Inside Trusted Execution Environments: How Secure Are Your Crypto Transactions?

Table of Links

Abstract and I. Motivation

II. Local Currencies

III. Unique Pop Ceremonies

IV. Monetary Policy

V. Purchasing-Power Adjusted Transaction Fees

VI. Architecture

VII. Trusted Execution Environment Security

VIII. Encointer Association

IX. Known Limitations

X. Conclusion and References

VII. TRUSTED EXECUTION ENVIRONMENT SECURITY

TEEs aim to provide the necessary guarantees for secure remote computation. They should provide integrity and confidentiality guarantees when executing software on a computer maintained by an untrusted party. The most recent TEEs rely on software attestation, a process that guarantees the user that she’s communicating with a known piece of code running inside a secure container on a genuine trusted hardware by means of a manufacturer signature.

\ As criticized in [14], manufacturers seem to follow a security by obscurity principle not disclosing design internals necessary for a proper security review. Their in dubio contra reum analysis of Intel SGX shows vulnerabilities to cache timing and sidechannel attacks. Foreshadow [15] falsified confidentiality as well as integrity claims for SGX but the attack is mitigated for now. ARM TrustZone on the other hand is only an IP core and design details are left to the manufacturer, equally reluctant to disclose details.

\ Since at least the post-Snowden era, one also has to be concerned about manufacturers being forced by their state to introduce deliberate backdoors. Even if open-source TEEs like Keystone [22] might soon deliver devices, one would still have to trust the manufacturer not to tamper with the design.

\ While all this is disturbing, it should be put in perspective. Information security is a never-ending race. All blockchain solutions are software running by large part on Intel CPUs. While hardware wallets may give us some comfort concerning our funds private keys, there’s no guarantee on confidentiality when considering sidechannel attacks.

\ The Encointer association will follow developments closely and maintain an up to date list of accepted TEE manufacturers’ attestation keys.

\

VIII. Encointer ASSOCIATION

The Encointer association is a not-for-profit association under Swiss law. Its purpose is to govern the Encointer ecosystem during its initial phase. It fulfills the following tasks

\ • community bootstrapping

\ • protocol updates

\ • maintain list of accepted TEE attestation service keys

\ All changes are subject to a referendum by the community.

\

IX. KNOWN LIMITATIONS

A. Scalability

\ The proposed Encointer protocol assumes that the entire state for a local community can fit into secure memory within a TEE. This limits the number of accounts that can be registered per community.

\

X. CONCLUSION

A novel cryptocurrency system has been introduced in conceptual detail. Main contributions are

\ • A novel approach to monetary policy supporting equal opportunity globally with a universal basic income (UBI) in local community currencies.

\ • A novel protocol for trustless pseudonym key signing parties for proof-of-personhood (PoP)

\ • Private transactions with purchasing-power adjusted fees.

REFERENCES

[1] Satoshi Nakamoto. Bitcoin: A peer-to-peer electronic cash system, http://bitcoin.org/bitcoin.pdf, 2008

\ [2] Richard Cantiollon. Essai sur la Nature du Commerce en Gen´ eral, 1755 ´

\ [3] Thomas Piketty. Capital in the Twenty-First Century, 2013

\ [4] Bryan Ford. Pseudonym Parties: An Offline Foundation for Online Accountability, 2008

\ [5] Maria Borge et al. Proof-of-Personhood: Redemocratizing Permissionless Cryptocurrencies

\ [6] Silvio Gesell, The Natural Economic Order, 1958

\ [7] Bernard Lietaer at al., People Money: The Promise of Regional Currencies, 2012

\ [8] Sunny King, Scott Nadal. PPCoin: Peer-to-Peer Crypto-Currency with Proof-of-Stake, 2012

\ [9] Gavin Wood, Polkadot: Vision for a Heterogeneous Multi-Chain Framework

\ [10] Fergal Reid. An Analysis of Anonymity in the Bitcoin System, Security and Privacy in Social Networks, 2012

\ [11] Nicolas van Saberhagen, CryptoNote v 2.0, https://cryptonote.org/whitepaper.pdf, 2014

\ [12] Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, Madars Virza, Zerocash: Decentralized Anonymous Payments from Bitcoin, proceedings of the IEEE Symposium on Security & Privacy (Oakland) 2014, 459-474, IEEE, 2014

\ [13] Hyperledger Sawtooth Private Data Objects. https://github.com/hyperledger-labs/private-data-objects

\ [14] V. Costan S. Devadas. Intel SGX Explained. Tech. rep., Cryptology ePrint Archive, 2016.

\ [15] Jo Van Bulck et.al. Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution, 2018

\ [16] Introducing ARM TrustZone. https://developer.arm.com/technologies/trustzone

\ [17] www.substratee.com Historical Economics in Honour of Joseph Schumpeter, Princeton University Press, 1972

\ [18] Poon, Joseph. The Bitcoin Lightning Network: Scalable Off-Chain Instant Payments, 2015

\ [19] J. Lind, I. Eyal, P. Pietzuch, E. Gun Sirer. Teechan: Payment Channels ¨ Using Trusted Execution Environments

\ [20] Serguey Popov. The Tangle, http://iotatoken.com/IOTA Whitepaper.pdf, 2016

\ [21] Colin LeMahieu. Nano: A Feeless Distributed Cryptocurrency Network, 2016

\ [22] Keystone Project, https://keystone-enclave.github.io/

\ [23] https://en.wikipedia.org/wiki/List of cities by population density, sampled Nov. 2018

\ [24] Stodder, J., Complementary Credit Networks and Macro-Economic Stability: Switzerland’s Wirtschaftsring, Journal of Economic Behavior and Organization, 2009

\ [25] Gelleri, Chiemgauer Regiomoney: Theory and Proctise of Regional Currencies, 2009

\ [26] Freicoin: https://freico.in

\

:::info Author:

(1) Alain Brenzikofer (alain@encointer.org).

:::

:::info This paper is available on arxiv under CC BY-NC-SA 4.0 DEED license.

:::

\