Decent: a framework for building secure distributed applications with enclaves.

Software

The Decent Application Framework and related tools and libraries are available on Github.

Research

1. Decentagram: Highly-Available Decentralized Publish/Subscribe Systems

   A secure, decentralized pub/sub system for on-chain and off-chain subscribers using smart contracts and trusted execution environments.

   DSN’24   Distinguished artifact award

   Zheng, Haofan and Tran, Tuan and Shadmon, Roy and Arden, Owen
   PDF BIB ABSTRACT

   @inproceedings{decentagram,
     author = {Zheng, Haofan and Tran, Tuan and Shadmon, Roy and Arden, Owen},
     title = {Decentagram: Highly-Available Decentralized Publish/Subscribe Systems},
     booktitle = {2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)},
     series = {DSN'24},
     year = {2024},
     month = {}
   }
   

   This paper presents Decentagram, a decentralized framework for data dissemination using the publish/subscribe messaging model. Decentagram uses blockchain smart contracts to authenticate events that will be published using digital signatures or self-attestation certificates from code running in trusted execution environments (TEEs), both of which are verified onchain. This approach permits any host with valid credentials to publish verified updates, increasing decentralization and availability of the system as a whole by simplifying compensation and incentivization, even for untrusted hosts running TEEs. Decentagram also supports on-chain subscribers where thirdparty contracts receive events immediately: within the same transaction as the published event. The same event will also be delivered to off-chain subscribing applications through an offchain event broker. We provide an open-source implementation of Decentagram, and evaluate the gas cost of its on-chain components and the end-to-end latency of its off-chain component.

   VIDEO

2. Total Eclipse of the Enclave: Detecting Eclipse Attacks From Inside TEEs

   Using difficulty monitoring to reliably detect extended eclipse attacks, even when the adversary controls all network connectivity.

   ICBC’21 (short paper)

   Zheng, Haofan and Tran, Tuan and Arden, Owen
   PDF DOI BIB ABSTRACT

   @inproceedings{haofan2021eclipse,
     author = {Zheng, Haofan and Tran, Tuan and Arden, Owen},
     title = {Total Eclipse of the Enclave: Detecting Eclipse Attacks From Inside TEEs},
     booktitle = {2021 IEEE International Conference on Blockchain and Cryptocurrency (ICBC)},
     year = {2021},
     month = may,
     doi = {10.1109/ICBC51069.2021.9461081},
     series = {ICBC'21 (short paper)},
     month_numeric = {5}
   }
   

   Enclave applications that rely on blockchains for integrity and availability are vulnerable to eclipse attacks. In this paper, we present an approach for reliably detecting extended eclipse attacks, even when the adversary controls all network connectivity. By monitoring changes to the difficulty parameter in Proof-of-Work (PoW) protocols, our algorithm detects suppression of new blocks, as well as difficulty-lowering attacks that attempt to force an enclave client onto a malicious fork mined solely by an attacker. We present analysis that attackers have negligible probability of evading our block monitoring algorithm, and demonstrate its robustness to most historical fluctuations in difficulty on the Ethereum blockchain, resulting in a very low false-positive rate.

   VIDEO

3. Secure Distributed Applications the Decent Way

   A framework for building secure decentralized applications with trusted execution environments and remote attestation.

   ASSS’21

   Zheng, Haofan and Arden, Owen
   PDF DOI BIB ABSTRACT

   @inproceedings{decent,
     author = {Zheng, Haofan and Arden, Owen},
     title = {Secure Distributed Applications the Decent Way},
     year = {2021},
     doi = {10.1145/3457340.3458304},
     booktitle = {Proceedings of the 2021 International Symposium on Advanced Security on Software and Systems},
     pages = {29-42},
     month = jan,
     numpages = {14},
     series = {ASSS'21},
     month_numeric = {1}
   }
   

   Remote attestation (RA) authenticates code running in trusted execution environments (TEEs), allowing trusted code to be deployed even on untrusted hosts. However, trust relationships established by one component in a distributed application may impact the security of other components, making it difficult to reason about the security of the application as a whole. Furthermore, traditional RA approaches interact badly with modern web service design, which tends to employ small interacting microservices, short session lifetimes, and little or no state. This paper presents the Decent Application Platform, a framework for building secure decentralized applications. Decent applications authenticate and authorize distributed enclave components using a protocol based on self-attestation certificates, a reusable credential based on RA and verifiable by a third party. Components mutually authenticate each other not only based on their code, but also based on the other components they trust, ensuring that no transitively-connected components receive unauthorized information. While some other TEE frameworks support mutual authentication in some form, Decent is the only system that supports mutual authentication without requiring an additional trusted third party besides the trusted hardware’s manufacturer. We have verified the secrecy and authenticity of Decent application data in ProVerif, and implemented two applications to evaluate Decent’s expressiveness and performance: DecentRide, a ride-sharing service, and DecentHT, a distributed hash table. On the YCSB benchmark, we show that DecentHT achieves 7.5x higher throughput and 3.67x lower latency compared to a non-Decent implementation.

   VIDEO