Paper 2023/761

Nimble: Rollback Protection for Confidential Cloud Services (extended version)

Sebastian Angel
Aditya Basu
Weidong Cui
Trent Jaeger
Stella Lau
Srinath Setty, Microsoft Research
Sudheesh Singanamalla
Abstract

This paper introduces Nimble, a cloud service that helps applications running in trusted execution environments (TEEs) to detect rollback attacks (i.e., detect whether a data item retrieved from persistent storage is the latest version). To achieve this, Nimble realizes an append-only ledger service by employing a simple state machine running in a TEE in conjunction with a crash fault-tolerant storage service. Nimble then replicates this trusted state machine to ensure the system is available even if a minority of state machines crash. A salient aspect of Nimble is a new reconfiguration protocol that allows a cloud provider to replace the set of nodes running the trusted state machine whenever it wishes—without affecting safety. We have formally verified Nimble’s core protocol in Dafny, and have implemented Nimble such that its trusted state machine runs in multiple TEE platforms (Intel SGX and AMD SNP-SEV). Our results show that a deployment of Nimble on machines running in different availability zones can achieve from tens of thousands of requests/sec with an end-to-end latency of under 3.2 ms (based on an in-memory key-value store) to several thousands of requests/sec with a latency of 30ms (based on Azure Table).

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. USENIX OSDI
Keywords
confidential computingrollback protection
Contact author(s)
srinath @ microsoft com
History
2023-05-30: approved
2023-05-25: received
See all versions
Short URL
https://ia.cr/2023/761
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/761,
      author = {Sebastian Angel and Aditya Basu and Weidong Cui and Trent Jaeger and Stella Lau and Srinath Setty and Sudheesh Singanamalla},
      title = {Nimble: Rollback Protection for Confidential Cloud Services (extended version)},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/761},
      year = {2023},
      url = {https://eprint.iacr.org/2023/761}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.