alt text 

Stanford University Networking Seminar

Wenting Zheng (UC Berkeley)
Opaque: An Oblivious and Encrypted Distributed Analytics Platform

1:45pm, Thursday, April 12 2018
Gates 415

About the Talk

Many analytics systems compute on sensitive data in the cloud, but are prone to data breaches. While cryptographic techniques such as fully homomorphic encryption support arbitrary computation on encrypted data, these schemes are too slow to be practical. Recent exciting development in hardware enclaves promises data confidentiality and isolated execution of arbitrary computation at near processor speed. However, enclaves still suffer from a sophisticated attack called “access pattern leakage”.

In this talk, I will describe Opaque, a distributed data analytics platform that leverages hardware enclaves. In addition to the strong security guarantees provided by enclaves, Opaque also protects against both network and memory access pattern leakage. To efficiently accomplish this goal, Opaque introduces new distributed oblivious relational operators, as well as novel query planning techniques.

Opaque is implemented on Spark SQL with few changes to the underlying system. It provides data encryption, authentication, and computation verification with a performance ranging from 52% faster to 3.3x slower than vanilla Spark SQL; obliviousness comes with a 1.6 - 46x overhead. At the same time, Opaque provides an improvement of three orders of magnitude over state-of-the-art oblivious protocols.

About the Speaker

Wenting is a Ph.D. student at UC Berkeley advised by Raluca Ada Popa and Ion Stoica. She is broadly interested in system security.