And Then Therewere More: Secure Communication For More Than Two Parties

Internet communication today typically involves intermediary middleboxes like caches, compression proxies, or virus scanners. Unfortunately, as encryption becomes more widespread, these middleboxes become blind and we lose their security, functionality, and performance benefits. Despite initial efforts in both industry and academia, we remain unsure how to integrate middleboxes into secure sessions-it is not even clear how to define "secure" in this multi-entity context.In this paper, we first describe a design space for secure multientity communication protocols, highlighting tradeoffs between mutually incompatible properties. We then target real-world requirements unmet by existing protocols, like outsourcing middleboxes to untrusted infrastructure and supporting legacy clients. We propose a security definition and present Middle-box TLS (mbTLS), a protocol that provides it (in part by using Intel SGX to protect middleboxes from untrusted hardware). We show that mbTLS is deployable today and introduces little overhead, and we describe our experience building a simple mbTLS HTTP proxy.