We show that under an attested execution setup G_att we can realise cryptographic functionalities that are unrealizable in the standard model. We propose a new primitive of Functional Encryption for Stateful and Randomised functionalities (FESR) and an associated protocol, Steel, that realizes it. We show that Steel UC-realises FESR in the universal composition with global subroutines model (TCC 2020). Our work is also a validation of the compositionality of earlier work (Iron), CCS 2017) capturing (non-stateful) hardware-based functional encryption.
As the existing functionality for attested execution of Pass et al. (Eurocrypt 2017) is too strong for real world use, we propose a weaker functionality that allows the adversary to conduct rollback and forking attacks. We show that the stateful variant of Steel, contrary to the stateless variant corresponding to Iron, is not secure in this setting and propose several mitigation techniques.
Category / Keywords: Trusted Execution Environments, Universal Composition, UC, Functional Encryption Original Publication (in the same form): IACR-PKC-2021 Date: received 3 Mar 2021, last revised 7 Apr 2021 Contact author: pramod bhatotia at gmail com, mkohlwei@ed ac uk, lorenzo martinico@ed ac uk, tselekounis@sians org Available format(s): PDF | BibTeX Citation Version: 20210407:130551 (All versions of this report) Short URL: ia.cr/2021/269