|The Dutch cybersecurity platform for higher education and research (dcypher) was founded in April 2016, with the goal of setting and coordinating scientific and applied cybersecurity research and higher education in The Netherlands. However, as of October 2020, dcypher, as we know it, will no longer exist and the future remains unknown as it is not clear what a post-dcypher era will look like. While this change brings along a lot of uncertainties, it also provides us with a chance to re-envision the future of the Dutch cybersecurity landscape. Such is the aim of this column, with a particular focus on the impact of young/junior cybersecurity researchers in The Netherlands.
Scalable Private Membership Test using Trusted Hardware
Guest Lecture by Andrew Paverd 10:30, Monday 23rd, October Lecture Hall Chip
Organized by Cyber Security Group, Supported by 4TU.Nirict
Malware checking is changing from being a local service to a cloud-assisted one where users' devices query a cloud server, which hosts a dictionary of malware signatures, to check if particular applications are potentially malware. Whilst such an architecture gains all the benefits of cloud-based services, it opens up a major privacy concern since the cloud service can infer personal traits of the users based on the lists of applications queried by their devices. Private membership test (PMT) schemes can remove this privacy concern. However, known PMT schemes do not scale well to a large number of simultaneous users and high query arrival rates.
We propose a simple PMT approach using a carousel: circling the entire dictionary through trusted hardware on the cloud server. Users communicate with the trusted hardware via secure channels. We show how the carousel approach, using different data structures to represent the dictionary, can be realized on two different commercial hardware security architectures (ARM TrustZone and Intel SGX). We highlight subtle aspects of securely implementing seemingly simple PMT schemes on these architectures. Through extensive experimental analysis, we show that for the malware checking scenario our carousel approach surprisingly outperforms Path ORAM on the same hardware by supporting a much higher query arrival rate while guaranteeing acceptable response latency for individual queries.