Cryptology ePrint Archive: Report 2017/180

Robust Synchronous P2P Primitives Using SGX Enclaves

Yaoqi Jia and Shruti Tople and Tarik Moataz and Deli Gong and Prateek Saxena and Zhenkai Liang

Abstract: Peer-to-peer (P2P) systems such as BitTorrent and Bitcoin are susceptible to serious attacks from byzantine nodes that join as peers. Due to well-known impossibility results for designing P2P primitives in unrestricted byzantine settings, research has explored many adversarial models with additional assumptions, ranging from mild (such as pre-established PKI) to strong (such as the existence of common random coins). One such widely-studied model is the general-omission model, which yields simple protocols with good efficiency, but has been considered impractical or unrealizable since it artificially limits the adversary only to omitting messages. In this work, we study the setting of a synchronous network wherein peer nodes have CPUs equipped with a recent trusted computing mechanism called Intel SGX. In this model, we observe that the byzantine adversary reduces to the adversary in the general-omission model. As a first result, we show that by leveraging SGX features, we eliminate any source of advantage for a byzantine adversary beyond that gained by omitting messages, making the general-omission model realizable. Second, we present new protocols that improve the communication complexity of two fundamental primitives reliable broadcast and common random coins (or beacons) over the best-known results in the synchronous general-omission model, by utilizing SGX features. Our evaluation of 1000 nodes running on 40 DeterLab machines confirms theoretical efficiency claim.

Category / Keywords: cryptographic protocols / Distributed systems, SGX, byzantine, reliable broadcast

Date: received 23 Feb 2017

Contact author: jiayaoqi at comp nus edu sg

Available format(s): PDF | BibTeX Citation

Version: 20170227:145349 (All versions of this report)

Short URL: ia.cr/2017/180

Discussion forum: Show discussion | Start new discussion


[ Cryptology ePrint archive ]