Enabling secure and efficient distributed computing using trusted execution environment

Abstract

Data privacy has become a pervasive concern due to the escalating computational demands on sensitive user data. Ensuring end-to-end data protection across three crit- ical phases of data flow - storage, transit, and usage phases - is imperative. This is particularly significant for mission-critical distributed applications, such as data stor- age systems, instant messaging systems, and AI inference systems, which desire both stringent user-perceived latency for high performance and robustness against targeted attacks to mitigate security risks (e.g., financial losses and identity threats).

To preserve data privacy while maintaining efficiency, a promising approach is to leverage trusted execution environments (TEEs). A TEE offers an isolated execution environment that cannot be observed or tampered with, even by privileged attackers such as host administrators and OS. Such strong security guarantees make TEEs an appealing choice for protecting the data privacy of mission-critical applications.

However, our research reveals new security vulnerabilities and performance issues in existing TEE-based distributed applications, stemming from three crucial TEE chal- lenges. First, prevalent TEE products are for CPUs only, while mission-critical appli- cations (e.g., AI inference) typically require accelerators such as GPUs for low latency. Second, TEE protection is confined to local computations, leaving distributed appli- cations that frequently transfer data in a public network vulnerable to network-level attacks (e.g., Denial-of-service). Third, TEEs typically have limited memory capacities, falling short in efficiently storing, searching, and processing vast datasets.

This thesis presents three secure systems with strong security guarantees and high performance, with each addressing a distinct research challenge. First, the thesis in- troduces SOTER, an efficient and robust AI model inference system that extends TEE protection from CPUs to accelerators such as GPUs, ensuring model confidentiality and inference integrity on untrustworthy accelerators. The second system DAENET is a scalable TEE-based private messaging system with strong privacy (anonymity) guar- antees. DAENET ensures oblivious data transmission under passive (traffic analysis) attacks and is robust under active (DoS) attacks. The third work presents ECSTORE, an efficient data storage system with logarithmic search complexity, providing both data confidentiality and query integrity guarantees even for sensitive data residing outside the TEE. Collectively, our systems address three key challenges that hinder the widespread adoption of TEEs, and some techniques and ideas from our systems have been leveraged by other researchers to develop new secure distributed applications.