Authenticated key-value stores with hardware enclaves

Kai Li, Yuzhe Tang, Qi Zhang, Jianliang Xu, Ju Chen

Research output: Chapter in book/report/conference proceedingConference contributionpeer-review

Abstract

Authenticated data storage on an untrusted platform is an important computing paradigm for cloud applications ranging from data outsourcing, to cryptocurrency and general transparency logs. These modern applications increasingly feature update-intensive workloads, whereas existing authenticated data structures (ADSs) designed with in-place updates are inefficient to handle such workloads. This work addresses the issue and presents a novel authenticated log-structured merge tree (eLSM) based key-value store built on Intel SGX. We present a system design that runs the code of eLSM store inside enclave. To circumvent the limited enclave memory (128 MB with the latest Intel CPUs), we propose to place the memory buffer of the eLSM store outside the enclave and protect the buffer using a new authenticated data structure by digesting individual LSM-tree levels. We design protocols to support data integrity, (range) query completeness, and freshness. Our protocol causes small proofs by including the Merkle proofs at selected levels. We implement eLSM on top of Google LevelDB and Facebook RocksDB with minimal code change and performance interference. We evaluate the performance of eLSM under the YCSB workload benchmark and show a performance advantage of up to 4.5X speedup.

Original languageEnglish
Title of host publicationMiddleware 2021 - Proceedings of the 22nd International Middleware Conference
Subtitle of host publicationIndustrial Track
PublisherAssociation for Computing Machinery, Inc
Pages1-8
Number of pages8
ISBN (Electronic)9781450391528
DOIs
Publication statusPublished - 6 Dec 2021
Event22nd International Middleware Conference, Middleware 2021 - Virtual, Online, Canada
Duration: 6 Dec 202110 Dec 2021

Publication series

NameProceedings of International Middleware Conference

Conference

Conference22nd International Middleware Conference, Middleware 2021
Country/TerritoryCanada
CityVirtual, Online
Period6/12/2110/12/21

Scopus Subject Areas

  • Information Systems
  • Software

User-Defined Keywords

  • data integrity
  • enclave
  • key-value stores
  • LSM trees
  • query authentication
  • SGX
  • storage consistency

Fingerprint

Dive into the research topics of 'Authenticated key-value stores with hardware enclaves'. Together they form a unique fingerprint.

Cite this