And Then ThereWere More: Secure Communication for More Than Two Parties

Internet communication today typically involves intermediary middleboxes like caches, compression proxies, or virus scanners. Unfortunately, as encryption becomes more widespread, these middleboxes become
blind and we lose their security, functionality, and performance benefits. Despite initial efforts in both industry and academia, we remain unsure how to integrate middleboxes into secure sessions, it is not even clear how to define “secure” in this multi-party context.

In this paper, we fist describe a design space for secure communication protocols for more than two parties, highlighting trade-offs between mutually incompatible properties. We then target real-world requirements unmet by existing protocols, like outsourcing middleboxes to untrusted infrastructure and supporting legacy clients. We propose a security definition and present Middlebox TLS (mbTLS), a protocol that provides it (in part by using Intel SGX to protect middleboxes from untrusted hardware). We show that mbTLS is deployable today and introduces low overhead, and we describe our experience building a simple mbTLS HTTP proxy.