Venue | Category |
---|---|
ACNS'20 | PoW |
Proofs of Ownership on Encrypted Cloud Data via Intel SGX1. SummaryMotivation of this paperPoWISImplementation and Evaluation2. Strength (Contributions of the paper)3. Weakness (Limitations of the paper)4. Some Insights (Future work)
Motivation
Traditional PoWs rely on an assumption that the cloud server is fully trusted and has access to the original file content.
hindering execution of the traditional PoWs.
Main idea
System model
Theat model
the cloud server is honest-but-curious
the malicious data owner wants to pass the PoW check on a file without actually possessing this file
communication channel is protected by SSL/TLS.
Main design
The PoW verification process is separated and delegated to the SGX enclave.
The decryption key for decrypting the encrypted cloud data and the PoW proof will be transmitted via a secure channel.
The enclave uses the session key to perform decryption to obtain and the PoW proof.
Remote attestation
Security analysis
Implementation
Performance
this can only ensure that prover really owns the encrypted file, instead of the original file.
the cloud server will issue a challenge to the client.
a secure channel can be established between the client and the enclave at the same time. (allow the client to communicate with the enclave directly)