IACR News item: 06 June 2023
James Choncholas, Ketan Bhardwaj, Ada Gavrilovska
ePrint Report
Trusted Execution Environments (TEEs) suffer from
performance issues when executing certain management instructions, such as creating an enclave, context switching in and out of protected mode, and swapping cached pages. This is especially problematic for short-running, interactive functions in Function-as-a-Service (FaaS) platforms, where existing techniques to address enclave overheads are insufficient. We find FaaS functions can spend more time managing the enclave than executing application instructions. In this work, we propose a TEE/GC hybrid (TGh) protocol to enable confidential FaaS platforms. TGh moves computation out of the enclave onto the untrusted host using garbled circuits (GC), a cryptographic construction for secure function evaluation. Our approach retains the security guarantees of enclaves while avoiding the
performance issues associated with enclave management instructions.
Additional news items may be found on the IACR news page.