reputation systems, privacy in decentralized environments, cloud computing, trusted computing and privacy preserving protocols in eHealth  ... 
doi:10.1109/access.2020.3038838 fatcat:qckfmnq3pnf2fcsmiwarzlnuye

Query processing in multilevel secure distributed databases

Pooja Sapra, Suresh Kumar, Rk Rathy
2014 2014 IEEE International Advance Computing Conference (IACC)  
In addition, ObliDB supports point queries with 3-10ms latency, which is comparable to index-only trusted hardware systems, and runs over 7× faster than HIRB, a previous encryption-based oblivious index  ...  These enclaves provide an execution environment isolated from the hypervisor/OS, and encrypt data in RAM.  ...  Acknowledgments We would like to thank Ankur Dave and Wenting Zheng for their assistance in reproducing the Opaque benchmarks, as well as Henry Corrigan-Gibbs for many helpful conversations.  ... 
doi:10.1109/iadcc.2014.6779373 fatcat:w3hlim3rezgr7k4cfgqfibbmei

ObliDB: Oblivious Query Processing for Secure Databases [article]

Saba Eskandarian, Matei Zaharia
2019 arXiv   pre-print
These enclaves provide an execution environment isolated from the hypervisor/OS, and encrypt data in RAM.  ...  Hardware enclaves such as Intel SGX are a promising technology for improving the security of databases outsourced to the cloud.  ...  Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the National Science Foundation.  ... 
arXiv:1710.00458v6 fatcat:da3l3u2safakzmx3oscjhiru5a

Authenticated Key-Value Stores with Hardware Enclaves [article]

Yuzhe Tang, Ju Chen, Kai Li, Jianliang Xu, Qi Zhang
2019 arXiv   pre-print
In this paper, we address this issue and propose a novel authenticated log-structured merge tree (eLSM) based key-value store by leveraging Intel SGX enclaves.  ...  We implement eLSM on top of Google LevelDB and Facebook RocksDB with minimal code change and performance interference.  ...  HardIDX [97] is a secure index in enclave that seals external data using authenticated encryption [72] . Concerto [98] supports concurrent key-value stores with consistency guarantees.  ... 
arXiv:1904.12068v3 fatcat:u6btos552zhoromcoyhvtm2nmy

Enclave Computing Paradigm: Hardware-assisted Security Architectures & Applications

Franz Ferdinand Peter Brasser
2020
The TEE solutions developed by industry and deployed in today's systems follow distinct design approaches and come with various limitations.  ...  However, SGX enclaves face severe threats, in particular side-channel leakage, that can void its security guarantees.  ...  are indeed practical and pose a serious threat on the core security benefit of SGX.  ... 
doi:10.25534/tuprints-00011912 fatcat:2xf7ax7tcvbhrn76cdvcesfj6e