A blockchain-based platform for decentralized trusted computing
Tóm tắt
Security and availability are crucial for users who outsource computational tasks to remote servers. However, computation services provided by cloud platforms suffer outage risks, potential enforced censorship, and network latency problems due to the centralized architecture, also having monopolistic service prices.We proposed a decentralized platform for outsourced trusted computing. Compared with prior works, our platform works autonomously based on a public blockchain without reliance on a trusted third party. The platform is open and public for computation nodes of Trusted Execution Environments (TEE) to join and provide trusted computing services out of financial incentives. Moreover, we designed a novel protocol, named b-DTC. First, it prevents free-riding behaviors against users and prevents false reporting against computing nodes. Second, it supports real-time multi-round off-chain trusted computing in a pay-as-you-go manner, such that the performance of outsourced computing is not limited by the underlying blockchain. Third, for an incentive of high reliability and availability, it trustworthily measures the liveness, workload, and performance of the nodes and uses the measurement information to calculate the nodes’ reputation. We analyzed and proved the security of our protocol. Extensive experiments are conducted based on two real-world scenarios: a clinical self-diagnosis system and an outsourced genetic testing application. Experimental results show that our system is feasible and the cost of introducing blockchain and TEE into our system is acceptable: Only takes about 20 seconds more than that of a cloud to finish a task that provides trusted service for 1000 users; The off-chain computing cost in our system is only about 20% more than that of the cloud.
Từ khóa
Tài liệu tham khảo
Shi W, Cao J, Zhang Q, Li Y, Xu L (2016) Edge computing: vision and challenges. IEEE Internet Things J 3(5):637–646
Maller M, Bowe S, Kohlweiss M, Meiklejohn S (2019) Sonic: zero-knowledge SNARKs from linear-size universal and updatable structured reference strings. In: Proceedings of the 2019 ACM SIGSAC conference on computer and communications security, pp 2111–2128
Zhao C, Zhao S, Zhao M, Chen Z, Gao CZ, Li H, Tan YA (2019) Secure multi-party computation: theory, practice and applications. Inf Sci 476:357–372
Acar A, Aksu H, Uluagac AS, Conti M (2018) A survey on homomorphic encryption schemes: theory and implementation. ACM Comput Surv (Csur) 51(4):1–35
Canetti R, Riva B, Rothblum GN (2011) Practical delegation of computation using multiple servers. In: Proceedings of the 18th ACM conference on computer and communications security, pp 445–454
Sabt M, Achemlal M, Bouabdallah A (2015) Trusted execution environment: what it is, and what it is not. In 2015 IEEE Trustcom/BigDataSE/ISPA, vol 1, pp 57–64. IEEE
Al-Bassam M, Sonnino A, Król, M, Psaras I (2018) Airtnt: fair exchange payment for outsourced secure enclave computations. In: Proceedings of ACM conference (Conference’17). ACM, New York, USA, pp 12
Dang H, Tien DL, Chang EC (2019) Towards a marketplace for secure outsourced computations. European symposium on research in computer security. Springer, Cham, pp 790–808
Gupta BB, Li KC, Leung VC, Psannis KE, Yamaguchi S (2021) Blockchain-assisted secure fine-grained searchable encryption for a cloud-based healthcare cyber-physical system. IEEE/CAA J Autom Sin 8(12):1877–1890
Lu J, Shen J, Vijayakumar P, Gupta BB (2021) Blockchain-based secure data storage protocol for sensors in the industrial Internet of Things. IEEE Trans Ind Inform 18(8):5422–5431
Zhou Z, Wang M, Ni Z, Xia Z, Gupta BB (2021) Reliable and sustainable product evaluation management system based on blockchain. In: IEEE Transactions on engineering management, pp 1–13. https://doi.org/10.1109/TEM.2021.3131583
Esposito C, Ficco M, Gupta BB (2021) Blockchain-based authentication and authorization for smart city applications. Inf Process Manage 58(2):102468
Intel and NeuLion Bring Secure, 4K UHD Sports Streaming to Computers, Intel Newsroom (2024) [Online]. available: https://newsroom.intel.com/news/intel-neulion-bring-secure-4k-uhd-sports-streaming-computers
Russinovich M, Ashton E, Avanessians C, Castro M, Chamayou A, Clebsch S, Costa M, Fournet C, Kerner M, Krishna S, Maffre J (2019) CCF: a framework for building confidential verifiable replicated services. Technical report, Microsoft Research and Microsoft Azure
Dinh Ngoc T, Bui B, Bitchebe S, Tchana A, Schiavoni V, Felber P, Hagimont D (2019) Everything you should know about Intel SGX performance on virtualized systems. Proc ACM on Measure Anal Comput Syst 3(1):1–21
Schuster F, Costa M, Fournet C, Gkantsidis C, Peinado M, Mainar-Ruiz G, Russinovich M (2015) Vc3: trustworthy data analytics in the cloud using SGX. In: 2015 IEEE Symposium on security and privacy. SAN JOSE: ieeexplore.ieee.org, pp 38-54
Cheng R, Zhang F, Kos J, He W, Hynes N, Johnson N, Juels A, Miller A, Song D (2019) Ekiden: a platform for confidentiality-preserving, trustworthy, and performant smart contracts. In: 2019 IEEE European symposium on security and privacy (EuroS &P), pp 185–200. IEEE
Das P, Eckey L, Frassetto T, Gens D, Hostáková K, Jauernig P, Faust S, Sadeghi AR (2019) FastKitten: practical smart contracts on bitcoin. In: 28th USENIX security symposium (USENIX security 19), pp 801–818
Lind J, Naor O, Eyal I, Kelbert F, Sirer EG, Pietzuch P (2019) Teechain: a secure payment network with asynchronous blockchain access. In: Proceedings of the 27th ACM symposium on operating systems principles, pp 63–79
Costan V, Devadas S (2016) Intel SGX Explained. IACR Cryptology ePrint Archive 2016(086):1–118
Data-in-Use Protection on IBM Cloud Kubernetes Service Using Intel SGX (2024) [Online]. available: https://www.ibm.com/cloud/blog/data-in-use-protection-on-ibm-cloud-kubernetes-service-using-intel-sgx
Azure confidential computing (2024) [Online]. available: https://azure.microsoft.com/en-us/blog/azure-confidential-computing
Porter N, Garms J, Simakov S (2018) Introducing Asylo: an open-source framework for confidential computing. [Online]. available: https://asylo.dev
Dang H, Dinh TTA, Loghin D, Chang EC, Lin Q, Ooi BC (2019) Towards scaling blockchain systems via sharding. In: Proceedings of the 2019 international conference on management of data, pp 123–140
Szabo N (1997) Formalizing and Securing Relationships on Public Networks, First Monday, 2(9).https://doi.org/10.5210/fm.v2i9.548
Xu C, Zhang C, Xu J, Pei J (2021) SlimChain: scaling blockchain transactions through off-chain storage and parallel processing. Proc VLDB Endowment 14(11):2314–2326
Trusted platform module (tpm) specifications (2024) [Online]. available: https://trustedcomputinggroup.org/resource/tpm-library-specification
Brickell E, Camenisch J, Chen L (2004) Direct anonymous attestation. In: Proceedings of the 11th ACM conference on computer and communications security, pp 132–145
Zhang F, Eyal I, Escriva R, Juels A, Van Renesse R (2017) REM: Resource-efficient mining for blockchains. In: 26th USENIX security symposium (USENIX Security 17) pp 1427–1444
Dziembowski S, Eckey L, Faust S, Malinowski D (2019) Perun: virtual payment hubs over cryptocurrencies. In 2019 IEEE symposium on security and privacy (SP), pp 106–123. IEEE
Dziembowski S, Eckey L, Faust S (2018) Fairswap: how to fairly exchange digital goods. In: Proceedings of the 2018 ACM SIGSAC conference on computer and communications security, pp 967–984
Baumann A, Peinado M, Hunt G (2015) Shielding applications from an untrusted cloud with haven. ACM Trans Comput Syst (TOCS) 33(3):1–26
Chen F, Wang C, Dai W, Jiang X, Mohammed N, Al Aziz MM, Sadat MN, Sahinalp C, Lauter K, Wang S (2017) Presage: privacy-preserving genetic testing via software guard extension. BMC Med Genet 10(2):77–85
Liu X, Lu R, Ma J, Chen L, Qin B (2015) Privacy-preserving patient-centric clinical decision support system on naive Bayesian classification. IEEE J Biomed Health Inform 20(2):655–68
Jiang Y, Hamer J, Wang C, Jiang X, Kim M, Song Y, Wang S (2018) SecureLR: secure logistic regression model via a hybrid cryptographic protocol. IEEE/ACM Trans Comput Biol Bioinforma 16(1):113–123
Sadat MN, Al Aziz MM, Mohammed N, Chen F, Jiang X, Wang S (2018) Safety: secure gwas in federated environment through a hybrid solution. IEEE/ACM Trans Comput Biol Bioinforma 16(1):93–102
Ohrimenko O, Schuster F, Fournet C, Mehta A, Nowozin S, Vaswani K, Costa M (2016) Oblivious multi-party machine learning on trusted processors. In: 25th USENIX security symposium (USENIX security 16), pp 619–636
Müller C, Brandenburger M, Cachin C, Felber P, Göttel C, Schiavoni V (2020) TZ4Fabric: executing Smart Contracts with ARM TrustZone:(Practical Experience Report). In 2020 International symposium on reliable distributed systems (SRDS), pp 31–40. IEEE
Costan V, Lebedev I, Devadas S (2016) Sanctum: minimal hardware extensions for strong software isolation. In: 25th USENIX security symposium (USENIX security 16), pp 857–874
Breast Cancer Wisconsin (Original) Data Set (2024) [Online]. available: https://archive.ics.uci.edu/ml/datasets/Breast+Cancer+Wisconsin+%28Original%29
Gilad Y, Hemo R, Micali S, Vlachos G, Zeldovich N (2017) Algorand: scaling byzantine agreements for cryptocurrencies. In: Proceedings of the 26th symposium on operating systems principles, pp 51–68
Bagaria V, Kannan S, Tse D, Fanti G, Viswanath P (2019) Prism: deconstructing the blockchain to approach physical limits. In: Proceedings of the 2019 ACM SIGSAC conference on computer and communications security, pp 585–602
Dang H, Dinh TTA, Loghin D, Chang E-C, Lin Q, Ooi BC (2019) Towards scaling blockchain systems via sharding. In: Proceedings of the 2019 international conference on management of data, pp 123–140
Kiayias A, Russell A, David B, Oliynykov R (2017) Ouroboros: a provably secure proof-of-stake blockchain protocol. In: Annual international cryptology conference, pp 357–388. Springer
Golem white paper (2024) [Online]. available: https://whitepaper.io/document/21/golem-whitepaper
FileCoin: a decentralized storage network (2024) [Online]. available: https://filecoin.io/filecoin.pdf