可信隐私计算:破解数据密态时代“技术困局”

doi:10.12267/j.issn.2096-5931.2022.05.003

摘要/Abstract

摘要：

因安全需求和法规要求,整个数据流通领域即将进入密态时代。要承载关系到国计民生各行各业的数据业务,数据密态技术必须要在安全性、性能、可靠性、适用性和成本上达到作为基础设施的关键指标要求。通过分析密态时代所需关键技术的现状,发现它们都有本质上难以克服的缺点。基于此,提出了一种新的隐私计算思路:可信隐私计算,它通过融合密码技术、可信计算技术等获得了更强大和更均衡的综合性质,并对其中的两项典型技术——受控匿名化和可信密态计算进行了介绍。

关键词: 密态时代, 隐私计算, 可信隐私计算, 可信密态计算

Abstract:

Due to security needs and regulatory requirements, the data exchange between entities is about to enter the ciphertext-exchange era. In order to satisfy the needs of data services related to the nation’s livelihood in various industries, the encrypted computing technology must meet the requirements as an infrastructure in terms of security, performance, reliability, applicability, and cost. In this paper, analyze the current status of key technologies required in the ciphertext-exchange era and find that they all have inherently insurmountable drawbacks. This paper proposes a new way of privacy preserving computing: Trusted-environment-based privacy preserving computing, which obtains more robust and balanced integrated properties by combining cryptographic and trusted computing techniques. Then, introduce two typical techniques-controlled anonymization and trusted-environment-based cryptographic computing.

Key words: ciphertext-exchange era, privacy preserving computing, trusted-environment-based privacy computing, trusted-environment-based cryptography computing

中图分类号:

TP309.2

韦韬, 潘无穷, 李婷婷, 卫振强. 可信隐私计算:破解数据密态时代“技术困局”[J]. 信息通信技术与政策, 2022, 48(5): 15-24.

WEI Tao, PAN Wuqiong, LI Tingting, WEI Zhenqiang. Trusted-environment-based privacy preserving computing: breaks the bottleneck of ciphertext-exchange era[J]. Information and Communications Technology and Policy, 2022, 48(5): 15-24.

导出引用管理器 EndNote|Ris|BibTeX

链接本文:

http://ictp.caict.ac.cn/CN/10.12267/j.issn.2096-5931.2022.05.003

http://ictp.caict.ac.cn/CN/Y2022/V48/I5/15

图/表 6

参考文献 34

[1]	新浪科技. 匿名信用卡并不真匿名消费数据可定位持卡人身[EB/OL]. (2015-02-02)[2022-02-20]. https://tech.sina.com.cn/it/2015-02-02/doc-icczmvun5700243.shtml.
[2]	36氪. 大数据时代下,“匿名化”真的能保护我们的隐私安全吗?[EB/OL]. (2019-05-31)[2022-02-20]. https://baijiahao.baidu.com/s?id=1635028831256131491&wfr=spider&for=pc.
[3]	SODA project. D1.1 state of the art analysis of MPC techniques and frameworks[Z], 2017.
[4]	FANG W, CHEN C, TAN J, et al. A hybrid-domain framework for secure gradient tree boosting[J]. arXiv:2005.08479, 2020.
[5]	PATRA A, SCHNEIDER T, SURESH A, et al. ABY2.0: improved mixed-protocol secure two-party computation (full version)[C]. USENIX Security Symposium 2021.
[6]	WENG H, ZHANG J, XUE F, et al. Privacy leakage of real-world vertical federated learning[J]. arXiv:2011.09290, 2020.
[7]	ZHAO B, MOPURI K, BILEN H. Idlg: improved deep leakage from gradients[J]. arXiv:2001.02610, 2020
[8]	WAINAKH A, VENTOLA F, Müβig T, Jens Keim, et al. User label leakage from gradients in federated learning[J]. arXiv:2105.09369, 2021.
[9]	YIN H, MALLYA A, VAHDAT A, et al. See through gradients: Image batch recovery via gradinversion[C]. In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition, 2021.
[10]	CHEON J H, KIM A, KIM M, et al. Homomorphic encryption for arithmetic of approximate numbers[C]// International Conference on the Theory and Application of Cryptology and Information Security. Springer, Cham, 2017.
[11]	CHEON J H, HAN K, KIM A, et al. A full RNS variant of approximate homomorphic encryption[C]. Selected areas in cryptography :. annual international workshop, SAC, 2018.
[12]	CANELLA C, GENKIN D, GINER L, et al. “Fallout,” in proc ACM SIGSAC conf[Z]. Comput Commun Secur, 2019.
[13]	VAN S S, MILBURN A, STERLUND S, et al. RIDL: rogue in-flight data load[C]. 2019 IEEE Symposium on Security and Privacy, 2019.
[14]	SCHWARZ M, LIPP M, MOGHIMI D, et al. ZombieLoad[C]//2019 ACM SIGSAC Conf Comput Commun Secur., USA: ACM, 2019.
[15]	CHEN G, CHEN S, XIAO Y, et al. Sgxpectre: stealing intel secrets from SGX enclaves via speculative execution[C]. In IEEE European Symposium on Security and Privacy, EuroS&P, 2019.
[16]	VAN BULCK J, MINKIN M, WEISSE O, et al. Foreshadow: extracting the keys to the intel {SGX} kingdom with transient outof-order execution[C]. In 27th {USENIX} Security Symposium, {USENIX} Security, 2018.
[17]	NILSSON A, BIDE H P, BRORSSON J. A survey of published attacks on intel SGX[Z], 2020.
[18]	YAROM Y, FALKNER K. FLUSH+RELOAD: a high resolution, low noise, L3 cache side-channel attack[C]. iProc 23rd USENIX Secur Symp, 2014.
[19]	OSVIK D, SHAMIR A, TROMER E. Cache attacks and countermeasures: the case of AES[Z], 2006.
[20]	TROMER E, OSVIK D, SHAMIR A. Efficient cache attacks on AES, and countermeasures[Z], 2010.
[21]	GRUSS D, SPREITZER R, Mangard S. Cache template attacks: automating attacks on inclusive lastlevel caches[C]. Proc. 24th USENIX Secur Symp, 2015.
[22]	LEE S, SHIH M, GERA P, et al. Inferring fine-grained control flow inside SGX enclaves with branch shadowing[Z], 2017.
[23]	EVTYUSHKIN D, RILEY R, Abu-Ghazaleh N, et al. BranchScope: a new side-channel attack on directional branch predictor[C]. ACM SIGPLAN Not, 2018.
[24]	HUO T, MENG X, WANG W, et al. Bluethunder: A 2-level directional predictor based side-channel attack against SGX[C]// IACR Trans. Cryptogr Hardw Embed Syst, 2020.
[25]	KOCHER P, HORN J, FOGH A, et al. Spectre attacks: exploiting speculative execution[C]// In 2019 IEEE Symp Secur.Priv, 2019.
[26]	KORUYEH E, KHASAWNEH K, SONG C, et al. Spectre returns! speculation attacks using the return stack buffer[Z], 2018.
[27]	O’KEEFFE D, MUTHUKUMARAN D, AUBLIN P,et al. Spectre attack against SGX enclave[Z], 2018.
[28]	VAN SCHAIK S, MILBURN A, OSTERLUND S,et al. RIDL: rogue in-flight data load[Z], 2019.
[29]	VAN SCHAIK S, MINKIN M, KWONG A,et al. CacheOut: leaking data on intel CPUs via Cache Evictions[Z], 2020.
[30]	RAGAB H, MILBURN A, RAZAVI H,et al. CROSSTALK: speculative data leaks across cores are real[Z], 2021.
[31]	SCHAIK S, KWONG A, GENKIN D,et al. SGAxe : how SGX fails in practice[Z], 2020.
[32]	DAMGRD I, PASTRO V, SMART N P, et al. Multiparty computation from somewhat homomorphic encryption[M]. Annual Cryptology Conference, 2012.
[33]	KOTI N, PANCHOLI M, PATRA A, et al. SWIFT: super-fast and robust privacy-preserving machine learning[C]. 30th USENIX Security Symposium, USENIX Security, 2021.
[34]	GOLDSCHMIDT R E. Applications of division by convergence[J]. Massachusetts Institute of Technology, 2005.

攻击类别	具体攻击	TECC防御原理	隐患在TECC中
侧信道攻击	Cache侧信道攻击、页表攻击	TECC中的TEE的内部数据不会作为地址信息	完全消失
侧信道攻击	能耗曲线攻击、时间攻击	TECC中的TEE的内部数据不会作为分支判断的依据	完全消失
性能优化导致的	幽灵攻击	参与方无法操纵程序流走向	完全消失
设计实现导致的	微体系结构数据采样攻击	从TECC中的多个TEE获取的数据不对应同一个明文	几乎消失
供应链攻击	在维修等异常流程中植入硬件木马	将有隐患的TEE放置密码协议的同一个角色	完全消失

攻击类别	具体攻击	TECC防御原理	隐患在TECC中
侧信道攻击	Cache侧信道攻击、页表攻击	TECC中的TEE的内部数据不会作为地址信息	完全消失
侧信道攻击	能耗曲线攻击、时间攻击	TECC中的TEE的内部数据不会作为分支判断的依据	完全消失
性能优化导致的	幽灵攻击	参与方无法操纵程序流走向	完全消失
设计实现导致的	微体系结构数据采样攻击	从TECC中的多个TEE获取的数据不对应同一个明文	几乎消失
供应链攻击	在维修等异常流程中植入硬件木马	将有隐患的TEE放置密码协议的同一个角色	完全消失