And Then There Were More: Secure Communication for More Than Two Parties
- David Naylor ,
- Richard Li ,
- Christos Gkantsidis ,
- Thomas Karagiannis ,
- Peter Steenkiste
CoNEXT '17 Proceedings of the 13th International Conference on emerging Networking EXperiments and Technologies |
Published by ACM
Internet communication today typically involves intermediary middleboxes like caches, compression proxies, or virus scanners. Unfortunately, as encryption becomes more widespread, these middleboxes become blind and we lose their security, functionality, and performance benefits. Despite initial efforts in both industry and academia, we remain unsure how to integrate middleboxes into secure sessions—it is not even clear how to define “secure” in this multi-entity context.
In this paper, we first describe a design space for secure multi-entity communication protocols, highlighting tradeoffs between mutually incompatible properties. We then target real-world requirements unmet by existing protocols, like outsourcing middleboxes to untrusted infrastructure and supporting legacy clients. We propose a security definition and present Middlebox TLS (mbTLS), a protocol that provides it (in part by using Intel SGX to protect middleboxes from untrusted hardware). We show that mbTLS is deployable today and introduces little overhead, and we describe our experience building a simple mbTLS HTTP proxy.