Collaborative Research: SaTC: CORE: Medium: Hybridizing Trusted Execution Environments and Secure Multiparty Computation

As sensitive digital information proliferates and concerns grow about its improper use by enterprises and governments, two major technical approaches have arisen to address the challenges of secure computation. Trusted execution environments (TEEs) and secure multiparty computation (MPC) both aim to make computation trustworthy in two senses: They ensure the integrity, i.e., correctness, of the computation, and they provide confidentiality for the data over which they compute.

The two approaches differ starkly, however, in their security models and performance. TEEs rely on the properties of hardware for their security assurance. They offer high performance, in some cases close to native CPU speeds, but have proven vulnerable to a number of serious side-channel attacks.

Conversely, MPC relies on a committee of cooperating nodes, with strong cryptographic security guarantees given an honest quorum. Its performance, however, is inadequate for regular use with conventional applications. The novelty of this project is to provide a general exploration of secure protocol design through a synthesis of TEEs and MPC that takes advantage of their respective strengths and weaknesses.

The impacts of this project will include the design of new protocols that can be used in corporate and government use of sensitive consumer data, while mitigating the risk of data breaches or policy violations. It will also advance the usefulness of TEE-based computing which has been an industry recognized need.

Mathematically modelling and devising principled, empirically grounded protocol designs for a combination of TEEs and MPC poses a range of technical research challenges. This project starts from a new protocol framework, ``Knights and Knaves'' (KN framework), that applies TEEs so as to limit the impact of TEE compromise and leverage MPC to achieve stronger systemic security.

This project will explore techniques for rapid detection and broad notification of TEE compromise, constraining the impact of such compromise in relying applications, and enabling failover where needed to MPC. It will also explore ways that TEEs can conversely harden and improve the performance of MPC deployments. Finally, the project considers ways to scale the KN framework through the classic technique of sharding, with new techniques for concealing shard boundaries.

The project builds on investigators’ prior experience in the Universal Composability (UC) framework as a basis for rigorous security modeling, and additionally uses a decentralized identity platform called CanDID as a testbed.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.