Paper 2024/1369

AGATE: Augmented Global Attested Trusted Execution in the Universal Composability framework

Lorenzo Martinico, University of Edinburgh, Input Output
Markulf Kohlweiss, University of Edinburgh, Input Output
Abstract

A Trusted Execution Environment (TEE) is a security technology, implemented by CPU manufacturers, which guarantees integrity and confidentiality on a restricted execution environment to any remote verifier through attestation. TEEs are deployed on various consumer and commercial hardware platforms, and have been widely adopted as a component in the design of cryptographic protocols both theoretical and practical. Within the provable security community, the use of TEEs as a setup assumption has converged to a standard ideal definition in the Universal Composability setting ($G_{\mathsf{att}}$, defined by Pass et al., Eurocrypt '17). However, it is unclear whether any real TEE design can actually realise such a level of security, or whether the diverse capabilities of today's TEE implementations will in fact converge to a single standard. Therefore, it is necessary for cryptographers and protocol designers to specify what assumptions are necessary for the TEE they are using to support the correctness and security of their protocol. To this end, this paper provides a more careful treatment of trusted execution than the existing literature, focusing on the capabilities of enclaves and adversaries. Our goal is to provide meaningful patterns for comparing different classes of TEEs, particularly how a weaker TEE functionality can implement a stronger one given an appropriate mechanism to bridge the two. We introduce a new, "modular" definition of TEEs that captures a broad range of pre-existing functionalities defined in the literature while maintaining their high level of abstraction. While our goal is not directly to model implementations of specific commercial TEE providers, our modular definition provides a way to capture more meaningful and realistic hardware capabilities. We propose to characterise TEE capabilities along the following terms: - the set of trusted features available to the enclave; - the set of possible attacks on an enclave; - the content of attestation signatures. We then define various possible ideal modular $G_{\mathsf{att}}$ functionality instantiations that capture existing variants in the literature. Finally, we conclude the paper by constructing a protocol template to realise stronger $G_{\mathsf{att}}$ setups from weaker ones, and provide an example of removing an attack.

Note: Replaces theorem template and rollback example in the main body with a simplified version for improved readability, and move full versions to the Appendix

Metadata
Available format(s)
PDF
Category
Foundations
Publication info
Preprint.
Keywords
Trusted Execution Environments (TEEs)Universal ComposabilityRemote AttestationSetup AssumptionsDefinitions
Contact author(s)
lorenzo martinico @ ed ac uk
markulf kohlweiss @ ed ac uk
History
2025-01-13: revised
2024-08-30: received
See all versions
Short URL
https://ia.cr/2024/1369
License
Creative Commons Attribution-ShareAlike
CC BY-SA

BibTeX

@misc{cryptoeprint:2024/1369,
      author = {Lorenzo Martinico and Markulf Kohlweiss},
      title = {{AGATE}: Augmented Global Attested Trusted Execution in the Universal Composability framework},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1369},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1369}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.