| Title | SeGShare: Secure Group File Sharing in the Cloud using Enclaves |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Fuhry, B., Hirschoff, L., Koesnadi, S., Kerschbaum, F. |
| Conference Name | 2020 50th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) |
| Date Published | jun |
| Keywords | authentication, Authorization, cloud storage, composability, encrypted file sharing, Encryption, Human Behavior, Intel SGX, Metrics, pubcrawl, Random access memory, resilience, Resiliency, Secure File Sharing, TEE, Trusted Execution Environment |
| Abstract | File sharing applications using cloud storage are increasingly popular for personal and business use. Due to data protection concerns, end-to-end encryption is often a desired feature of these applications. Many attempts at designing cryptographic solutions fail to be adopted due to missing relevant features. We present SeGShare, a new architecture for end-to-end encrypted, group-based file sharing using trusted execution environments (TEE), e.g., Intel SGX. SeGShare is the first solution to protect the confidentiality and integrity of all data and management files; enforce immediate permission and membership revocations; support deduplication; and mitigate rollback attacks. Next to authentication, authorization and file system management, our implementation features an optimized TLS layer that enables high throughput and low latency. The encryption overhead of our implementation is extremely small in computation and storage resources. Our enclave code comprises less than 8500 lines of code enabling efficient mitigation of common pitfalls in deploying code to TEEs. |
| DOI | 10.1109/DSN48063.2020.00061 |
| Citation Key | fuhry_segshare_2020 |
SeGShare: Secure Group File Sharing in the Cloud using Enclaves