Paper 2023/829

TGh: A TEE/GC Hybrid Enabling Confidential FaaS Platforms

James Choncholas, Georgia Institute of Technology
Ketan Bhardwaj, Georgia Institute of Technology
Ada Gavrilovska
Abstract

Trusted Execution Environments (TEEs) suffer from performance issues when executing certain management instructions, such as creating an enclave, context switching in and out of protected mode, and swapping cached pages. This is especially problematic for short-running, interactive functions in Function-as-a-Service (FaaS) platforms, where existing techniques to address enclave overheads are insufficient. We find FaaS functions can spend more time managing the enclave than executing application instructions. In this work, we propose a TEE/GC hybrid (TGh) protocol to enable confidential FaaS platforms. TGh moves computation out of the enclave onto the untrusted host using garbled circuits (GC), a cryptographic construction for secure function evaluation. Our approach retains the security guarantees of enclaves while avoiding the performance issues associated with enclave management instructions.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint.
Keywords
trusted execution evironmentsmpcgarbled circuitssgx
Contact author(s)
jgc @ gatech edu
ketanbj @ cc gatech edu
ada @ cc gatech edu
History
2023-06-06: approved
2023-06-04: received
See all versions
Short URL
https://ia.cr/2023/829
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2023/829,
      author = {James Choncholas and Ketan Bhardwaj and Ada Gavrilovska},
      title = {{TGh}: A {TEE}/{GC} Hybrid Enabling Confidential {FaaS} Platforms},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/829},
      year = {2023},
      url = {https://eprint.iacr.org/2023/829}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.