Secure Multiparty Computation from SGX

  • Raad BahmaniEmail author
  • Manuel Barbosa
  • Ferdinand Brasser
  • Bernardo Portela
  • Ahmad-Reza Sadeghi
  • Guillaume Scerri
  • Bogdan Warinschi
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10322)


In this paper we show how Isolated Execution Environments (IEE) offered by novel commodity hardware such as Intel’s SGX provide a new path to constructing general secure multiparty computation (MPC) protocols. Our protocol is intuitive and elegant: it uses code within an IEE to play the role of a trusted third party (TTP), and the attestation guarantees of SGX to bootstrap secure communications between participants and the TTP. The load of communications and computations on participants only depends on the size of each party’s inputs and outputs and is thus small and independent from the intricacies of the functionality to be computed. The remaining computational load– essentially that of computing the functionality – is moved to an untrusted party running an IEE-enabled machine, an attractive feature for Cloud-based scenarios.

Our rigorous modular security analysis relies on the novel notion of labeled attested computation which we put forth in this paper. This notion is a convenient abstraction of the kind of attestation guarantees one can obtain from trusted hardware in multi-user scenarios.

Finally, we present an extensive experimental evaluation of our solution on SGX-enabled hardware. Our implementation is open-source and it is functionality agnostic: it can be used to securely outsource to the Cloud arbitrary off-the-shelf collaborative software, such as the one employed on financial data applications, enabling secure collaborative execution over private inputs provided by multiple parties.


  1. 1.
    Almeida, J.B., Barbosa, M., Barthe, G., Dupressoir, F., Emmi, M.: Verifying constant-time implementations. In: USENIX Security Symposium. USENIX Association (2016)Google Scholar
  2. 2.
    Anati, I., Gueron, S., Johnson, S., Scarlata, V.: Innovative technology for CPU based attestation and sealing. In: HASP (2013)Google Scholar
  3. 3.
    Bahmani, R., Barbosa, M., Brasser, F., Portela, B., Sadeghi, A., Scerri, G., Warinschi, B.: Secure multiparty computation from SGX. IACR Cryptology ePrint Archive (2016)Google Scholar
  4. 4.
    Barbosa, M., Portela, B., Scerri, G., Warinschi, B.: Foundations of hardware-based attested computation and application to SGX. In: 2016 IEEE European Symposium on Security and Privacy (EuroS&P). IEEE (2016)Google Scholar
  5. 5.
    Baumann, A., Peinado, M., Hunt, G.C.: Shielding applications from an untrusted cloud with haven. In: OSDI. USENIX Association (2014)Google Scholar
  6. 6.
    Ben-David, A., Nisan, N., Pinkas, B.: Fairplaymp: a system for secure multi-party computation. In: CCS. ACM (2008)Google Scholar
  7. 7.
    Bernstein, D.J.: Cache-timing attacks on AES (2005).
  8. 8.
    Bernstein, D.J., Lange, T., Schwabe, P.: The security impact of a new cryptographic library. In: Hevia, A., Neven, G. (eds.) LATINCRYPT 2012. LNCS, vol. 7533, pp. 159–176. Springer, Heidelberg (2012). CrossRefGoogle Scholar
  9. 9.
    Bogetoft, P., Damgård, I., Jakobsen, T., Nielsen, K., Pagter, J., Toft, T.: A practical implementation of secure auctions based on multiparty integer computation. In: Di Crescenzo, G., Rubin, A. (eds.) FC 2006. LNCS, vol. 4107, pp. 142–147. Springer, Heidelberg (2006). CrossRefGoogle Scholar
  10. 10.
    Brickell, E., Chen, L., Li, J.: A new direct anonymous attestation scheme from bilinear maps. In: Lipp, P., Sadeghi, A.-R., Koch, K.-M. (eds.) Trust 2008. LNCS, vol. 4968, pp. 166–178. Springer, Heidelberg (2008). CrossRefGoogle Scholar
  11. 11.
    Brickell, E.F., Camenisch, J., Chen, L.: Direct anonymous attestation. In: CCS. ACM (2004)Google Scholar
  12. 12.
    Canetti, R., Dodis, Y., Pass, R., Walfish, S.: Universally composable security with global setup. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 61–85. Springer, Heidelberg (2007). CrossRefGoogle Scholar
  13. 13.
    Canetti, R., Fischlin, M.: Universally composable commitments. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 19–40. Springer, Heidelberg (2001). CrossRefGoogle Scholar
  14. 14.
    Catuogno, L., Dmitrienko, A., Eriksson, K., Kuhlmann, D., Ramunno, G., Sadeghi, A.-R., Schulz, S., Schunter, M., Winandy, M., Zhan, J.: Trusted virtual domains – design, implementation and lessons learned. In: Chen, L., Yung, M. (eds.) INTRUST 2009. LNCS, vol. 6163, pp. 156–179. Springer, Heidelberg (2010). CrossRefGoogle Scholar
  15. 15.
    Costan, V., Devadas, S.: Intel SGX explained. IACR Cryptology ePrint Archive (2016)Google Scholar
  16. 16.
    CYBERNETICA. Sharemind.
  17. 17.
    Damgård, I., Damgård, K., Nielsen, K., Nordholt, P.S., Toft, T.: Confidential benchmarking based on multiparty computation. IACR Cryptology ePrint Archive (2015)Google Scholar
  18. 18.
    Damgård, I., Pastro, V., Smart, N., Zakarias, S.: Multiparty computation from somewhat homomorphic encryption. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 643–662. Springer, Heidelberg (2012). CrossRefGoogle Scholar
  19. 19.
    Demmler, D., Schneider, T., Zohner, M.: ABY - A framework for efficient mixed-protocol secure two-party computation. In: NDSS. The Internet Society (2015)Google Scholar
  20. 20.
    Francillon, A., Nguyen, Q., Rasmussen, K.B., Tsudik, G.: A minimalist approach to remote attestation. In: Proceedings of the conference on Design, Automation & Test in Europe DATE (2014)Google Scholar
  21. 21.
    Ge, H., Tate, S.R.: A direct anonymous attestation scheme for embedded devices. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 16–30. Springer, Heidelberg (2007). CrossRefGoogle Scholar
  22. 22.
    Gebhardt, C., Tomlinson, A.: Secure virtual disk images for grid computing. In: APTC. IEEE (2008)Google Scholar
  23. 23.
    Gupta, D., Mood, B., Feigenbaum, J., Butler, K., Traynor, P.: Using intel software guard extensions for efficient two-party secure function evaluation. In: Clark, J., Meiklejohn, S., Ryan, P.Y.A., Wallach, D., Brenner, M., Rohloff, K. (eds.) FC 2016. LNCS, vol. 9604, pp. 302–318. Springer, Heidelberg (2016). CrossRefGoogle Scholar
  24. 24.
    Halevi, S., Lindell, Y., Pinkas, B.: Secure computation on the web: computing without simultaneous interaction. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 132–150. Springer, Heidelberg (2011). CrossRefGoogle Scholar
  25. 25.
    Henecka, W., Kögl, S., Sadeghi, A., Schneider, T., Wehrenberg, I.: TASTY: tool for automating secure two-party computations. In: CCS. ACM (2010)Google Scholar
  26. 26.
    Hoekstra, M., Lal, R., Pappachan, P., Phegade, V., del Cuvillo, J.: Using innovative instructions to create trustworthy software solutions. In: HASP@ISCA. ACM (2013)Google Scholar
  27. 27.
    Intel. software guard extensions programming reference (2014).
  28. 28.
    Katz, J.: Universally composable multi-party computation using tamper-proof hardware. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 115–128. Springer, Heidelberg (2007). CrossRefGoogle Scholar
  29. 29.
    Koeberl, P., Schulz, S., Sadeghi, A., Varadharajan, V.: Trustlite: a security architecture for tiny embedded devices. In: EuroSys. ACM (2014)Google Scholar
  30. 30.
    Langley, A.: Lucky thirteen attack on TLS CBC (2013).
  31. 31.
    Malkhi, D., Nisan, N., Pinkas, B., Sella, Y.: Fairplay - secure two-party computation system. In: USENIX Security Symposium, USENIX (2004)Google Scholar
  32. 32.
    McCune, J.M., Parno, B., Perrig, A., Reiter, M.K., Isozaki, H.: Flicker: an execution infrastructure for tcb minimization. In: EuroSys. ACM (2008)Google Scholar
  33. 33.
    Microsoft. BitLocker drive encryption: data encryption toolkit for mobile PCS: security analysis (2007).
  34. 34.
    Noorman, J., Agten, P., Daniels, W., Strackx, R., Herrewege, A.V., Huygens, C., Preneel, B., Verbauwhede, I., Piessens, F.: Sancus: Low-cost trustworthy extensible networked devices with a zero-software trusted computing base. In: USENIX Security Symposium. USENIX Association (2013)Google Scholar
  35. 35.
    Pass, R., Shi, E., Tramèr, F.: Formal abstractions for attested execution secure processors. IACR Cryptology ePrint Archive (2016)Google Scholar
  36. 36.
    Schuster, F., Costa, M., Fournet, C., Gkantsidis, C., Peinado, M., Mainar-Ruiz, G., Russinovich, M.: VC3: trustworthy data analytics in the cloud using SGX. In: 2015 IEEE Symposium on Security and Privacy. IEEE (2015)Google Scholar
  37. 37.
    Smyth, B., Ryan, M., Chen, L.: Direct Anonymous Attestation (DAA): ensuring privacy with corrupt administrators. In: Stajano, F., Meadows, C., Capkun, S., Moore, T. (eds.) ESAS 2007. LNCS, vol. 4572, pp. 218–231. Springer, Heidelberg (2007). CrossRefGoogle Scholar
  38. 38.
    Xu, Y., Cui, W., Peinado, M.: Controlled-channel attacks: Deterministic side channels for untrusted operating systems. In: 2015 IEEE Symposium on Security and Privacy. IEEE (2015)Google Scholar

Copyright information

© International Financial Cryptography Association 2017

Authors and Affiliations

  • Raad Bahmani
    • 1
    Email author
  • Manuel Barbosa
    • 2
  • Ferdinand Brasser
    • 1
  • Bernardo Portela
    • 2
  • Ahmad-Reza Sadeghi
    • 1
  • Guillaume Scerri
    • 3
  • Bogdan Warinschi
    • 4
  1. 1.Technische Universität DarmstadtDarmstadtGermany
  2. 2.HASLab – INESC TEC & DCC-FCUPPortoPortugal
  3. 3.Laboratoire DAVID – Université de Versailles St-Quentin & INRIAVersaillesFrance
  4. 4.University of BristolBristolUK

Personalised recommendations