Ensuring State Continuity for Confidential Computing: A Blockchain-Based Approach

【Author】 Peng, Wei; Li, Xiang; Niu, Jianyu; Zhang, Xiaokuan; Zhang, Yinqian

【Source】IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING

【影响因子】6.791

【Abstract】Public cloud platforms have employed Trusted Execution Environment (TEE) technology to provide confidential computing services. However, applications running on cloud TEEs are susceptible to rollback or forking attacks. Their states can be rolled back to an outdated version or split into multiple conflicting versions, violating state continuity. Existing solutions against these attacks either rely on centralized trust assumption (e.g., trusted server) or have limited performance (e.g., tens of state updates per second). In this article, we introduce Narrator-Pro (an upgrade to the original Narrator), a secure and practical distributed system that utilizes blockchain technology and TEEs to provide high-performance state continuity protection for TEE applications in the cloud. Specifically, we use the blockchain to initialize the system, which lays down the decentralized trust base with minimal interaction overhead. Meanwhile, we leverage the distributed system composed of TEEs to provide fast and unlimited state updates. We have implemented a proof-of-concept of Narrator-Pro in Intel SGX and conducted extensive evaluations in both the WAN and the LAN. Our results show that in a LAN environment with 5 nodes, Narrator-Pro can support around 8 k state updates per second with a latency of 3.58 ms. This performance is 30x higher than ROTE and 70x higher than using a TPM counter.

【Keywords】Codes; Protocols; Cloud computing; Consensus protocol; Computer crashes; Wide area networks; Operating systems; Trusted execution environment; state continuity; blockchain; forking attack; rollback attack

【发表时间】2024 NOV

【收录时间】2024-11-29

【文献类型】

【主题类别】

--