Practical Encrypted Network Traffic Pattern Matching for Secure Middleboxes

Network Function Virtualisation (NFV) advances the adoption of composable software middleboxes. Accordingly, cloud data centres become major NFV vendors for enterprise traffic processing. Due to privacy concern redirection cloud, secure middlebox systems (e.g., BlindBox) draw much attention; they can process encrypted packets against rules directly. However, most existing supporting pattern matching based network functions require gateway tokenise packet payloads via sliding windows. Such tokenisation induces a considerable communication overhead, which be over 100$\times$ size. To overcome this bottleneck, in paper, we propose first bandwidth-efficient protocol We resort primitive called symmetric hidden vector encryption (SHVE), and variant it, aka SHVE+, achieve constant moderate cost. speed up, devise filters reduce number accesses SHVE+ during highly. formalise security our proposed conduct comprehensive evaluations real-world rulesets dumps. The results show that design inspect 20k within 100 $\mu$s. Compared prior work, it brings saving $94\%$ bandwidth consumption.