8 May 2018
San Francesco - Via della Quarquonia 1 (Classroom 2 )
The introduction of Intel SGX (Software Guard Extensions) into the mass market has sparkled a wave of new systems that allow to run trusted services over untrusted hardware infrastructures. In this talk, I will first briefly introduce the basic mechanisms of Intel SGX. Then, I will present two recent systems where SGX is used for different purposes. X-Search () offers private web-search guarantees under strong adversarial models while being more resistant to re-identification attacks than state of the-art competitors (e.g. TOR) and outperforming in terms of latency and throughput. EndBox () is a system that securely executes middlebox functions (e.g. routing, firewalling, bandwidth-shaping, etc.) on client machines at the network edge. Its design combines a virtual private network (VPN) with middlebox functions that are hardware-protected by Intel SGX.  Sonia Ben Mokhtar, Antoine Boutet, Pascal Felber, Marcelo Pasin, Rafael Pires and Valerio Schiavoni X-Search: Revisiting Private Web Search using Intel SGX. Proceedings of Middleware 2017 (18th ACM/IFIP/USENIX Middleware).  David Goltzsche, Signe RÃ¼sch, Manuel Nieke, SÃ©bastien Vaucher, Nico Weichbrodt, Valerio Schiavoni, Pierre-Louis Aublin, Paolo Costa, Christof Fetzer, Pascal Felber, Peter Pietzuch, RÃ¼diger Kapitza. EndBox: Scalable Middlebox Functions Using Client-Side Trusted Execution To appear in Proceedings of DSN 2018 (48th IEEE/IFIP International Conference on Dependable Systems and Networks).