Paper 2017/048

ROTE: Rollback Protection for Trusted Execution

Sinisa Matetic, Mansoor Ahmed, Kari Kostiainen, Aritra Dhar, David Sommer, Arthur Gervais, Ari Juels, and Srdjan Capkun

Abstract

Security architectures such as Intel SGX need protection against rollback attacks, where the adversary violates the integrity of a protected application state by replaying old persistently stored data or by starting multiple application instances. Successful rollback attacks have serious consequences on applications such as financial services. In this paper, we propose a new approach for rollback protection on SGX. The intuition behind our approach is simple. A single platform cannot efficiently prevent rollback, but in many practical scenarios, multiple processors can be enrolled to assist each other. We design and implement a rollback protection system called ROTE that realizes integrity protection as a distributed system. We construct a model that captures adversarial ability to schedule enclave execution and show that our solution achieves a strong security property: the only way to violate integrity is to reset all participating platforms to their initial state. We implement ROTE and demonstrate that distributed rollback protection can provide significantly better performance than previously known solutions based on local non-volatile memory.

Note: Paper update; 12.02.2017

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Minor revision. Usenix Security 2017
Keywords
SGXRollback protectionDistributed systemState protectionTEETrusted Execution
Contact author(s)
sinisa matetic @ inf ethz ch
History
2017-06-29: last of 2 revisions
2017-01-24: received
See all versions
Short URL
https://ia.cr/2017/048
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2017/048,
      author = {Sinisa Matetic and Mansoor Ahmed and Kari Kostiainen and Aritra Dhar and David Sommer and Arthur Gervais and Ari Juels and Srdjan Capkun},
      title = {{ROTE}: Rollback Protection for Trusted Execution},
      howpublished = {Cryptology {ePrint} Archive, Paper 2017/048},
      year = {2017},
      url = {https://eprint.iacr.org/2017/048}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.