Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware...
Transcript of Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware...
![Page 1: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/1.jpg)
1
Toward Scaling Hardware Security Module forEmerging Cloud Services
Juhyeng Han*, Seongmin Kim*, Taesoo Kim † , Dongsu Han
KAIST †Georgia Tech
* The first two authors contributed equally to this work.
![Page 2: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/2.jpg)
Hardware Security Modules (HSMs)
2
• Root of trust for various key management services (KMS)• Their root keys should be stored in HSMs
• Secure physical separation and protection• Satisfies security regulation requirements such as FIPS 140-2
Host HSM
Requestcryptographic operations
Response(e.g., Digital signature)
Physical separation
Root keys
![Page 3: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/3.jpg)
Hardware Security Modules (HSMs)
3
• Root of trust for various key management services (KMS)• Root keys should be stored in HSMs
• Secure physical separation and protection• Satisfies security regulation requirements such as FIPS 140-2
Host HSM
Requestcryptographic operations
Response(e.g., Digital signature)
Physical separation
Physical separation required(U.S. and Canadian security standard)
Tamper-evidentTamper-resistant
FIPS140-2
Root keys
![Page 4: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/4.jpg)
Demands for Scalable Security Services
4
Microservices
Edge computing
Financial technology
Innovation in emerging cloud
industries
Increase of secure network
transactions
User-to-Service
Service-to-Service
Demands for scalable security
services
More cryptographic operations
Low latency & High throughput
Multiple user/key isolation
![Page 5: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/5.jpg)
Problem: Limited Scalability of HSMs
5
HSMMultipleservices
Lots of requestDedicated hardware
Signing speed: 10,000 tps (RSA-2048)Price: $29,900
Network
Performancebottleneck!
![Page 6: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/6.jpg)
Problem: Limited Scalability of HSMs
6
Expensive solution!
Many on-premises HSMsMultipleservices
Lots of request
Network
![Page 7: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/7.jpg)
Problem: Limited Scalability of HSMs
7
Price: $1,250 per month (IBM Cloud HSM)
Multipleservices
Lots of request
Network
Cloud HSM
Expensive solution!
![Page 8: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/8.jpg)
Expensive solution!
Problem: Limited Scalability of HSMs
8
Price: $1,250 per month (IBM Cloud HSM)
Multipleservices
Lots of request
Network
Cloud HSM
Can we efficiently scale out HSMs for key management services?
![Page 9: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/9.jpg)
Enclave
Encryptedcode/data
SGX CPU
System MemorySGX-equipped server
Alternative Approach
9
• Leverages commodity Trusted Execution Environment (TEE) instead of HSMs[S. Chakrabarti et al. “Intel® SGX Enabled Key Manager Service with OpenStack Barbican.” arXiv preprint arXiv:1712.07694, 2017.]
Malicious OS or Hypervisor
![Page 10: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/10.jpg)
Limitation of the Alternative Approach
10
• Leverages commodity Trusted Execution Environment (TEE) instead of HSMs[S. Chakrabarti et al. “Intel® SGX Enabled Key Manager Service with OpenStack Barbican.” arXiv preprint arXiv:1712.07694, 2017.]
Does not provide physical separation & protection
Enclave
Encryptedcode/data
SGX CPU
System MemorySGX-equipped server
![Page 11: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/11.jpg)
Approach : Combining HSMs with TEE-based KMS
11
• Achieves cost-efficient scalability with SGX technology• Maintains security level of physical separation with HSMs• SGX enclaves and HSMs collaborate for key management
SGX-equipped server HSM
Physical separation
PCIe/Network communication
MultipleSGX EnclavesSGX CPU
instructions
Collaborative KMS
![Page 12: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/12.jpg)
Deployment Assumption & Threat Model
12
Root-privilegedattacker
Untrusted Platform
Microservices(KMS clients)
HSM (Trusted)
Multiple SGX Enclaves
(Trusted)
Root keys(Root-of-trust)
Physical separation
KMS request
Fake Enclave
Invalid access
![Page 13: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/13.jpg)
Challenge 1 : Scaling Performance
13
• Frequent private key operation requests to HSMs can incur performance bottleneck.
Untrusted Platform
Microservices(KMS clients)
HSM
Multiple SGX Enclaves
Root keys(Root-of-trust)
Physical separation
![Page 14: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/14.jpg)
Challenge 1 : Scaling Performance
14
• Frequent private key operation requests to HSMs can incur performance bottleneck.
Untrusted Platform
① Frequent short-living authentication requests
Microservices(KMS clients)
HSM
Multiple SGX Enclaves
Root keys(Root-of-trust)
Physical separation
Heavy private key operations
![Page 15: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/15.jpg)
Challenge 1 : Scaling Performance
15
• Frequent private key operation requests to HSMs can incur performance bottleneck.
Untrusted Platform
Microservices(KMS clients)
HSM
Multiple SGX Enclaves
Root keys(Root-of-trust)
Physical separation① Frequent short-living authentication requests
Heavy private key operations
Performance bottleneck
![Page 16: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/16.jpg)
Challenge 1 : Scaling Performance
16
• Frequent private key operation requests to HSMs can incur performance bottleneck.
Untrusted Platform
② Symmetric key operation requests
Microservices(KMS clients)
HSM
Multiple SGX Enclaves
Root keys(Root-of-trust)
Physical separation① Frequent short-living authentication requests
Heavy private key operations
![Page 17: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/17.jpg)
Challenge 2 : Validation between Enclaves and HSMs
17
Untrusted Platform
RequestResponse
• KMS clients, SGX enclaves and HSMs should trust each others• Lack of validation mechanism between SGX enclaves and HSMs
HSM
Multiple SGX Enclaves
Root keys(Root-of-trust)
Physical separation
Microservices(KMS clients)
![Page 18: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/18.jpg)
HSM
Multiple SGX Enclaves
Root keys(Root-of-trust)
RequestResponse
Physical separation
18
• KMS clients, SGX enclaves and HSMs should trust each others• Lack of validation mechanism between SGX enclaves and HSMs
Trust?
Fake Enclave
MITM
Trust?
Invalid access
Untrusted Platform
Microservices(KMS clients)
Challenge 2 : Validation between Enclaves and HSMs
![Page 19: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/19.jpg)
Design Goals of ScaleTrust
19
1. Scalable performanceEnhances performance by scaling out and does not make an HSM a performance bottleneck
2. Cost-effectiveness Cost-efficiently scales out for key management services
3. Security Preserves a chain-of-trust from an HSM to clients
![Page 20: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/20.jpg)
Design Overview
20
Untrusted Platform
Physical separation
HSM
Root key pair(Root-of-trust)
Untrusted Platform
Trusted Host
BootstrappingEnclave
KMS EnclavesMicroservices
(KMS clients)
![Page 21: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/21.jpg)
Design Overview
21
Untrusted Platform
Physical separation
HSM
Root key pair(Root-of-trust)
Untrusted Platform
Trusted Host
BootstrappingEnclave
KMS EnclavesMicroservices
(KMS clients)
KMS request
![Page 22: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/22.jpg)
Design Overview
22
Untrusted Platform
Physical separation
HSM
Root key pair(Root-of-trust)
Untrusted Platform
Trusted Host
BootstrappingEnclave
Microservices(KMS clients)
KMS Enclaves
PKCS#11 API calls
KMS request
![Page 23: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/23.jpg)
Design Overview
23
Untrusted PlatformUntrusted Platform
Trusted Host
BootstrappingEnclave
Microservices(KMS clients)
KMS Enclaves
KMS request
Physical separation
Root key pair(Root-of-trust)
Derived keys
PKCS#11 API calls
HSM
![Page 24: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/24.jpg)
Design Overview
24
Untrusted PlatformUntrusted Platform
KMS EnclavesMicroservices
(KMS clients)Derived keys
PKCS#11 API calls
Root public key
KMS request
Physical separation
Root key pair(Root-of-trust)
HSM
Offline key deployment
(Trusted)
BootstrappingEnclave
Trusted Host
![Page 25: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/25.jpg)
Secure bootstrapping
25
Secure bootstrapping ① : An HSM generates
a root key pairs
Microservices(KMS clients)
KMS Enclaves
Untrusted Platform
BootstrappingEnclave
Trusted Host Physical separation
HSM
Root key pair(Root-of-trust)
![Page 26: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/26.jpg)
Secure bootstrapping
26
Secure bootstrapping ② : The HSM shares root public
key with bootstrapping enclave
Microservices(KMS clients)
Offline key deployment
(Trusted)
KMS Enclaves
Untrusted Platform
BootstrappingEnclave
Trusted Host Physical separation
HSM
Root key pair(Root-of-trust)
![Page 27: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/27.jpg)
Secure bootstrapping
27
Secure bootstrapping ③ : The bootstrapping enclave
attests KMS enclaves
RemoteattestationBootstrapping
Enclave
Trusted Host
Microservices(KMS clients)
Physical separation
HSM
Root key pair(Root-of-trust)
KMS Enclaves
Untrusted Platform
![Page 28: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/28.jpg)
Secure bootstrapping
28
Secure bootstrapping ④ :The bootstrapping enclave
shares the public key
Key deploymentBootstrapping
Enclave
Trusted Host
Microservices(KMS clients)
Physical separation
HSM
Root key pair(Root-of-trust)
KMS Enclaves
Untrusted Platform
![Page 29: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/29.jpg)
Secure bootstrapping
29
Secure bootstrapping ⑤ : The KMS enclaves attest the
HSM and build secure channels
BootstrappingEnclave
Trusted Host
Microservices(KMS clients)
Physical separation
HSM
Root key pair(Root-of-trust)
KMS Enclaves
Secure channel
Untrusted Platform
![Page 30: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/30.jpg)
Secure bootstrapping
30
Secure bootstrapping : A fake enclave cannot build a secure channel with the HSM
Fake Enclave
BootstrappingEnclave
Trusted Host
Microservices(KMS clients)
Physical separation
HSM
Root key pair(Root-of-trust)
KMS Enclaves
Untrusted Platform
Remoteattestation
![Page 31: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/31.jpg)
Attestation on SGX Instances
31
Attestation on enclaves ① : When the client first request
to KMS server, it allocates KMS enclaves for the client.
KMS request
Allocated enclaves
BootstrappingEnclave
Trusted Host
Microservices(KMS clients)
Physical separation
HSM
Root key pair(Root-of-trust)
Untrusted Platform
KMS Enclaves
![Page 32: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/32.jpg)
Attestation on SGX Instances
32
Attestation on enclaves ② : After a new KMS enclave is created, the bootstrapping
enclave attests it.
RemoteattestationBootstrapping
Enclave
Trusted Host
Microservices(KMS clients)
Physical separation
HSM
Root key pair(Root-of-trust)
KMS Enclaves
Secure channel
Untrusted Platform
![Page 33: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/33.jpg)
Attestation on SGX Instances
33
Attestation on enclaves ③ : Also, the client performs
remote attestation to verifythe KMS enclave.
BootstrappingEnclave
Trusted Host
Microservices(KMS clients)
Physical separation
HSM
Root key pair(Root-of-trust)
KMS Enclaves
PKCS#11 API calls
Secure channel
Untrusted Platform
Remote attestation
![Page 34: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/34.jpg)
Attestation on SGX Instances
34
Attestation on enclaves ④ : After the remote attestation,
the client sends encrypted KMS requests to the enclave
BootstrappingEnclave
Trusted Host
Microservices(KMS clients)
Untrusted Platform
Physical separation
HSM
Root key pair(Root-of-trust)
KMS Enclaves
PKCS#11 API calls
Secure channel
Remote attestationSecure channel
KMS request
![Page 35: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/35.jpg)
Attestation on SGX Instances
35
Untrusted PlatformAttestation on enclaves : A fake enclave cannot build a communication channel with
the client
Fake Enclave
Remoteattestation
Physical separation
HSM
Root key pair(Root-of-trust)
KMS Enclaves
PKCS#11 API calls
BootstrappingEnclave
Trusted Host
Microservices(KMS clients)
KMS request
![Page 36: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/36.jpg)
Hierarchical Design for Scaling
36
Root-of-trust
Scalable security services
KMS requests
Physical separation
KMS Enclave
Root key pair(root-of-trust)
HSM
Microservices(KMS clients)
![Page 37: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/37.jpg)
Hierarchical Design for Scaling
37
Root-of-trust
Scalable security services
KMS requests
Physical separation
KMS Enclave
Root key pair(root-of-trust)
HSM
Derivedkeys
Microservices(KMS clients)
Root key operation requests
![Page 38: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/38.jpg)
Hierarchical Design for Scaling
38
Microservices(KMS clients)
Physical separation
KMS Enclaves
Root-of-trust
Root key operation requests
Scalable security services
KMS requests
Root key pair(root-of-trust)
Frequent cryptographic requests
Derivedkeys
HSM
![Page 39: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/39.jpg)
JSON Web Token (JWT) for Microservice
39
JWT client
JWT auth server
A
R : Refresh token(Lifetime: few hours)
: Access token(Lifetime: more than a week)
![Page 40: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/40.jpg)
JSON Web Token (JWT) for Microservice
40
JWT clientRefresh token request
A
R : Refresh token(Lifetime: few hours)
: Access token(Lifetime: more than a week)
JWT auth server
![Page 41: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/41.jpg)
JSON Web Token (JWT) for Microservice
41
JWT clientRefresh token request
A
R : Refresh token(Lifetime: few hours)
: Access token(Lifetime: more than a week)
JWT auth server
Creates and signs the refresh token
Refresh token key pair
R
![Page 42: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/42.jpg)
JSON Web Token (JWT) for Microservice
42
JWT clientAccess token request
JWT auth server
A
R : Refresh token(Lifetime: few hours)
: Access token(Lifetime: more than a week)
Verifies the refresh token and sends a new access token
R
A
R
Refresh token key pair
RWeb server
A
![Page 43: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/43.jpg)
Application Case Study : JWT Management
43
JWT client
Physical separation
KMS Enclaves
Refresh token key pair
HSM
JWT auth serverRefresh token request
A
R : Refresh token(Lifetime: few hours)
: Access token(Lifetime: more than a week)
Refresh token request
![Page 44: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/44.jpg)
Application Case Study : JWT Management
44
JWT client
Physical separation
KMS Enclaves
Refresh token key pair
HSM
JWT auth serverRefresh token request
R
Public key of refresh token
A
R : Refresh token(Lifetime: few hours)
: Access token(Lifetime: more than a week)
Refresh token request
R
![Page 45: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/45.jpg)
Application Case Study : JWT Management
45
JWT client
Physical separation
KMS Enclaves
Refresh token key pair
HSM
JWT auth server
Validate the refresh token
Access token requestR
A
R : Refresh token(Lifetime: few hours)
: Access token(Lifetime: more than a week)
![Page 46: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/46.jpg)
Application Case Study : JWT Management
46
JWT client
Physical separation
KMS Enclaves
Refresh token key pair
HSM
JWT auth server
Validate the refresh token
Access token request
A
A
R : Refresh token(Lifetime: few hours)
: Access token(Lifetime: more than a week)
![Page 47: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/47.jpg)
Application Case Study : JWT Management
47
JWT client
Physical separation
KMS Enclaves
Refresh token key pair
HSM
JWT auth serverAccess token request
Refresh token request
A
R : Refresh token(Lifetime: few hours)
: Access token(Lifetime: more than a week)
A
R
R
![Page 48: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/48.jpg)
Preliminary Evaluation
48
SGX-equipped server
SoftHSM
• Environment setup• CPU: Quad-core Intel Xeon E3-1280 v6 (SGX-enabled)• Intel SGX Linux SDK version 2.5• We use SoftHSM to emulate an HSM device.• Each enclave and HSM performs the same SHA-256 with RSA-2048 signing
Enclave calls
PKCS#11 API calls
RSA key pair
RSA key pair
KMS Enclaves
JWT client
Token requests
![Page 49: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/49.jpg)
Preliminary Evaluation: Latency Improvement
49
• Scaling out KMS enclaves for latency improvement
0
0.2
0.4
0.6
0.8
1
0 500 1000 1500 2000 2500 3000 3500
CD
F
Response time (ms)
0.95
HSM
1 Enclave
2 Enclaves
4 Enclaves
![Page 50: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/50.jpg)
Preliminary Evaluation: Cost-effective Scaling
50
Approach for KMS Equipment Performance
(RSA-2048 sign) Price tps/$
ScaleTrust(on-premisesSGX machine)
Xeon E3-1280 v6 CPU (Quad, 4.2 GHz) 3,600 tps $500 7.2
On-premises HSMs-only Luna SA A790 HSM 10,000 tps $29,900 0.33
ScaleTrust(in Azure cloud)
Xeon E-2176G CPU (Quad, 4.7 GHz)
> 3,600 tps(estimated)
$500per month
> 7.2for a month
Cloud HSM (Azure HSM) Luna SA A790 HSM 10,000 tps
$5000+ $3,541
per month
1.17 for a month
*tps = transactions per second
![Page 51: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/51.jpg)
Future work
51
• Evaluation with a real HSM device
Physical separation
HSM
Root key pair(Root-of-trust)
KMS Enclaves
Untrusted Platform
PKCS#11 API calls
![Page 52: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/52.jpg)
Future work
52
• Physical separation by Intel VCA (SGX card)
Intel VCA card
SGX node1
Enclave1
SGX node2 SGX node3
Enclave1
Enclave1Host
SGX node manager
MMIO region
Enclave2
Enclave2
PCIe communication
![Page 53: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/53.jpg)
Conclusion
53
• We explore new design space to address the limitedscalability of HSMs by combining TEE technology
• ScaleTrust preserves chain-of-trust from an HSM to clients
• ScaleTrust utilizes HSMs and SGX enclaves in a hierarchical model to relieve the burden of HSMs
• Our JWT case study shows that ScaleTrust can be applied to key management for microservices.
![Page 54: Toward Scaling Hardware Security Module for Emerging …sgxhsm-slides.pdfToward Scaling Hardware Security Module for Emerging Cloud Services Juhyeng Han*, Seongmin Kim*, TaesooKim](https://reader033.fdocuments.net/reader033/viewer/2022051322/60336537a5508a3086672712/html5/thumbnails/54.jpg)
Thank You