SGX-BigMatrix: A practical encrypted data analytic framework with trusted processors

Fahad Shaon, Murat Kantarcioglu, Zhiqiang Lin, Latifur Khan

An encrypted data analytics framework that allows multiple distrusting parties to perform complex analytics and ML tasks on large encrypted data sets.


Recently, using secure processors for trusted computing in cloud has attracted a lot of attention. Over the past few years, efficient and secure data analytic tools (e.g., map-reduce framework, machine learning models, and SQL querying) that can be executed over encrypted data using the trusted hardware have been developed. However, these prior efforts do not provide a simple, secure and high level language based framework that is suitable for enabling generic data analytics for non-security experts who do not have concepts such as ``oblivious execution''. In this paper, we thus provide such a framework that allows data scientists to perform the data analytic tasks with secure processors using a Python/Matlab-like high level language. Our framework automatically compiles programs written in our language to optimal execution code by managing issues such as optimal data block sizes for I/O, vectorized computations to simplify much of the data processing, and optimal ordering of operations for certain tasks. Furthermore, many language constructs such as if-statements are removed so that a non-expert user is less likely to create a piece of code that may reveal sensitive information while allowing oblivious data processing (i.e., hiding access patterns). Using these design choices, we provide guarantees for efficient and secure data analytics. We show that our framework can be used to run the existing big data benchmark queries over encrypted data using the Intel SGX efficiently. Our empirical results indicate that our proposed framework is orders of magnitude faster than the general oblivious execution alternatives.


  title={{SGX-BigMatrix}: A practical encrypted data analytic framework with trusted processors},
  author={Shaon, Fahad and Kantarcioglu, Murat and Lin, Zhiqiang and Khan, Latifur},
  booktitle={Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security},


Matrix, BigMatrix, SGX-BigMatrix, LargeMatrix, Encrypted Analytics, Trusted Processor, SGX