Paper 2024/1369

AGATE: Augmented Global Attested Trusted Execution in the Universal Composability framework

Lorenzo Martinico, University of Edinburgh, Input Output
Markulf Kohlweiss, University of Edinburgh, Input Output
Abstract

A Trusted Execution Environment (TEE) is a new type of security technology, implemented by CPU manufacturers, which guarantees integrity and confidentiality on a restricted execution environment to any remote verifier. TEEs are deployed on various consumer and commercial hardwareplatforms, and have been widely adopted as a component in the design of cryptographic protocols both theoretical and practical. Within the provable security community, the use of TEEs as a setup assumption has converged to a standard ideal definition in the Universal Composability setting ($G_\mathsf{att}$, defined by Pass et al., Eurocrypt '17). However, it is unclear whether any real TEE design can actually implement this, or whether the diverse capabilities of today's TEE implementations will in fact converge to a single standard. Therefore, it is necessary for cryptographers and protocol designers to specify what assumptions are necessary for the TEE they are using to support the correctness and security of their protocol. To this end, this paper provides a more careful treatment of trusted execution than the existing literature, focusing on the capabilities of enclaves and adversaries. Our goal is to provide meaningful patterns for comparing different classes of TEEs , particularly how a weaker TEE functionality can UC-emulate a stronger one given an appropriate mechanism to bridge the two. We introduce a new, ``modular'' definition of TEEsthat captures a broad range of pre-existing functionalities defined in the literature while maintaining their high level of abstraction. While our goal is not directly to model implementations of specific commercial TEE providers, our modular definition provides a way to capture more meaningful and realistic hardware capabilities. We provide a language to characterise TEE capabilities along the following terms: - a set of trusted features available to the enclave; - the set of allowed attacks for malicious interactions with the enclaves; - the contents of attestation signatures. We then define various possible ideal modular $G_\mathsf{att}$ functionality instantiations that capture existing variants in the literature, and provide generic constructions to implement stronger enclave functionalities from an existing setup. Finally, we conclude the paper with a simple example of how to protect against rollback attacks given access to a trusted storage feature.

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Preprint.
Keywords
Trusted Execution Environments (TEEs)Universal ComposabilityRemote AttestationSetup AssumptionsDefinitions
Contact author(s)
lorenzo martinico @ ed ac uk
markulf kohlweiss @ ed ac uk
History
2024-09-02: approved
2024-08-30: received
See all versions
Short URL
https://ia.cr/2024/1369
License
Creative Commons Attribution-ShareAlike
CC BY-SA

BibTeX

@misc{cryptoeprint:2024/1369,
      author = {Lorenzo Martinico and Markulf Kohlweiss},
      title = {{AGATE}: Augmented Global Attested Trusted Execution in the Universal Composability framework},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1369},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1369}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.