LightBox: SGX-assisted Secure Network Functions at Near-native Speed

Huayi Duan; Xingliang Yuan; C. Wang

DOI:10.1145/3319535.3339814

Corpus ID: 28830085

LightBox: SGX-assisted Secure Network Functions at Near-native Speed

@article{Duan2017LightBoxSS,
  title={LightBox: SGX-assisted Secure Network Functions at Near-native Speed},
  author={Huayi Duan and Xingliang Yuan and C. Wang},
  journal={ArXiv},
  year={2017},
  volume={abs/1706.06261}
}

Huayi Duan, Xingliang Yuan, C. Wang

Published 2017

Computer Science

ArXiv

The recent trend of outsourcing network functions, aka. middleboxes, raises confidentiality and integrity concern on redirected packet, runtime state, and processing result. The outsourced middleboxes must be protected against cyber attacks and malicious service provider. It is challenging to simultaneously achieve strong security, practical performance, complete functionality and compatibility. Prior software-centric approaches relying on customized cryptographic primitives fall short of… CONTINUE READING

View PDF on arXiv

Share This Paper

21 Citations

Highly Influencial Citations

Background Citations

Methods Citations

Figures, Tables, and Topics from this paper.

Figures and Tables

Challenges Towards Protecting VNF With SGX

J. Wang, S. Hao, +5 authors H. Hu
Computer Science
SDN-NFV Sec'18
2018

EndBox: Scalable Middlebox Functions Using Client-Side Trusted Execution

David Goltzsche, Signe Rüsch, +9 authors R. Kapitza
Computer Science
2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)
2018

vEPC-sec: Securing LTE Network Functions Virtualization on Public Cloud

M. Raza, S. Lu, M. Gerla
Computer Science
IEEE Transactions on Information Forensics and Security
2019

Fast privacy-preserving network function outsourcing

H. Asghar, Emiliano De Cristofaro, +5 authors Mang Yu
Computer Science
Comput. Networks
2019

Aurora: Providing Trusted System Services for Enclaves On an Untrusted System

Hongliang Liang, M. Li, Q. Zhang, Y. Yu, L. Jiang, Yixiu Chen
Computer Science
ArXiv
2018

PrivDPI: Privacy-Preserving Encrypted Traffic Inspection with Reusable Obfuscated Rules

Jianting Ning, G. S. Poh, Jia-Ch'ng Loh, Jason Chia, E. Chang
Computer Science
CCS
2019

Assuring String Pattern Matching in Outsourced Middleboxes

Xingliang Yuan, Huayi Duan, C. Wang
Computer Science
IEEE/ACM Transactions on Networking
2018

Toward Scalable Fully Homomorphic Encryption Through Light Trusted Computing Assistance

Wenhao Wang, Yichen Jiang, +8 authors D. Lin
Computer Science
ArXiv
2019

Securing the Storage Data Path with SGX Enclaves

Danny Harnik, Eliad Tsfadia, D. Chen, Ronen I. Kat
Computer Science
ArXiv
2018

TVIDS: Trusted virtual IDS with SGX

J. Wang, S. Hao, +5 authors H. Zhang
Computer Science
China Communications
2019

References

SHOWING 1-10 OF 56 REFERENCES

SORT BY

Multi-Context TLS (mcTLS): Enabling Secure In-Network Functionality in TLS

D. Naylor, Kyle Schomp, +6 authors P. Steenkiste
Computer Science
SIGCOMM '15
2015

Privacy-preserving deep packet inspection in outsourced middleboxes

Xingliang Yuan, X. Wang, J. Lin, C. Wang
Computer Science
IEEE INFOCOM 2016 - The 35th Annual IEEE International Conference on Computer Communications
2016