English

RA-WEBs: Remote Attestation for WEB services

Cryptography and Security 2024-11-05 v1

Abstract

Data theft and leakage, caused by external adversaries and insiders, demonstrate the need for protecting user data. Trusted Execution Environments (TEEs) offer a promising solution by creating secure environments that protect data and code from such threats. The rise of confidential computing on cloud platforms facilitates the deployment of TEE-enabled server applications, which are expected to be widely adopted in web services such as privacy-preserving LLM inference and secure data logging. One key feature is Remote Attestation (RA), which enables integrity verification of a TEE. However, compatibility\textit{compatibility} issues with RA verification arise as no browsers natively support this feature, making prior solutions cumbersome and risky. To address these challenges, we propose RA-WEBs\texttt{RA-WEBs} (R\textbf{R}emote A\textbf{A}ttestation for Web\textbf{Web} s\textbf{s}ervices), a novel RA protocol designed for high compatibility with the current web ecosystem. RA-WEBs\texttt{RA-WEBs} leverages established web mechanisms for immediate deployability, enabling RA verification on existing browsers. We conduct a comprehensive security analysis, demonstrating RA-WEBs\texttt{RA-WEBs}'s resilience against various threats. Our contributions include the RA-WEBs\texttt{RA-WEBs} proposal, a proof-of-concept implementation, an in-depth security analysis, and publicly available code for reproducible research.

Keywords

Cite

@article{arxiv.2411.01340,
  title  = {RA-WEBs: Remote Attestation for WEB services},
  author = {Kosei Akama and Yoshimichi Nakatsuka and Korry Luke and Masaaki Sato and Keisuke Uehara},
  journal= {arXiv preprint arXiv:2411.01340},
  year   = {2024}
}
R2 v1 2026-06-28T19:45:40.895Z