Ascend: Architecture for Secure Computation on Encrypted Data

Outsourcing computation to the cloud has a difficult set of privacy challenges, a primary one being that the client cannot really trust cloud or application software. Encrypted computation achieves privacy by having the user specify encrypted inputs to a program in the cloud and returning encrypted results.

The design and implementation of a secure processor architecture, called Ascend, that guarantees privacy of data computed upon by untrusted programs and run on an untrusted operating system (OS) is underway. Our security goal is to only trust the Ascend processor chip and show that it is secure against software attacks and power analysis attacks on its pins even though application and system software can be malicious. Our performance goal is to show that execution time and energy overheads of encrypted computation are reasonable. The key idea in Ascend to guarantee privacy is obfuscated program execution: from the perspective of the Ascend chip's input/output and power pins, an untrusted server cannot learn anything about private user data regardless of the program run.

Through innovations in architectural mechanisms, security protocols, and applied cryptography, we hope to show that it is viable to only trust hardware and not trust any software in some security-conscious applications, thereby substantially minimizing the trusted computing base for these applications. The development of simulator infrastructure and hardware prototypes will allow the fruits of the research to be widely disseminated. This project will introduce high-school students to research in applied cryptography and security through an innovative high-school outreach program.