臺灣博碩士論文加值系統

網際網路和行動裝置高度普及，各式各樣的隱私資料上傳至雲端進行分析運用，然而駭客入侵雲端作業系統、VMM (Virtual Machine Monitor) 或雲端管理員擁有權限查看資料等眾多攻擊面向，皆使得個人隱私資料面臨洩漏風險。本研究使用Intel所提出軟硬體可信執行環境解決方案：SGX (Software Guard Extensions) ，為雲端隱私保護議題提出一個包含使用者、雲端業者、SecaaS（Security as a Service）和MLaaS（Machine Learning as a Service）提供者等四種角色的架構，並設計各個角色間資料、加解密過程與運算流程，以多重資料源功能加密於機器學習的應用，說明此架構滿足資料在儲存、傳遞、使用中皆擁有隱私保護效果。本論文亦闡述SGX限制與安全議題，並進一步與差分隱私、全同態加密進行隱私保護應用之比較。

Due to the fact that mobile devices and the usage of the internet have become integral parts of our lives, various kinds of private data have been collected and uploaded to the cloud for analysis. Followed by, hackers attack cloud OS, VMM(Virtual Machine Monitor); cloud administrators take on unauthorized action, all leave privacy data at risk. This research aims to resolve the issue by conducting SGX (Software Guard Extensions), Intel’s software and hardware trusted execution environment solution, to propose a software architecture. The designed architecture contains four characters, Users, Cloud Service Provider, Security as a Service and Machine Learning as a Service, which then designed data flow, encryption/decryption flow as well as computation flow between the characters. To explain how the architecture meets the privacy protection demands of data at all time (at-rest, in-transit, and in-use), the research takes Multi-Input Functional Encryption on binary classification of Machine Learning as examples.

第一章 導論 1
第一節 研究動機 1
第二節 研究目的 2
第二章 研究背景 4
第一節 網路服務之隱私保護與挑戰 4
第二節 功能加密 5
第三節 多重資料源功能加密 7
第四節 Intel SGX 概述及保護機制 7
第三章 相關研究 10
第一節 多重資料源功能加密實作 10
第二節 具有隱私保護效果的機器學習分類與預測 10
第三節 Intel SGX 於雲端相關應用 11
第四章 研究方法與架構 13
第一節 研究架構 13
第二節 SGX 實作設計議題 18
第三節 資料集概述 19
第五章 研究實作與結果 21
第一節 資料集分析與建模 21
第二節 開發平台建置 23
第三節 系統開發流程 24
第四節 系統實作 27
第五節 限制與安全議題 31
第六節 隱私保護實作方案比較 35
第六章 結論與未來展望 38
第一節 結論 38
第二節 未來展望 38
參考文獻 39

[1] C. Gentry, A fully homomorphic encryption scheme. Stanford University, 2009.
[2] D. Boneh, A. Sahai, and B. Waters, “Functional encryption: definitions and challenges,” in Theory of Cryptography Conference, pp. 253–273, Springer, 2011.
[3] C. Dwork, “Differential privacy: A survey of results,” in International Conference
on Theory and Applications of Models of Computation, pp. 1–19, Springer, 2008.
[4] C. Gentry and S. Halevi, “Implementing Gentry’ s fully-homomorphic encryption
scheme,” in Annual International Conference on the Theory and Applications of
Cryptographic Techniques, pp. 129–148, Springer, 2011.
[5] M. Van Dijk and A. Juels, “On the impossibility of cryptography alone for privacypreserving cloud computing.,” HotSec, vol. 10, pp. 1–8, 2010.
[6] K. Lewi et al., “5Gen: A framework for prototyping applications using multilinear
maps and matrix branching programs,” in Proceedings of the 2016 ACM SIGSAC
Conference on Computer and Communications Security, pp. 981–992, ACM, 2016.
[7] B. Gellman and A. Soltani, “NSA infiltrates links to Yahoo, Google data centers
worldwide, snowden documents say,” The Washington Post, vol. 30, p. 2013, 2013.
[8] R. A. Popa et al., “CryptDB: protecting confidentiality with encrypted query processing,” in Proceedings of the Twenty-Third ACM Symposium on Operating Systems
Principles, pp. 85–100, ACM, 2011.
[9] F. McKeen et al., “Innovative instructions and software model for isolated execution.,” HASP@ ISCA, vol. 10, 2013.
[10] I. Intel, “Software guard extensions programming reference, revision 2.”
[11] Y. Lindell, “The security of Intel SGX for key protection and data privacy applications,” 2018.
[12] M. R. Albrecht et al., “Implementing candidate graded encoding schemes from ideal
lattices,” in International Conference on the Theory and Application of Cryptology
and Information Security, pp. 752–775, Springer, 2014.
[13] J.-S. Coron, T. Lepoint, and M. Tibouchi, “Practical multilinear maps over the integers,” in Advances in Cryptology–CRYPTO 2013, pp. 476–493, Springer, 2013.
[14] B. Fisch et al., “Iron: functional encryption using Intel SGX,” in Proceedings of
the 2017 ACM SIGSAC Conference on Computer and Communications Security,
pp. 765–782, ACM, 2017.
[15] J. W. Bos, K. Lauter, and M. Naehrig, “Private predictive analysis on encrypted
medical data,” Journal of biomedical informatics, vol. 50, pp. 234–243, 2014.
[16] R. Bost, R. A. Popa, S. Tu, and S. Goldwasser, “Machine learning classification over
encrypted data.,” in NDSS, p. 432, 2015.
[17] K. Bache and M. Lichman, “Uci machine learning repository,” 2013.
[18] F. Schuster and other, “Vc3: Trustworthy data analytics in the cloud using SGX,” in
Security and Privacy (SP), 2015 IEEE Symposium on, pp. 38–54, IEEE, 2015.
[19] A. Baumann, M. Peinado, and G. Hunt, “Shielding applications from an untrusted
cloud with haven,” ACM Transactions on Computer Systems (TOCS), vol. 33, no. 3,
p. 8, 2015.
[20] P. C. Kocher, “Timing attacks on implementations of Diffie-Hellman, RSA, DSS,
and other systems,” in Annual International Cryptology Conference, p. 104–113,
Springer, 1996.
[21] W. Wang et al., “Leaky cauldron on the dark land: understanding memory sidechannel hazards in SGX,” in Proceedings of the 2017 ACM SIGSAC Conference on
Computer and Communications Security, p. 2421–2434, ACM, 2017.
[22] F. Brasser et al., “Software grand exposure:SGX cache attacks are practical,” in 11th
USENIX Workshop on Offensive Technologies (WOOT 17), 2017.
[23] A. Moghimi, T. Eisenbarth, and B. Sunar, “Memjam: A false dependency attack
against constant-time crypto implementations in SGX,” in Cryptographers’ Track
at the RSA Conference, p. 21–44, Springer, 2018.
[24] G. Chen et al., “Sgxpectre attacks: Leaking enclave secrets via speculative execution,” arXiv preprint arXiv:1802.09085, 2018.