More Web Proxy on the site http://driver.im/

research-article

Open access

Reflections on trusting distributed trust

Authors:

Emma Dauterman,

Natacha Crooks,

Raluca Ada PopaAuthors Info & Claims

HotNets '22: Proceedings of the 21st ACM Workshop on Hot Topics in Networks

Pages 38 - 45

https://doi.org/10.1145/3563766.3564089

Published: 14 November 2022 Publication History

Abstract

Many systems today distribute trust across multiple parties such that the system provides certain security properties if a subset of the parties are honest. In the past few years, we have seen an explosion of academic and industrial cryptographic systems built on distributed trust, including secure multi-party computation applications (e.g., private analytics, secure learning, and private key recovery) and blockchains. These systems have great potential for improving security and privacy, but face a significant hurdle on the path to deployment. We initiate study of the following problem: a single organization is, by definition, a single party, and so how can a single organization build a distributed-trust system where corruptions are independent? We instead consider an alternative formulation of the problem: rather than ensuring that a distributed-trust system is set up correctly by design, what if instead, users can audit a distributed-trust deployment? We propose a framework that enables a developer to efficiently and cheaply set up any distributed-trust system in a publicly auditable way. To do this, we identify two application-independent building blocks that we can use to bootstrap arbitrary distributed-trust applications: secure hardware and an append-only log. We show how to leverage existing implementations of these building blocks to deploy distributed-trust systems, and we give recommendations for infrastructure changes that would make it easier to deploy distributed-trust systems in the future.

References

[1]

John Aas. Project update and new name for ISRG Prio services: Introducing Divvi Up, 2021. https://divviup.org/blog/prio-services-update/.

[2]

Mustafa Al-Bassam and Sarah Meiklejohn. Contour: A practical system for binary transparency. In DPM/CBT@ESORICS, 2018.

[3]

Alchemy. https://www.alchemy.com/.

[4]

Amazon Web Services. Aws nitro enclaves. https://aws.amazon.com/ec2/nitro/nitro-enclaves/.

[5]

Michael P Andersen, Sam Kumar, Moustafa AbdelBaky, Gabe Fierro, John Kolb, Hyung-Sin Kim, David E Culler, and Raluca Ada Popa. WAVE: A decentralized authorization framework with transitive delegation. In USENIX Security, 2019.

[6]

Elli Androulaki, Artem Barger, Vita Bortnikov, Christian Cachin, Konstantinos Christidis, Angelo De Caro, David Enyeart, Christopher Ferris, Gennady Laventman, Yacov Manevich, et al. Hyperledger fabric: a distributed operating system for permissioned blockchains. In EuroSys, 2018.

Digital Library

[7]

Apple and Google. Exposure notification privacy-preserving analytics (ENPA) white paper, 2021. https://covid19-static.cdn-apple.com/applications/covid19/current/static/contact-tracing/pdf/ENPA_White_Paper.pdf.

[8]

Mathieu Baudet, Avery Ching, Andrey Chursin, George Danezis, François Garillot, Zekun Li, Dahlia Malkhi, Oded Naor, Dmitri Perelman, and Alberto Sonnino. State machine replication in the libra blockchain. The Libra Assn., Tech. Rep, 2019.

[9]

Michael Ben-Or, Shafi Goldwasser, and Avi Wigderson. Completeness theorems for non-cryptographic fault-tolerant distributed computation. In STOC, 1988.

Digital Library

[10]

Blockdaemon. https://blockdaemon.com/.

[11]

Dan Boneh, Elette Boyle, Henry Corrigan-Gibbs, Niv Gilboa, and Yuval Ishai. Lightweight techniques for private heavy hitters. In IEEE S&P, 2021.

[12]

Dan Boneh, Ben Lynn, and Hovav Shacham. Short signatures from the weil pairing. In ASIACRYPT, 2001.

Digital Library

[13]

Thomas Bourgeat, Ilia Lebedev, Andrew Wright, Sizhuo Zhang, and Srinivas Devadas. MI6: Secure enclaves in a speculative out-of-order processor. In IEEE/ACM MICRO, 2019.

Digital Library

[14]

Ferdinand Brasser, Urs Müller, Alexandra Dmitrienko, Kari Kostiainen, Srdjan Capkun, and Ahmad-Reza Sadeghi. Software grand exposure: SGX cache attacks are practical. In USENIX WOOT, 2017.

[15]

Miguel Castro, Barbara Liskov, et al. Practical byzantine fault tolerance. In OSDI, 1999.

Digital Library

[16]

Melissa Chase, Apoorvaa Deshpande, Esha Ghosh, and Harjasleen Malvai. Seemless: Secure end-to-end encrypted messaging with less trust. In CCS, 2019.

[17]

David Chaum. The dining cryptographers problem: Unconditional sender and recipient untraceability. Journal of cryptology, 1(1):65--75, 1988.

[18]

Guoxing Chen, Sanchuan Chen, Yuan Xiao, Yinqian Zhang, Zhiqiang Lin, and Ten H Lai. SGXPECTRE: Stealing Intel secrets from SGX enclaves via speculative execution. In IEEE EuroS&P, 2019.

[19]

Henry Corrigan-Gibbs and Dan Boneh. Prio: Private, robust, and scalable computation of aggregate statistics. In NSDI, 2017.

[20]

Henry Corrigan-Gibbs, Dan Boneh, and David Mazières. Riposte: An anonymous messaging system handling millions of users. In IEEE S&P, 2015.

[21]

Victor Costan, Ilia Lebedev, and Srinivas Devadas. Sanctum: Minimal hardware extensions for strong software isolation. In USENIX Security, 2016.

[22]

Emma Dauterman, Henry Corrigan-Gibbs, and David Mazières. SafetyPin: Encrypted backups with Human-Memorable secrets. In OSDI, 2020.

[23]

Emma Dauterman, Eric Feng, Ellen Luo, Raluca Ada Popa, and Ion Stoica. DORY: An encrypted search system with distributed trust. In OSDI, 2020.

[24]

Emma Dauterman, Mayank Rathee, Raluca Ada Popa, and Ion Stoica. Waldo: A private time-series database from function secret sharing. In IEEE S&P, 2022.

[25]

Sisi Duan, Sean Peisert, and Karl N Levitt. hbft: speculative byzantine fault tolerance with minimum cost. IEEE Transactions on Dependable and Secure Computing, 2014.

[26]

Emscripten. https://emscripten.org.

[27]

Steven Englehardt. Next steps in privacy-preserving telemetry with Prio, 2019. https://blog.mozilla.org/security/2019/06/06/next-steps-in-privacy-preserving-telemetry-with-prio/.

[28]

Saba Eskandarian, Henry Corrigan-Gibbs, Matei Zaharia, and Dan Boneh. Express: Lowering the cost of metadata-hiding communication with cryptographic privacy. In USENIX Security, 2021.

[29]

Figment. https://www.figment.io/.

[30]

Fireblocks. https://www.fireblocks.com/platforms/mpc-wallet/.

[31]

Gemini. Cold storage, keys & crypto: How Gemini keeps assets safe. https://www.gemini.com/blog/cold-storage-keys-crypto-how-gemini-keeps-assets-safe.

[32]

Tim Geoghegan. Exposure notifications private analytics: Lessons learned from running secure MPC at scale, 2022. https://divviup.org/blog/lessons-from-running-mpc-at-scale/.

[33]

Tim Geoghegan, Mariana Raykova, and Frederic Jacobs. Exposure notifications private analytics. In Real World Crypto, 2022.

[34]

Oded Goldreich, Silvio Micali, and Avi Wigderson. How to play any mental game, or a completeness theorem for protocols with honest majority. In STOC. 1987.

[35]

Daniel Gruss, Moritz Lipp, Michael Schwarz, Daniel Genkin, Jonas Juffinger, Sioli O'Connell, Wolfgang Schoechl, and Yuval Yarom. Another flip in the wall of rowhammer defenses. In IEEE S&P, 2018.

[36]

Rachid Guerraoui, Nikola Knežević, Vivien Quéma, and Marko Vukolić. The next 700 BFT protocols. In EuroSys, 2010.

Digital Library

[37]

Guy Golan Gueta, Ittai Abraham, Shelly Grossman, Dahlia Malkhi, Benny Pinkas, Michael Reiter, Dragos-Adrian Seredinschi, Orr Tamir, and Alin Tomescu. Sbft: a scalable and decentralized trust infrastructure. In IEEE DSN, 2019.

[38]

Trinabh Gupta, Natacha Crooks, Whitney Mulhern, Srinath Setty, Lorenzo Alvisi, and Michael Walfish. Scalable and private media consumption with Popcorn. In NSDI, 2016.

[39]

Marcus Hähnel, Weidong Cui, and Marcus Peinado. High-resolution side channels for untrusted operating systems. In USENIX ATC, 2017.

[40]

Benjamin Hof and Georg Carle. Software distribution transparency and auditability. arXiv preprint arXiv:1711.07278, 2017.

[41]

Yuncong Hu, Kian Hooshmand, Harika Kalidhindi, Seung Jin Yang, and Raluca Ada Popa. Merkle²: A low-latency transparency log system. In IEEE S&P, 2021.

[42]

ISRG. Introducing ISRG Prio services for privacy respecting metrics. https://www.abetterinternet.org/post/introducing-prio-services/.

[43]

Abhinav Jangda, Bobby Powers, Emery D Berger, and Arjun Guha. Not so fast: Analyzing the performance of WebAssembly vs. native code. In USENIX ATC, 2019.

[44]

Eric Kinnear, Patrick McManus, Tommy Pauly, and Christopher A Wood. Oblivious DNS over HTTPS. Internet Engineering Task Force, Internet-Draft, 2021. https://www.ietf.org/archive/id/draft-pauly-dprive-oblivious-doh-04.html.

[45]

Knox. Knox custody. https://www.knoxcustody.com/security.

[46]

Dmitry Kogan and Henry Corrigan-Gibbs. Private blocklist lookups with checklist. In USENIX Security, 2021.

[47]

Ramakrishna Kotla, Lorenzo Alvisi, Mike Dahlin, Allen Clement, and Edmund Wong. Zyzzyva: Speculative byzantine fault tolerance. ACM TOCS, 2010.

[48]

Albert Kwon, Henry Corrigan-Gibbs, Srinivas Devadas, and Bryan Ford. Atom: Horizontally scaling strong anonymity. In SOSP, 2017.

[49]

Albert Hyukjae Kwon, David Lazar, Srinivas Devadas, and Bryan Ford. Riffle: An efficient communication system with strong anonymity. In PoPETs, 2016.

[50]

Leslie Lamport. Byzantizing Paxos by refinement. In International symposium on distributed computing. Springer, 2011.

[51]

Adam Langley, Emilia Kasper, and Ben Laurie. Certificate transparency. Internet Engineering Task Force, 2013. https://tools.ietf.org/html/rfc6962.

[52]

Dayeol Lee, Dongha Jung, Ian T Fang, Chia-Che Tsai, and Raluca Ada Popa. An off-chip attack on hardware enclaves via the memory bus. In USENIX Security, 2020.

[53]

Dayeol Lee, David Kohlbrenner, Shweta Shinde, Krste Asanović, and Dawn Song. Keystone: An open framework for architecting trusted execution environments. In EuroSys. ACM, 2020.

Digital Library

[54]

Sangho Lee, Ming-Wei Shih, Prasun Gera, Taesoo Kim, Hyesoon Kim, and Marcus Peinado. Inferring fine-grained control flow inside SGX enclaves with branch shadowing. In USENIX Security, 2017.

[55]

libBLS: a C++ library for BLS threshold signatures. https://github.com/skalenetwork/libBLS.

[56]

Dahlia Malkhi, Kartik Nayak, and Ling Ren. Flexible byzantine fault tolerance. In SIGSAC, 2019.

Digital Library

[57]

Frank McKeen, Ilya Alexandrovich, Alex Berenzon, Carlos V Rozas, Hisham Shafi, Vedvyas Shanbhogue, and Uday R Savagaonkar. Innovative instructions and software model for isolated execution. 2013.

Digital Library

[58]

Marcela S Melara, Aaron Blankstein, Joseph Bonneau, Edward W Felten, and Michael J Freedman. CONIKS: Bringing key transparency to end users. In USENIX Security, 2015.

[59]

Ahmad Moghimi, Gorka Irazoqui, and Thomas Eisenbarth. Cachezoom: How SGX amplifies the power of cache attacks. In CHES, 2017.

[60]

Graham Mudd. Privacy-enhancing technologies and building for the future, 2022. https://www.facebook.com/business/news/building-for-the-future.

[61]

Kirill Nikitin, Eleftherios Kokoris-Kogias, Philipp Jovanovic, Nicolas Gailly, Linus Gasser, Ismail Khoffi, Justin Cappos, and Bryan Ford. CHAINIAC: Proactive Software-Update transparency via collectively signed skipchains and verified builds. In USENIX Security, 2017.

[62]

Node.js. https://nodejs.org.

[63]

Paxos. https://paxos.com/crypto-brokerage/.

[64]

Rishabh Poddar, Sukrit Kalra, Avishay Yanai, Ryan Deng, Raluca Ada Popa, and Joseph M Hellerstein. Senate: A maliciously-secure MPC platform for collaborative analytics. In USENIX Security, 2021.

[65]

Hany Ragab, Alyssa Milburn, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida. Crosstalk: Speculative data leaks across cores are real. In IEEE S&P, 2021.

[66]

James Reyes. Building the next generation of digital advertising with mpc. In Real World Crypto, 2022. https://iacr.org/submit/files/slides/2022/rwc/rwc2022/104/slides.pdf.

[67]

Riddle and code. https://www.riddleandcode.com/blog-posts/hardware-security-modules-vs-secure-multi-party-computation-in-digital-asset-custody.

[68]

Michael Schwarz, Moritz Lipp, Daniel Moghimi, Jo Van Bulck, Julian Stecklina, Thomas Prescher, and Daniel Gruss. ZombieLoad: Cross-privilege-boundary data sampling. In CCS, 2019.

[69]

Michael Schwarz, Samuel Weiser, Daniel Gruss, Clémentine Maurice, and Stefan Mangard. Malware guard extension: Using SGX to conceal cache attacks. In DIMVA. Springer, 2017.

[70]

Sepior. https://sepior.com/products/advanced-mpc-wallet.

[71]

Adi Shamir. How to share a secret. Communications of the ACM, 22(11):612--613, 1979.

Digital Library

[72]

Sudheesh Singanamalla, Suphanat Chunhapanya, Marek Vavruša, Tanya Verma, Peter Wu, Marwan Fayed, Kurtis Heimerl, Nick Sullivan, and Christopher Wood. Oblivious DNS over HTTPS (ODoH): A practical privacy enhancement to DNS. PoPETs, 2021.

[73]

Alin Tomescu, Vivek Bhupatiraju, Dimitrios Papadopoulos, Charalampos Papamanthou, Nikos Triandopoulos, and Srinivas Devadas. Transparency logs via append-only authenticated dictionaries. In CCS, 2019.

[74]

Trillian. https://github.com/google/trillian.

[75]

Unbound Security. The Unbound CORE MPC key vault.

[76]

Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F Wenisch, Yuval Yarom, and Raoul Strackx. Foreshadow: Extracting the keys to the Intel SGX kingdom with transient out-of-order execution. In USENIX Security, 2018.

[77]

Jo Van Bulck, Daniel Moghimi, Michael Schwarz, Moritz Lipp, Marina Minkin, Daniel Genkin, Yarom Yuval, Berk Sunar, Daniel Gruss, and Frank Piessens. LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection. In IEEE S&P, 2020.

[78]

Jo Van Bulck, Nico Weichbrodt, Rüdiger Kapitza, Frank Piessens, and Raoul Strackx. Telling your secrets without page faults: Stealthy page table-based attacks on enclaved execution. In USENIX Security, 2017.

[79]

Stephan Van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Giorgi Maisuradze, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida. RIDL: Rogue in-flight data load. In IEEE S&P, 2019.

[80]

Stephan van Schaik, Marina Minkin, Andrew Kwong, Daniel Genkin, and Yuval Yarom. CacheOut: Leaking data on Intel CPUs via cache evictions. In IEEE S&P, 2021.

[81]

Tanya Verma and Sudheesh Signanamalla. Improving DNS privacy with oblivious DoH in 1.1.1.1, 2020. https://blog.cloudflare.com/oblivious-dns/.

[82]

Frank Wang, Catherine Yun, Shafi Goldwasser, Vinod Vaikuntanathan, and Matei Zaharia. Splinter: Practical private queries on public data. In NSDI, 2017.

[83]

WebAssembly. https://webassembly.org.

[84]

David Isaac Wolinsky, Henry Corrigan-Gibbs, Bryan Ford, and Aaron Johnson. Dissent in numbers: Making strong anonymity scale. In OSDI, 2012.

Digital Library

[85]

Yuanzhong Xu, Weidong Cui, and Marcus Peinado. Controlled-channel attacks: Deterministic side channels for untrusted operating systems. In IEEE S&P, 2015.

[86]

Andrew C Yao. Protocols for secure computations. In SFCS, 1982.

Digital Library

[87]

Bennet Yee, David Sehr, Gregory Dardyk, J Bradley Chen, Robert Muth, Tavis Ormandy, Shiki Okasaka, Neha Narula, and Nicholas Fullagar. Native client: A sandbox for portable, untrusted x86 native code. In IEEE S&P, 2009.

[88]

Maofan Yin, Dahlia Malkhi, Michael K Reiter, Guy Golan Gueta, and Ittai Abraham. Hotstuff: BFT consensus with linearity and responsiveness. In ACM PODC, 2019.

Cited By

Brito ECastillo FPullonen-Raudvere PWerner S(2025)TrustOps: Continuously Building Trustworthy SoftwareEnterprise Design, Operations, and Computing. EDOC 2024 Workshops10.1007/978-3-031-79059-1_4(53-67)Online publication date: 9-Feb-2025
https://doi.org/10.1007/978-3-031-79059-1_4
Connell GFang VSchmidt RDauterman EPopa RGavrilovska ATerry D(2024)Secret key recovery in a global-scale end-to-end encryption systemProceedings of the 18th USENIX Conference on Operating Systems Design and Implementation10.5555/3691938.3691976(703-719)Online publication date: 10-Jul-2024
https://dl.acm.org/doi/10.5555/3691938.3691976
Huang CShen XHuang CShen X(2024)IntroductionDecentralized Privacy Preservation in Smart Cities10.1007/978-3-031-54075-2_1(1-14)Online publication date: 25-Jan-2024
https://doi.org/10.1007/978-3-031-54075-2_1
Show More Cited By

Index Terms

Reflections on trusting distributed trust
1. Security and privacy
  1. Systems security
    1. Distributed systems security

Recommendations

Hybrid-secure MPC: trading information-theoretic robustness for computational privacy
PODC '10: Proceedings of the 29th ACM SIGACT-SIGOPS symposium on Principles of distributed computing

Most protocols for distributed, fault-tolerant computation, or multi-party computation (MPC), provide security guarantees in an all-or-nothing fashion. In contrast, a hybrid-secure protocol provides different security guarantees depending on the set of ...
Multi-Party Computation with Omnipresent Adversary
Irvine: Proceedings of the 12th International Conference on Practice and Theory in Public Key Cryptography: PKC '09

Secure multi-party computation (MPC) protocols enable a set of <em>n</em> mutually distrusting participants <em>P</em> ₁ , ..., <em>P</em> _<em>n</em> , each with their own private input <em>x</em> _<em>i</em> , to compute a function <em>Y</em> = <em>...
Passive corruption in statistical multi-party computation
ICITS'12: Proceedings of the 6th international conference on Information Theoretic Security

The goal of Multi-Party Computation (MPC) is to perform an arbitrary computation in a distributed, private, and fault-tolerant way. For this purpose, a fixed set of n parties runs a protocol that tolerates an adversary corrupting a subset of the parties,...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

HotNets '22: Proceedings of the 21st ACM Workshop on Hot Topics in Networks

November 2022

252 pages

ISBN:9781450398992

DOI:10.1145/3563766

Copyright © 2022 Owner/Author.

This work is licensed under a Creative Commons Attribution International 4.0 License.

Sponsors

SIGCOMM: ACM Special Interest Group on Data Communication

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 November 2022

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

NSF CAREER
NSF CISE Expeditions

Conference

HotNets '22

Sponsor:

SIGCOMM

HotNets '22: The 21st ACM Workshop on Hot Topics in Networks

November 14 - 15, 2022

Texas, Austin

Acceptance Rates

Overall Acceptance Rate 110 of 460 submissions, 24%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
892
Total Downloads

Downloads (Last 12 months)332
Downloads (Last 6 weeks)56

Reflects downloads up to 02 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Brito ECastillo FPullonen-Raudvere PWerner S(2025)TrustOps: Continuously Building Trustworthy SoftwareEnterprise Design, Operations, and Computing. EDOC 2024 Workshops10.1007/978-3-031-79059-1_4(53-67)Online publication date: 9-Feb-2025
https://doi.org/10.1007/978-3-031-79059-1_4
Connell GFang VSchmidt RDauterman EPopa RGavrilovska ATerry D(2024)Secret key recovery in a global-scale end-to-end encryption systemProceedings of the 18th USENIX Conference on Operating Systems Design and Implementation10.5555/3691938.3691976(703-719)Online publication date: 10-Jul-2024
https://dl.acm.org/doi/10.5555/3691938.3691976
Huang CShen XHuang CShen X(2024)IntroductionDecentralized Privacy Preservation in Smart Cities10.1007/978-3-031-54075-2_1(1-14)Online publication date: 25-Jan-2024
https://doi.org/10.1007/978-3-031-54075-2_1
Delignat-Lavaud AFournet CVaswani KClebsch SRiechert MCosta MRussinovich M(2023)Why Should I Trust Your Code?Communications of the ACM10.1145/362457867:1(68-76)Online publication date: 21-Dec-2023
https://dl.acm.org/doi/10.1145/3624578
Crooks N(2023)Efficient Data Sharing across Trust DomainsACM SIGMOD Record10.1145/3615952.361596252:2(36-37)Online publication date: 11-Aug-2023
https://dl.acm.org/doi/10.1145/3615952.3615962
Lycklama HBurkhalter LViand AKüchler NHithnawi A(2023)RoFL: Robustness of Secure Federated Learning2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179400(453-476)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179400

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Figures

Tables

Media

View Table of Conten