Hardening the Security of Server-Aided MPC Using Remotely Unhackable Hardware Modules

Q4 Medicine Technische Sicherheit Pub Date : 2022-01-01 DOI:10.18420/sicherheit2022_05

Dominik Doerner, Jeremias Mechler, J. Müller-Quade

{"title":"Hardening the Security of Server-Aided MPC Using Remotely Unhackable Hardware Modules","authors":"Dominik Doerner, Jeremias Mechler, J. Müller-Quade","doi":"10.18420/sicherheit2022_05","DOIUrl":null,"url":null,"abstract":"Garbling schemes are useful building blocks for enabling secure multi-party computation (MPC), but require considerable computational resources both for the garbler and the evaluator. Thus, they cannot be easily used in a resource-restricted setting, e.g. on mobile devices. To circumvent this problem, server-aided MPC can be used, where circuit garbling and evaluation are performed by one or more servers. However, such a setting introduces additional points of failure: The servers, being accessible over the network, are susceptible to remote hacks. By hacking the servers, an adversary may learn all secrets, even if the parties participating in the MPC are honest. In this work, we investigate how the susceptibility for such remote hacks in the server-aided setting can be reduced. To this end, we modularize the servers performing the computationally intensive tasks. By using data diodes, air-gap switches and other simple remotely unhackable hardware modules, we can isolate individual components during large parts of the protocol execution, making remote hacks impossible at these times. Interestingly, this reduction of the attack surface comes without a loss of efficiency.","PeriodicalId":39944,"journal":{"name":"Technische Sicherheit","volume":"9 1","pages":"83-99"},"PeriodicalIF":0.0000,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Technische Sicherheit","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.18420/sicherheit2022_05","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"Medicine","Score":null,"Total":0}

引用次数: 0

Abstract

Garbling schemes are useful building blocks for enabling secure multi-party computation (MPC), but require considerable computational resources both for the garbler and the evaluator. Thus, they cannot be easily used in a resource-restricted setting, e.g. on mobile devices. To circumvent this problem, server-aided MPC can be used, where circuit garbling and evaluation are performed by one or more servers. However, such a setting introduces additional points of failure: The servers, being accessible over the network, are susceptible to remote hacks. By hacking the servers, an adversary may learn all secrets, even if the parties participating in the MPC are honest. In this work, we investigate how the susceptibility for such remote hacks in the server-aided setting can be reduced. To this end, we modularize the servers performing the computationally intensive tasks. By using data diodes, air-gap switches and other simple remotely unhackable hardware modules, we can isolate individual components during large parts of the protocol execution, making remote hacks impossible at these times. Interestingly, this reduction of the attack surface comes without a loss of efficiency.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

使用远程不可破解的硬件模块加强服务器辅助MPC的安全性

乱码方案是实现安全多方计算(MPC)的有用构建块，但对乱码者和评估者都需要大量的计算资源。因此，它们在资源受限的环境中不容易使用，例如在移动设备上。为了避免这个问题，可以使用服务器辅助MPC，其中电路乱码和计算由一个或多个服务器执行。但是，这样的设置引入了额外的故障点:可以通过网络访问的服务器容易受到远程黑客攻击。通过入侵服务器，对手可以了解所有的秘密，即使参与MPC的各方都是诚实的。在这项工作中，我们研究了如何在服务器辅助设置中降低这种远程黑客的易感性。为此，我们将执行计算密集型任务的服务器模块化。通过使用数据二极管、气隙开关和其他简单的远程无法破解的硬件模块，我们可以在协议执行的大部分时间隔离单个组件，使远程黑客无法在这些时候进行攻击。有趣的是，这种攻击面的减少并没有损失效率。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Technische Sicherheit Engineering-Engineering (miscellaneous)

自引率

0.00%

发文量