PoS: Constructing Practical and Efficient Public Key Cryptosystems Based on Symmetric Cryptography with SGX

摘要

Public key cryptosystems (PKCs) often rely on public key algorithms based on mathematical problems that currently admit no efficient solution, such as integer factorization and discrete logarithm, which are relatively computationally costly compared with most symmetric key algorithms of equivalent security. In this paper, we propose PoS, constructing practical and efficient PKCs based on symmetric cryptography with SGX. To achieve this, we separate private and public operations into dedicated private and public SGX enclaves, hosted on the recipient and sender sides respectively, and leverage the security mechanisms provided by SGX to make symmetric keys shared between private enclave and public enclave, while being kept secret from the sender, by limiting the shared keys within public enclave and not exportable. PoS gains security guarantees when the security assumptions of SGX and symmetric cryptography stand. To demonstrate the practicality and efficiency of the PKCs constructed on PoS, we have constructed, implemented, and benchmarked two PKCs based on PoS, PKE-PoS and IBE-PoS. The evaluation results show that both PKE-PoS and IBE-PoS gain excellent performance: the performance of PKE-PoS is up to 195 times of that of RSA-2048, and the performance of IBE-PoS is up to 4 orders of magnitude higher than that of Boneh-Franklin IBE.