Combining Homomorphic Encryption with Trusted Execution Environment

Abstract

Cloud database services offer performance and storage advantages that local client platforms do not have, and become very appealing solutions. We list three approaches that address data privacy concerns that are associated with depositing sensitive data on remote platforms. Users can protect their data privacy by locally encrypting it before uploading to remote cloud servers. This prevents the servers from carrying out operations on the data, and also increases the networking overheads. Another approach uses a Trusted Execution Environments (TEE) to protect the data. Examples include OS containers, Virtual Machines or Intel's Software Guard Extension (SGX). This approach relies on the trustworthiness of the TEE for privacy and integrity of operations. The third approach is using Homomorhpic Encryption (HE) schemes. They can allow a remote platform to carry out computations on encrypted data, but are malleable. Adding authentication tags to database entries could solve this problem only if the server is in the user's trust domain. We present here a new combined model. It uses a TEE to guarantee the integrity and correctness of the database code and data, while the data itself is encrypted with some HE scheme. In this way, the malleability protection, achieved through the TEE, is decoupled from the privacy protection that is achieved through the HE. Of course, this comes at some performance costs, but the results of our demonstration, that uses SGX as the TEE and Paillier cryptosystem as the HE, indicate that the proposed combined solution is practical.