Precursor: A fast, client-centric and trusted key-value store using RDMA and Intel SGX

Messadi I, Neumann S, Weichbrodt N, Almstedt L, Mahhouk M, Kapitza R (2021)


Publication Type: Conference contribution

Publication year: 2021

Publisher: Association for Computing Machinery, Inc

Pages Range: 1-13

Conference Proceedings Title: Middleware 2021 - Proceedings of the 22nd International Middleware Conference

Event location: Virtual, Online, CAN

ISBN: 9781450385343

DOI: 10.1145/3464298.3476129

Abstract

As offered by the Intel Software Guard Extensions (SGX), trusted execution enables confidentiality and integrity for off-site deployed services. Thereby, securing key-value stores has received particular attention, as they are a building block for many complex applications to speed-up request processing. Initially, the developers' main design challenge has been to address the performance barriers of SGX. Besides, we identified the integration of a SGX-secured key-value store with recent network technologies, especially RDMA, as an essential emerging requirement. RDMA allows fast direct access to remote memory at high bandwidth. As SGX-protected memory cannot be directly accessed over the network, a fast exchange between the main and trusted memory must be enabled. More importantly, SGX-protected services can be expected to be CPU-bound as a result of the vast number of cryptographic operations required to transfer and store data securely. In this paper, we present Precursor, a new key-value store design that utilizes trusted execution to offer confidentiality and integrity while relying on RDMA for low latency and high bandwidth communication. Precursor offloads cryptographic operations to the client-side to prevent a server-side CPU bottleneck and reduces data movement in and out of the trusted execution environment. Our evaluation shows that Precursor achieves up to 6 - 8.5 times higher throughput when compared against similar SGX-secured key-value store approaches.

Authors with CRIS profile

Involved external institutions

How to cite

APA:

Messadi, I., Neumann, S., Weichbrodt, N., Almstedt, L., Mahhouk, M., & Kapitza, R. (2021). Precursor: A fast, client-centric and trusted key-value store using RDMA and Intel SGX. In Middleware 2021 - Proceedings of the 22nd International Middleware Conference (pp. 1-13). Virtual, Online, CAN: Association for Computing Machinery, Inc.

MLA:

Messadi, Ines, et al. "Precursor: A fast, client-centric and trusted key-value store using RDMA and Intel SGX." Proceedings of the 22nd International Middleware Conference, Middleware 2021, Virtual, Online, CAN Association for Computing Machinery, Inc, 2021. 1-13.

BibTeX: Download