iBet uBet web content aggregator. Adding the entire web to your favor.
iBet uBet web content aggregator. Adding the entire web to your favor.



Link to original content: http://eprint.iacr.org/2016/1027
Formal Abstractions for Attested Execution Secure Processors

Paper 2016/1027

Formal Abstractions for Attested Execution Secure Processors

Rafael Pass, Elaine Shi, and Florian Tramer

Abstract

Realistic secure processors, including those built for academic and commercial purposes, commonly realize an “attested execution” abstraction. Despite being the de facto standard for modern secure processors, the “attested execution” abstraction has not received adequate formal treatment. We provide formal abstractions for “attested execution” secure processors and rigorously explore its expressive power. Our explorations show both the expected and the surprising. On one hand, we show that just like the common belief, attested execution is extremely powerful, and allows one to realize powerful cryptographic abstractions such as stateful obfuscation whose existence is otherwise impossible even when assuming virtual blackbox obfuscation and stateless hardware tokens. On the other hand, we show that surprisingly, realizing composable two-party computation with attested execution processors is not as straightforward as one might anticipate. Specifically, only when both parties are equipped with a secure processor can we realize composable two-party computation. If one of the parties does not have a secure processor, we show that composable two-party computation is impossible. In practice, however, it would be desirable to allow multiple legacy clients (without secure processors) to leverage a server’s secure processor to perform a multi-party computation task. We show how to introduce minimal additional setup assumptions to enable this. Finally, we show that fair multi-party computation for general functionalities is impossible if secure processors do not have trusted clocks. When secure processors have trusted clocks, we can realize fair two-party computation if both parties are equipped with a secure processor; but if only one party has a secure processor (with a trusted clock), then fairness is still impossible for general functionalities.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
A major revision of an IACR publication in EUROCRYPT 2017
Keywords
trusted hardwareattested executionprotocoluniversal compositionmodelling
Contact author(s)
tramer @ stanford edu
History
2017-02-17: revised
2016-11-01: received
See all versions
Short URL
https://ia.cr/2016/1027
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/1027,
      author = {Rafael Pass and Elaine Shi and Florian Tramer},
      title = {Formal Abstractions for Attested Execution Secure Processors},
      howpublished = {Cryptology {ePrint} Archive, Paper 2016/1027},
      year = {2016},
      url = {https://eprint.iacr.org/2016/1027}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.