English
Related papers

Related papers: Building secure distributed applications the DECEN…

200 papers

Confidential services running in hardware-protected Trusted Execution Environments (TEEs) can provide higher security assurance, but this requires custom clients and protocols to distribute, update, and verify their attestation evidence.…

Cryptography and Security · Computer Science 2025-03-20 Antoine Delignat-Lavaud , Cédric Fournet , Kapil Vaswani , Manuel Costa , Sylvan Clebsch , Christoph M. Wintersteiger

The sharing of public key information is central to the digital credential security model, but the existing Web PKI with its opaque Certification Authorities and synthetic attestations serves a very different purpose. We propose a new…

Cryptography and Security · Computer Science 2024-01-08 Tim Hobson , Lydia France , Sam Greenbury , Luke Hare , Pamela Wochner

Collective remote attestation (CRA) is a security service that aims to efficiently identify compromised (often low-powered) devices in a (heterogeneous) network. The last few years have seen an extensive growth in CRA protocol proposals,…

Cryptography and Security · Computer Science 2024-07-15 Sharar Ahmadi , Jay Le-Papin , Liqun Chen , Brijesh Dongol , Sasa Radomirovic , Helen Treharne

Digital services have been offered through remote systems for decades. The questions of how these systems can be built in a trustworthy manner and how their security properties can be understood are given fresh impetus by recent hardware…

Cryptography and Security · Computer Science 2023-04-18 Kubilay Ahmet Küçük , Andrew Martin

We present Airtnt, a novel scheme that enables users with CPUs that support Trusted Execution Environments (TEEs) and remote attestation to rent out computing time on secure enclaves to untrusted users. Airtnt makes use of the attestation…

Cryptography and Security · Computer Science 2018-05-17 Mustafa Al-Bassam , Alberto Sonnino , Michał Król , Ioannis Psaras

Widespread adoption and growing popularity of embedded/IoT/CPS devices make them attractive attack targets. On low-to-mid-range devices, security features are typically few or none due to various constraints. Such devices are thus subject…

Cryptography and Security · Computer Science 2023-08-24 Ivan De Oliveira Nunes , Seoyeon Hwang , Sashidhar Jakkamsetti , Norrathep Rattanavipanon , Gene Tsudik

In this work we present the Secure Machine, SeM for short, a CPU architecture extension for secure computing. SeM uses a small amount of in-chip additional hardware that monitors key communication channels inside the CPU chip, and only acts…

Cryptography and Security · Computer Science 2018-03-13 Ofir Shwartz , Yitzhak Birk

This paper introduces a robust zero-trust architecture (ZTA) tailored for the decentralized system that empowers efficient remote work and collaboration within IoT networks. Using blockchain-based federated learning principles, our proposed…

Cryptography and Security · Computer Science 2024-06-26 Shiva Raj Pokhrel , Luxing Yang , Sutharshan Rajasegarar , Gang Li

Executing distributed cyber-physical software processes on edge devices that maintains the resiliency of the overall system while adhering to resource constraints is quite a challenging trade-off to consider for developers. Current…

Distributed, Parallel, and Cluster Computing · Computer Science 2022-08-23 Purboday Ghosh , Hao Tu , Timothy Krentz , Gabor Karsai , Srdjan Lukic

Confidential Virtual Machines (CVMs) protect data in use by running workloads within hardware-enforced Trusted Execution Environments (TEEs). However, existing CVM attestation mechanisms only certify what code is running, not where it is…

Cryptography and Security · Computer Science 2026-03-05 Filip Rezabek , Moe Mahhouk , Andrew Miller , Quintus Kilbourn , Georg Carle , Jonathan Passerat-Palmbach

We propose xRAC to permit users to run special applications on managed hosts and to grant them access to protected network resources. We use restricted application containers (RACs) for that purpose. A RAC is a virtualization container with…

Networking and Internet Architecture · Computer Science 2023-01-25 Frederik Hauser , Mark Schmidt , Michael Menth

Confidential Computing has emerged to address data security challenges in cloud-centric deployments by protecting data in use through hardware-level isolation. However, reliance on a single hardware root of trust (RoT) limits user…

Cryptography and Security · Computer Science 2024-12-13 Ketong Shang , Jiangnan Lin , Yu Qin , Muyan Shen , Hongzhan Ma , Wei Feng , Dengguo Feng

The introduction of remote attestation (RA) schemes has allowed academia and industry to enhance the security of their systems. The commercial products currently available enable only the validation of static properties, such as…

Cryptography and Security · Computer Science 2019-04-04 Flavio Toffalini , Eleonora Losiouk , Andrea Biondo , Jianying Zhou , Mauro Conti

A key feature in trusted computing is attestation, which allows encapsulated components (enclaves) to prove their identity to (local or remote) distrusting components. Reasoning about software that uses the technique requires tracking how…

Programming Languages · Computer Science 2026-04-17 June Rousseau , Denis Carnier , Thomas Van Strydonck , Steven Keuchel , Dominique Devriese , Lars Birkedal

Distributed Hash Tables (DHT) are a common architecture for decentralized applications and, therefore, would be suited for privacy-aware applications. However, currently existing DHTs allow every peer to access any index. To build…

Cryptography and Security · Computer Science 2017-09-19 Olga Kieselmann , Arno Wacker

Hardware-secured remote attestation is essential to establishing trust in the integrity of confidential virtual machines (cVMs), but is difficult to use in practice because verifying attestation evidence requires the use of…

Cryptography and Security · Computer Science 2026-05-01 Parsa Sadri Sinaki , Zainab Ahmad , Wentao Xie , Merlijn Sebrechts , Jimmy Kjällman , Lachlan J. Gunn

The security of TLS depends on trust in certificate authorities, and that trust stems from their ability to protect and control the use of a private signing key. The signing key is the key asset of a certificate authority (CA), and its…

Cryptography and Security · Computer Science 2017-10-11 Bargav Jayaraman , Hannah Li , David Evans

Trusted Execution Environments (TEEs), such as Intel SGX and ARM TrustZone, provide isolated regions of CPU and memory for secure computation and are increasingly used to protect sensitive data and code across diverse application domains.…

Software Engineering · Computer Science 2026-01-21 Yuqing Niu , Jieke Shi , Ruidong Han , Ye Liu , Chengyan Ma , Yunbo Lyu , David Lo

A number of trusted execution environments (TEEs) have been proposed by both academia and industry. However, most of them require specific hardware or firmware changes and are bound to specific hardware vendors (such as Intel, AMD, ARM, and…

Cryptography and Security · Computer Science 2022-12-09 Yuekai Jia , Shuang Liu , Wenhao Wang , Yu Chen , Zhengde Zhai , Shoumeng Yan , Zhengyu He

"Distributed Identity" refers to the transition from centralized identity systems using Decentralized Identifiers (DID) and Verifiable Credentials (VC) for secure and privacy-preserving authentications. With distributed identity, control of…

Cryptography and Security · Computer Science 2025-01-17 Sina Ahmadi