Formal Abstractions for Attested Execution Secure Processors View Full Text


Ontology type: schema:Chapter     


Chapter Info

DATE

2017-04-01

AUTHORS

Rafael Pass , Elaine Shi , Florian Tramèr

ABSTRACT

Realistic secure processors, including those built for academic and commercial purposes, commonly realize an “attested execution” abstraction. Despite being the de facto standard for modern secure processors, the “attested execution” abstraction has not received adequate formal treatment. We provide formal abstractions for “attested execution” secure processors and rigorously explore its expressive power. Our explorations show both the expected and the surprising.On one hand, we show that just like the common belief, attested execution is extremely powerful, and allows one to realize powerful cryptographic abstractions such as stateful obfuscation whose existence is otherwise impossible even when assuming virtual blackbox obfuscation and stateless hardware tokens. On the other hand, we show that surprisingly, realizing composable two-party computation with attested execution processors is not as straightforward as one might anticipate. Specifically, only when both parties are equipped with a secure processor can we realize composable two-party computation. If one of the parties does not have a secure processor, we show that composable two-party computation is impossible. In practice, however, it would be desirable to allow multiple legacy clients (without secure processors) to leverage a server’s secure processor to perform a multi-party computation task. We show how to introduce minimal additional setup assumptions to enable this. Finally, we show that fair multi-party computation for general functionalities is impossible if secure processors do not have trusted clocks. When secure processors have trusted clocks, we can realize fair two-party computation if both parties are equipped with a secure processor; but if only one party has a secure processor (with a trusted clock), then fairness is still impossible for general functionalities. More... »

PAGES

260-289

Book

TITLE

Advances in Cryptology – EUROCRYPT 2017

ISBN

978-3-319-56619-1
978-3-319-56620-7

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-319-56620-7_10

DOI

http://dx.doi.org/10.1007/978-3-319-56620-7_10

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1084764575


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0803", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Computer Software", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Cornell Tech, New York, USA", 
          "id": "http://www.grid.ac/institutes/None", 
          "name": [
            "Cornell Tech, New York, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Pass", 
        "givenName": "Rafael", 
        "id": "sg:person.011042626001.74", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011042626001.74"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Cornell University, Ithaca, USA", 
          "id": "http://www.grid.ac/institutes/grid.5386.8", 
          "name": [
            "Cornell University, Ithaca, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Shi", 
        "givenName": "Elaine", 
        "id": "sg:person.014706274717.52", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014706274717.52"
        ], 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "alternateName": "Stanford University, Stanford, USA", 
          "id": "http://www.grid.ac/institutes/grid.168010.e", 
          "name": [
            "Stanford University, Stanford, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Tram\u00e8r", 
        "givenName": "Florian", 
        "id": "sg:person.011125325553.13", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011125325553.13"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2017-04-01", 
    "datePublishedReg": "2017-04-01", 
    "description": "Realistic secure processors, including those built for academic and commercial purposes, commonly realize an \u201cattested execution\u201d abstraction. Despite being the de facto standard for modern secure processors, the \u201cattested execution\u201d abstraction has not received adequate formal treatment. We provide formal abstractions for \u201cattested execution\u201d secure processors and rigorously explore its expressive power. Our explorations show both the expected and the surprising.On one hand, we show that just like the common belief, attested execution is extremely powerful, and allows one to realize powerful cryptographic abstractions such as stateful obfuscation whose existence is otherwise impossible even when assuming virtual blackbox obfuscation and stateless hardware tokens. On the other hand, we show that surprisingly, realizing composable two-party computation with attested execution processors is not as straightforward as one might anticipate. Specifically, only when both parties are equipped with a secure processor can we realize composable two-party computation. If one of the parties does not have a secure processor, we show that composable two-party computation is impossible. In practice, however, it would be desirable to allow multiple legacy clients (without secure processors) to leverage a server\u2019s secure processor to perform a multi-party computation task. We show how to introduce minimal additional setup assumptions to enable this. Finally, we show that fair multi-party computation for general functionalities is impossible if secure processors do not have trusted clocks. When secure processors have trusted clocks, we can realize fair two-party computation if both parties are equipped with a secure processor; but if only one party has a secure processor (with a trusted clock), then fairness is still impossible for general functionalities.", 
    "editor": [
      {
        "familyName": "Coron", 
        "givenName": "Jean-S\u00e9bastien", 
        "type": "Person"
      }, 
      {
        "familyName": "Nielsen", 
        "givenName": "Jesper Buus", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-319-56620-7_10", 
    "inLanguage": "en", 
    "isAccessibleForFree": false, 
    "isPartOf": {
      "isbn": [
        "978-3-319-56619-1", 
        "978-3-319-56620-7"
      ], 
      "name": "Advances in Cryptology \u2013 EUROCRYPT 2017", 
      "type": "Book"
    }, 
    "keywords": [
      "two-party computation", 
      "secure processors", 
      "formal abstraction", 
      "multi-party computation", 
      "general functionality", 
      "computation tasks", 
      "legacy clients", 
      "setup assumptions", 
      "expressive power", 
      "execution processors", 
      "processors", 
      "execution", 
      "abstraction", 
      "computation", 
      "obfuscation", 
      "formal treatment", 
      "functionality", 
      "hardware", 
      "commercial purposes", 
      "task", 
      "fairness", 
      "parties", 
      "clients", 
      "clock", 
      "exploration", 
      "hand", 
      "standards", 
      "common belief", 
      "power", 
      "assumption", 
      "purpose", 
      "practice", 
      "existence", 
      "beliefs", 
      "treatment", 
      "Realistic secure processors", 
      "attested execution", 
      "modern secure processors", 
      "adequate formal treatment", 
      "powerful cryptographic abstractions", 
      "cryptographic abstractions", 
      "stateful obfuscation", 
      "virtual blackbox obfuscation", 
      "blackbox obfuscation", 
      "stateless hardware", 
      "multiple legacy clients", 
      "server\u2019s secure processor", 
      "multi-party computation task", 
      "minimal additional setup assumptions", 
      "additional setup assumptions", 
      "fair multi-party computation", 
      "Attested Execution Secure Processors", 
      "Execution Secure Processors"
    ], 
    "name": "Formal Abstractions for Attested Execution Secure Processors", 
    "pagination": "260-289", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1084764575"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-319-56620-7_10"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-319-56620-7_10", 
      "https://app.dimensions.ai/details/publication/pub.1084764575"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2021-12-01T19:59", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20211201/entities/gbq_results/chapter/chapter_185.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-319-56620-7_10"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-56620-7_10'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-56620-7_10'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-56620-7_10'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-319-56620-7_10'


 

This table displays all metadata directly associated to this object as RDF triples.

138 TRIPLES      23 PREDICATES      78 URIs      71 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-319-56620-7_10 schema:about anzsrc-for:08
2 anzsrc-for:0803
3 schema:author Nf93df94cf2d24be486b182c39184926b
4 schema:datePublished 2017-04-01
5 schema:datePublishedReg 2017-04-01
6 schema:description Realistic secure processors, including those built for academic and commercial purposes, commonly realize an “attested execution” abstraction. Despite being the de facto standard for modern secure processors, the “attested execution” abstraction has not received adequate formal treatment. We provide formal abstractions for “attested execution” secure processors and rigorously explore its expressive power. Our explorations show both the expected and the surprising.On one hand, we show that just like the common belief, attested execution is extremely powerful, and allows one to realize powerful cryptographic abstractions such as stateful obfuscation whose existence is otherwise impossible even when assuming virtual blackbox obfuscation and stateless hardware tokens. On the other hand, we show that surprisingly, realizing composable two-party computation with attested execution processors is not as straightforward as one might anticipate. Specifically, only when both parties are equipped with a secure processor can we realize composable two-party computation. If one of the parties does not have a secure processor, we show that composable two-party computation is impossible. In practice, however, it would be desirable to allow multiple legacy clients (without secure processors) to leverage a server’s secure processor to perform a multi-party computation task. We show how to introduce minimal additional setup assumptions to enable this. Finally, we show that fair multi-party computation for general functionalities is impossible if secure processors do not have trusted clocks. When secure processors have trusted clocks, we can realize fair two-party computation if both parties are equipped with a secure processor; but if only one party has a secure processor (with a trusted clock), then fairness is still impossible for general functionalities.
7 schema:editor N29ade95eb57a4a499c45007e82eb3157
8 schema:genre chapter
9 schema:inLanguage en
10 schema:isAccessibleForFree false
11 schema:isPartOf Na7788668b0cf4083be69bcc473152cac
12 schema:keywords Attested Execution Secure Processors
13 Execution Secure Processors
14 Realistic secure processors
15 abstraction
16 additional setup assumptions
17 adequate formal treatment
18 assumption
19 attested execution
20 beliefs
21 blackbox obfuscation
22 clients
23 clock
24 commercial purposes
25 common belief
26 computation
27 computation tasks
28 cryptographic abstractions
29 execution
30 execution processors
31 existence
32 exploration
33 expressive power
34 fair multi-party computation
35 fairness
36 formal abstraction
37 formal treatment
38 functionality
39 general functionality
40 hand
41 hardware
42 legacy clients
43 minimal additional setup assumptions
44 modern secure processors
45 multi-party computation
46 multi-party computation task
47 multiple legacy clients
48 obfuscation
49 parties
50 power
51 powerful cryptographic abstractions
52 practice
53 processors
54 purpose
55 secure processors
56 server’s secure processor
57 setup assumptions
58 standards
59 stateful obfuscation
60 stateless hardware
61 task
62 treatment
63 two-party computation
64 virtual blackbox obfuscation
65 schema:name Formal Abstractions for Attested Execution Secure Processors
66 schema:pagination 260-289
67 schema:productId N11885934a4d14bb5b17b771db301ab81
68 N1686b449ce29480eaff25b86b6c16b51
69 schema:publisher Na4980078f34349af81dec20f6a1726da
70 schema:sameAs https://app.dimensions.ai/details/publication/pub.1084764575
71 https://doi.org/10.1007/978-3-319-56620-7_10
72 schema:sdDatePublished 2021-12-01T19:59
73 schema:sdLicense https://scigraph.springernature.com/explorer/license/
74 schema:sdPublisher N7c3aca18725c4c6eb4d4e9174beb751b
75 schema:url https://doi.org/10.1007/978-3-319-56620-7_10
76 sgo:license sg:explorer/license/
77 sgo:sdDataset chapters
78 rdf:type schema:Chapter
79 N0b4fc14db8c04ac7962a7a2bb8af7f9a schema:familyName Coron
80 schema:givenName Jean-Sébastien
81 rdf:type schema:Person
82 N11885934a4d14bb5b17b771db301ab81 schema:name dimensions_id
83 schema:value pub.1084764575
84 rdf:type schema:PropertyValue
85 N1686b449ce29480eaff25b86b6c16b51 schema:name doi
86 schema:value 10.1007/978-3-319-56620-7_10
87 rdf:type schema:PropertyValue
88 N29ade95eb57a4a499c45007e82eb3157 rdf:first N0b4fc14db8c04ac7962a7a2bb8af7f9a
89 rdf:rest Nfa171ead87754ec59bc7ec4a7313003a
90 N36c7193d96f541c5b754977c4858d189 rdf:first sg:person.011125325553.13
91 rdf:rest rdf:nil
92 N5450e4b7adf646cf9923148acafe2bb3 schema:familyName Nielsen
93 schema:givenName Jesper Buus
94 rdf:type schema:Person
95 N69efcb77bfe44ed8b61d4b0a1c3b854f rdf:first sg:person.014706274717.52
96 rdf:rest N36c7193d96f541c5b754977c4858d189
97 N7c3aca18725c4c6eb4d4e9174beb751b schema:name Springer Nature - SN SciGraph project
98 rdf:type schema:Organization
99 Na4980078f34349af81dec20f6a1726da schema:name Springer Nature
100 rdf:type schema:Organisation
101 Na7788668b0cf4083be69bcc473152cac schema:isbn 978-3-319-56619-1
102 978-3-319-56620-7
103 schema:name Advances in Cryptology – EUROCRYPT 2017
104 rdf:type schema:Book
105 Nf93df94cf2d24be486b182c39184926b rdf:first sg:person.011042626001.74
106 rdf:rest N69efcb77bfe44ed8b61d4b0a1c3b854f
107 Nfa171ead87754ec59bc7ec4a7313003a rdf:first N5450e4b7adf646cf9923148acafe2bb3
108 rdf:rest rdf:nil
109 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
110 schema:name Information and Computing Sciences
111 rdf:type schema:DefinedTerm
112 anzsrc-for:0803 schema:inDefinedTermSet anzsrc-for:
113 schema:name Computer Software
114 rdf:type schema:DefinedTerm
115 sg:person.011042626001.74 schema:affiliation grid-institutes:None
116 schema:familyName Pass
117 schema:givenName Rafael
118 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011042626001.74
119 rdf:type schema:Person
120 sg:person.011125325553.13 schema:affiliation grid-institutes:grid.168010.e
121 schema:familyName Tramèr
122 schema:givenName Florian
123 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.011125325553.13
124 rdf:type schema:Person
125 sg:person.014706274717.52 schema:affiliation grid-institutes:grid.5386.8
126 schema:familyName Shi
127 schema:givenName Elaine
128 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.014706274717.52
129 rdf:type schema:Person
130 grid-institutes:None schema:alternateName Cornell Tech, New York, USA
131 schema:name Cornell Tech, New York, USA
132 rdf:type schema:Organization
133 grid-institutes:grid.168010.e schema:alternateName Stanford University, Stanford, USA
134 schema:name Stanford University, Stanford, USA
135 rdf:type schema:Organization
136 grid-institutes:grid.5386.8 schema:alternateName Cornell University, Ithaca, USA
137 schema:name Cornell University, Ithaca, USA
138 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...