Video Converter
Audio Converter
Image Converter
PDF Converter
File Compressor
tr i nc small trusted hardware for large distributed

Tr I nc: Small Trusted Hardware for Large Distributed Systems Dave - PowerPoint PPT Presentation

Jan 25, 2023 •367 likes •1.62k views

Tr I nc: Small Trusted Hardware for Large Distributed Systems Dave Levin University of Maryland John R. Douceur Jacob R. Lorch Microsoft Research Thomas Moscibroda Trust in distributed systems Selfish Malicious Participants Participants

  1. Implementing a trusted log in Tr I nc Append(data): Bind new data to the attest(11, , ) end of the log 10 Lookup(sequence num): No equivocating on what is or is not stored < > 3,8, < > 8,9, < > < > 9,10, 9,10, Untrusted storage 13 TrInc – NSDI 2009 Dave Levin

  2. Implementing a trusted log in Tr I nc Append(data): Bind new data to the end of the log 10 Lookup(sequence num): No equivocating on what is or is not stored < > 3,8, < > 8,9, < > < > 9,10, 9,10, Untrusted storage 13 TrInc – NSDI 2009 Dave Levin

  3. Implementing a trusted log in Tr I nc Append(data): Bind new data to the end of the log 10 11 Lookup(sequence num): No equivocating on what is or is not stored < > 3,8, < > 8,9, < > < > 9,10, 9,10, Untrusted storage 13 TrInc – NSDI 2009 Dave Levin

  4. Implementing a trusted log in Tr I nc Append(data): Bind new data to the < > 10,11, end of the log 10 11 Lookup(sequence num): No equivocating on what is or is not stored < > 3,8, < > 8,9, < > < > 9,10, 9,10, Untrusted storage 13 TrInc – NSDI 2009 Dave Levin

  5. Implementing a trusted log in Tr I nc Append(data): Bind new data to the end of the log 10 11 Lookup(sequence num): No equivocating on what is or is not stored < > 3,8, < > 8,9, < > < > 9,10, 9,10, < > 10,11, Untrusted storage 13 TrInc – NSDI 2009 Dave Levin

  6. Implementing a trusted log in Tr I nc Append(data): Bind new data to the lookup 10 end of the log 10 11 Lookup(sequence num): No equivocating on what is or is not stored < > 3,8, < > 8,9, < > < > 9,10, 9,10, < > 10,11, Untrusted storage 13 TrInc – NSDI 2009 Dave Levin

  7. Implementing a trusted log in Tr I nc Append(data): Bind new data to the end of the log lookup 10 10 11 Lookup(sequence num): No equivocating on what is or is not stored < > 3,8, < > 8,9, < > < > 9,10, 9,10, < > 10,11, Untrusted storage 13 TrInc – NSDI 2009 Dave Levin

  8. Implementing a trusted log in Tr I nc Append(data): Bind new data to the end of the log lookup 10 10 11 Lookup(sequence num): No equivocating on what is or is not stored < > 3,8, < > 8,9, < > < > 9,10, 9,10, < > 10,11, Untrusted storage 13 TrInc – NSDI 2009 Dave Levin

  9. Implementing a trusted log in Tr I nc Append(data): Bind new data to the end of the log 10 11 Lookup(sequence num): No equivocating on what is or is not stored < > 3,8, < > 8,9, < > < > 9,10, 9,10, < > 10,11, Untrusted storage 13 TrInc – NSDI 2009 Dave Levin

  10. Implementing a trusted log in Tr I nc Append(data): Bind new data to the end of the log 10 11 Lookup(sequence num): No equivocating on what is or is not stored < > 3,8, < > 8,9, < > < > 9,10, 9,10, < > 10,11, Untrusted storage 13 TrInc – NSDI 2009 Dave Levin

  11. Implementing a trusted log in Tr I nc Append(data): Bind new data to the end of the log 10 11 Lookup(sequence num): No equivocating on what is or is not stored < > 3,8, < > 8,9, < > < > 9,10, 9,10, Fast lookups Few hardware accesses < > 10,11, Untrusted storage 13 TrInc – NSDI 2009 Dave Levin

  12. Tr I nc-A2M • Attested Append-only Memory (A2M) • Stores logs in trusted storage • Accesses trusted storage for all methods • A2M shown to solve • Byzantine fault tolerance using fewer nodes • SUNDR file system • Quorum/Update protocol • By construction, Tr I nc solves these systems, too 14 TrInc – NSDI 2009 Dave Levin

  13. What can Tr I nc do? • Trusted append-only logs • Prevent under-reporting in BitTorrent • Reduces communication in PeerReview • BFT with fewer nodes and messages • Ensure fresh data in DHTs • Prevent Sybil attacks 15 TrInc – NSDI 2009 Dave Levin

  14. What can Tr I nc do? • Trusted append-only logs • Prevent under-reporting in BitTorrent • Reduces communication in PeerReview • BFT with fewer nodes and messages • Ensure fresh data in DHTs • Prevent Sybil attacks 15 TrInc – NSDI 2009 Dave Levin

  15. BitTorrent primer 16 TrInc – NSDI 2009 Dave Levin

  16. BitTorrent primer File pieces Fast, users share the work 16 TrInc – NSDI 2009 Dave Levin

  17. BitTorrent primer 1 1 0 1 1 0 File pieces Fast, users share the work 16 TrInc – NSDI 2009 Dave Levin

  18. BitTorrent primer Does not have piece 2 1 1 0 1 1 0 File pieces Fast, users share the work 16 TrInc – NSDI 2009 Dave Levin

  19. BitTorrent primer 1 1 0 1 1 0 File pieces Fast, users share the work 16 TrInc – NSDI 2009 Dave Levin

  20. BitTorrent primer 1 1 0 1 1 0 File pieces 1 0 1 1 0 1 Fast, users share the work 16 TrInc – NSDI 2009 Dave Levin

  21. BitTorrent primer 1 1 0 1 0 1 File pieces 1 1 0 1 0 1 Fast, users share the work 16 TrInc – NSDI 2009 Dave Levin

  22. BitTorrent primer 1 1 0 1 1 0 1 0 1 1 0 1 Interested File pieces 1 1 0 1 0 1 Fast, users share the work 16 TrInc – NSDI 2009 Dave Levin

  23. BitTorrent primer 1 1 0 1 1 0 1 0 1 1 0 1 Interested File pieces 1 1 0 1 1 0 Interested 1 0 1 1 0 1 Fast, users share the work 16 TrInc – NSDI 2009 Dave Levin

  24. BitTorrent primer 1 1 0 1 1 0 1 0 1 1 0 1 Interested File pieces 1 1 0 1 1 0 Interested 1 0 1 1 0 1 Fast, users share the work 16 TrInc – NSDI 2009 Dave Levin

  25. Piece under-reporting is equivocation [SIGCOMM’08] Yields prolonged interest from others and faster download times 17 TrInc – NSDI 2009 Dave Levin

  26. Piece under-reporting is equivocation 17 TrInc – NSDI 2009 Dave Levin

  27. Piece under-reporting is equivocation 17 TrInc – NSDI 2009 Dave Levin

  28. Piece under-reporting is equivocation Ack 17 TrInc – NSDI 2009 Dave Levin

  29. Piece under-reporting is equivocation Ack 17 TrInc – NSDI 2009 Dave Levin

  30. Piece under-reporting is equivocation I received 17 TrInc – NSDI 2009 Dave Levin

  31. Piece under-reporting is equivocation I never received I received 17 TrInc – NSDI 2009 Dave Levin

  32. Applying TrInc • What does the counter represent? • The number of pieces received • To what do peers attest? • Their bitfield • The most recent piece received • When do peers attest? • When they receive • When they sync their counters 18 TrInc – NSDI 2009 Dave Levin

  33. Tr I nc-BitTorrent 19 TrInc – NSDI 2009 Dave Levin

  34. Tr I nc-BitTorrent 19 TrInc – NSDI 2009 Dave Levin

  35. Tr I nc-BitTorrent I have and most recently received 1 19 TrInc – NSDI 2009 Dave Levin

  36. Tr I nc-BitTorrent I have and most recently received 1 I have and most recently received 2 I have and most recently received 3 19 TrInc – NSDI 2009 Dave Levin

  37. Tr I nc-BitTorrent I have and most recently received 1 I have and most recently received 2 I have and most recently received 3  Counter matches the bitfield size 19 TrInc – NSDI 2009 Dave Levin

  38. Tr I nc-BitTorrent I have and most recently received 1 I have and most recently received 2 I have and most recently received 3  Counter matches the bitfield size 19 TrInc – NSDI 2009 Dave Levin

  39. Tr I nc-BitTorrent I have and most recently received 1 I have and most recently received 2 I have and most recently received 3  Counter matches the bitfield size  Attests to most recent piece 19 TrInc – NSDI 2009 Dave Levin

  40. Tr I nc-BitTorrent I have and most recently received 1 I have and most recently received 2 I have and most recently received 3  Counter matches the bitfield size  Attests to most recent piece 19 TrInc – NSDI 2009 Dave Levin

  41. Why attest to the latest piece? 20 TrInc – NSDI 2009 Dave Levin

  42. Why attest to the latest piece? 20 TrInc – NSDI 2009 Dave Levin

  43. Why attest to the latest piece? I have 1 20 TrInc – NSDI 2009 Dave Levin

  44. Why attest to the latest piece? I have 1 20 TrInc – NSDI 2009 Dave Levin

  45. Why attest to the latest piece? I have 1 20 TrInc – NSDI 2009 Dave Levin

  46. Why attest to the latest piece? I have 1 I have 2 I have 2 20 TrInc – NSDI 2009 Dave Levin

  47. Why attest to the latest piece? Looks good I have 1 to me Looks good I have 2 to me Looks good I have 2 to me 20 TrInc – NSDI 2009 Dave Levin

  48. Why attest to the latest piece? Looks good I have 1 to me Looks good I have 2 to me Looks good I have 2 to me 20 TrInc – NSDI 2009 Dave Levin

  49. Why attest to the latest piece? Looks good I have 1 to me Looks good I have 2 to me Looks good I have 2 to me Lesson: Without the full log, must ensure proper behavior at each step 20 TrInc – NSDI 2009 Dave Levin

  50. Macrobenchmarks • TrInc-BitTorrent • Solves piece under-reporting • TrInc-A2M • Reduces hardware requirements • Higher throughput • TrInc-PeerReview • Reduces the communication necessary to achieve fault detection 21 TrInc – NSDI 2009 Dave Levin

  51. Contributions 1 Tr I nc – A new, practical primitive for eliminating equivocation 2 2 Applications of Tr I nc 3 Implementation in currently available hardware 22 TrInc – NSDI 2009 Dave Levin

  52. Contributions 1 Tr I nc – A new, practical primitive for eliminating equivocation 2 Applications of Tr I nc 3 3 Implementation in currently available hardware 22 TrInc – NSDI 2009 Dave Levin

  53. Implementation • Gemalto .NET Smartcard • Crypto unit (RSA & 3-DES) • 32-bit micro-controller • 80 KB persistent memory • A few dozen lines of C# • Case studies • TrInc-A2M • TrInc-PeerReview • TrInc-BitTorrent 23 TrInc – NSDI 2009 Dave Levin

  54. Tr I nc microbenchmarks 250 Operation time (msec) 200 150 100 50 0 noop Asym Attest Asym Attest Symm attest Symm Attest Verify (advance) (status) (advance) (status) 24 TrInc – NSDI 2009 Dave Levin

  55. Tr I nc microbenchmarks 250 Operation time (msec) 200 150 100 50 0 noop Asym Attest Asym Attest Symm attest Symm Attest Verify (advance) (status) (advance) (status) 24 TrInc – NSDI 2009 Dave Levin

  56. Tr I nc microbenchmarks 32 msec to write a counter 250 Operation time (msec) 200 150 100 50 0 noop Asym Attest Asym Attest Symm attest Symm Attest Verify (advance) (status) (advance) (status) 24 TrInc – NSDI 2009 Dave Levin

  57. Tr I nc microbenchmarks 32 msec to write a counter 250 Operation time (msec) 200 Only 2x 150 100 50 0 noop Asym Attest Asym Attest Symm attest Symm Attest Verify (advance) (status) (advance) (status) 24 TrInc – NSDI 2009 Dave Levin

  58. Why so slow? • Fundamentally new application of trusted hardware • Typically used for bootstrapping • Tr I nc makes it intrinsic to the protocol • It can be faster • There just has not been the call for it prior to Tr I nc 25 TrInc – NSDI 2009 Dave Levin

Recommend

Hardware Observability Framework Hardware Observability Framework Hardware Observability

Hardware Observability Framework Hardware Observability Framework Hardware Observability

Hardware Observability Framework Hardware Observability Framework Hardware Observability Framework Hardware Observability Framework Hardware Observability Framework Hardware Observability Framework Hardware Observability Framework Hardware

746 views • 22 slides
Four Layers to Build a Four Layers to Build a Trusted Architecture Trusted Architecture Danny

Four Layers to Build a Four Layers to Build a Trusted Architecture Trusted Architecture Danny

Trusted Architecture for Trusted Architecture for Securely Shared Services Securely Shared Services Four Layers to Build a Four Layers to Build a Trusted Architecture Trusted Architecture Danny De Cock K.U.Leuven ESAT/COSIC

369 views • 17 slides
Secure Hardware HOW CAN WE PROTECT OUR HARDWARE ??? HOW CAN OUR HARDWARE PROTECT ITSELF ??? 1

Secure Hardware HOW CAN WE PROTECT OUR HARDWARE ??? HOW CAN OUR HARDWARE PROTECT ITSELF ??? 1

Secure Hardware HOW CAN WE PROTECT OUR HARDWARE ??? HOW CAN OUR HARDWARE PROTECT ITSELF ??? 1 OReilly 2 Trusted or Trustworthy? An object is trusted if and only if it operates as expected An object is trustworthy if and only if it is

711 views • 45 slides
Modifiers X-bar theory Modifiers (1) a. a large small shirt b. a small large shirt (2) a. a

Modifiers X-bar theory Modifiers (1) a. a large small shirt b. a small large shirt (2) a. a

Modifiers X-bar theory Modifiers (1) a. a large small shirt b. a small large shirt (2) a. a shirt [that's large] [that's small] b. a shirt [that's small] [that's large] (3) a. a common wrong answer b. a wrong common answer Modifiers

1.4k views • 96 slides
Modifiers X-bar theory Modifiers (1) a. a large small shirt b. a small large shirt (2) a. a

Modifiers X-bar theory Modifiers (1) a. a large small shirt b. a small large shirt (2) a. a

Modifiers X-bar theory Modifiers (1) a. a large small shirt b. a small large shirt (2) a. a shirt [that's large] [that's small] b. a shirt [that's small] [that's large] (3) a. a common wrong answer b. a wrong common answer Modifiers

872 views • 51 slides
Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides

Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides

Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklins 712 lecture, Fall 2006) Trusted Computing Hardware What can you do if you have trusted hardware?

316 views • 27 slides
Hardware Enclaves &amp; In Intel SGX CS261 Hardware Enclaves HW abstractions for

Hardware Enclaves &amp; In Intel SGX CS261 Hardware Enclaves HW abstractions for

Hardware Enclaves &amp; In Intel SGX CS261 Hardware Enclaves HW abstractions for distributing trusted execution to untrusted platforms 2 Hardware Enclaves HW abstractions for distributing trusted execution to untrusted platforms

1.07k views • 18 slides
VC. VC. Hardware Startup The Hardware Revolu/on The Hardware Revolution Removing Barriers to

VC. VC. Hardware Startup The Hardware Revolu/on The Hardware Revolution Removing Barriers to

The Business of Making Strategies for Success from Startup to Exit Hardware and Robotic Startup Accelerator what hardware used to be . VC. VC. Hardware Startup The Hardware Revolu/on The Hardware Revolution Removing Barriers to Entry Open

607 views • 32 slides
Sec Secure ure Hardware Hardware and Hardware and Hardware- En Enabled abled Security

Sec Secure ure Hardware Hardware and Hardware and Hardware- En Enabled abled Security

SP SPACE ACE 201 2016 Sec Secure ure Hardware Hardware and Hardware and Hardware- En Enabled abled Security Security: : New Front New Frontiers iers Swarup Bhunia Professor Electrical &amp; Computer Engineering SPACE | Dec 2016 1

610 views • 29 slides
Your Trusted China Partner Market Overview Your Trusted Partner in China Source: McKinsey &amp;

Your Trusted China Partner Market Overview Your Trusted Partner in China Source: McKinsey &amp;

Chinas Dietary Supplement Industry Market Insights Natural Products Expo West March 11, 2017 Your Trusted China Partner Market Overview Your Trusted Partner in China Source: McKinsey &amp; Company Your Trusted Partner in China Consumer

413 views • 29 slides
Trusted Mobile Platforms: Part 1: An introduction to trusted computing Chris Mitchell Royal

Trusted Mobile Platforms: Part 1: An introduction to trusted computing Chris Mitchell Royal

Trusted Mobile Platforms: Part 1: An introduction to trusted computing Chris Mitchell Royal Holloway, University of London c.mitchell@rhul.ac.uk http://www.isg.rhul.ac.uk/~cjm Contents What is trusted computing? The TCG TCG

1.43k views • 114 slides
TRUSTED MEMORY Software-Based O-Chip Memory Protection for RISC-V Trusted Execution

TRUSTED MEMORY Software-Based O-Chip Memory Protection for RISC-V Trusted Execution

TRUSTED MEMORY Software-Based O-Chip Memory Protection for RISC-V Trusted Execution Environments Gui Andrade Krste Asanovi Dayeol Lee David Kohlbrenner Dawn Song University of California, Berkeley TRUSTED MEMORY? Securing data/code

706 views • 48 slides
&amp; Trusted Computing Erik Poll Digital Security Radboud University Nijmegen Classic

&amp; Trusted Computing Erik Poll Digital Security Radboud University Nijmegen Classic

Hardware Security Trusted Execution Environments (TEEs) &amp; Trusted Computing Erik Poll Digital Security Radboud University Nijmegen Classic hardware-backed security solutions smartcard for users HSM (Hardware Security Module) in

777 views • 63 slides
Divide And Conquer Small And Large Instance Small instance. Sort a list that has n &lt;=

Divide And Conquer Small And Large Instance Small instance. Sort a list that has n &lt;=

Divide And Conquer Small And Large Instance Small instance. Sort a list that has n &lt;= 10 elements. Find the minimum of n &lt;= 2 elements. Distinguish between small and large instances. Large instance. Small instances

92 views • 6 slides
Divide And Conquer Small And Large Instance Small instance. Sort a list that has n &lt;=

Divide And Conquer Small And Large Instance Small instance. Sort a list that has n &lt;=

Divide And Conquer Small And Large Instance Small instance. Sort a list that has n &lt;= 10 elements. Find the minimum of n &lt;= 2 elements. Distinguish between small and large instances. Large instance. Small instances

247 views • 9 slides
R*T Large Model Launch August 2010 Copeland Hermetic Reciprocating Products Large R*T Model

R*T Large Model Launch August 2010 Copeland Hermetic Reciprocating Products Large R*T Model

R*T Large Model Launch August 2010 Copeland Hermetic Reciprocating Products Large R*T Model Launch R*T Small Models R*T Large Models Launched Sept07 Launched June 10 CS/CF Small R Large R Small R*T Large R*T 6400 BTU A*T

328 views • 9 slides
Martingale Difference Central Limit Theorem Yichen Zhou May 9, 2016 Intuition Why martingale

Martingale Difference Central Limit Theorem Yichen Zhou May 9, 2016 Intuition Why martingale

Martingale Difference Central Limit Theorem Yichen Zhou May 9, 2016 Intuition Why martingale difference CLT. Statisticians rely on CLTs to make inference. CLTs we have seen before all require independence. Martingale difference CLT

408 views • 16 slides
A Parallel Method for the Computation of Matrix Exponential based on Truncated Neumann Series V.

A Parallel Method for the Computation of Matrix Exponential based on Truncated Neumann Series V.

A Parallel Method for the Computation of Matrix Exponential based on Truncated Neumann Series V. S. Dimitrov 12 , V. Ariyarathna 3 , D. F. G. Coelho 1 , L. Rakai 1 , A. Madanayake 3 , R. J. Cintra 4 1 ECE Department, University of Calgary, Canada 2

464 views • 21 slides
Quillen metrics on modular curves Mathieu Dutour Institut de Mathmatiques de Jussieu - Paris

Quillen metrics on modular curves Mathieu Dutour Institut de Mathmatiques de Jussieu - Paris

Quillen metrics on modular curves Mathieu Dutour Institut de Mathmatiques de Jussieu - Paris Rive Gauche French - Korean LIA : Inaugural Conference November 2019 Mathieu Dutour (IMJ-PRG) Quillen metrics on modular curves November 2019 1 /

923 views • 55 slides
PostgreSQL Replication Christophe Pettus PostgreSQL Experts PerconaLive, April 25, 2018

PostgreSQL Replication Christophe Pettus PostgreSQL Experts PerconaLive, April 25, 2018

PostgreSQL Replication Christophe Pettus PostgreSQL Experts PerconaLive, April 25, 2018 Christophe Pettus CEO, PostgreSQL Experts, Inc. christophe.pettus@pgexperts.com thebuild.com twitter @xof Questions Welcome! &quot;It's more

954 views • 59 slides
Distance Sampling Simulations Overview Why simulate? How it works Automated survey

Distance Sampling Simulations Overview Why simulate? How it works Automated survey

Distance Sampling Simulations Overview Why simulate? How it works Automated survey design Coverage probability Which design? Design trade-offs Defining the population Population description

705 views • 36 slides
Vectorized Bloom Filters for Advanced SIMD Processors Orestis Polychroniou Kenneth A. Ross

Vectorized Bloom Filters for Advanced SIMD Processors Orestis Polychroniou Kenneth A. Ross

Vectorized Bloom Filters for Advanced SIMD Processors Orestis Polychroniou Kenneth A. Ross Bloom filters Introduction Original version [Bloom 1970] Represents a set of items Answers: Does item X belong to

450 views • 29 slides
Ab Initio Approaches to Light Nuclei Lecture 3: Light Nuclei Robert Roth Overview

Ab Initio Approaches to Light Nuclei Lecture 3: Light Nuclei Robert Roth Overview

Ab Initio Approaches to Light Nuclei Lecture 3: Light Nuclei Robert Roth Overview Lecture 1: Fundamentals Prelude Many-Body Quantum Mechanics Lecture 1: Nuclear Hamiltonian Nuclear Interactions Matrix Elements

507 views • 34 slides
Coarse-graining Markov state models with PCCA Coarse-graining Markov state models

Coarse-graining Markov state models with PCCA Coarse-graining Markov state models

Coarse-graining Markov state models with PCCA Coarse-graining Markov state models Coarse-graining Markov state models here means finding a smaller transition matrix that does a similar job as the large original transition matrix. We have

514 views • 15 slides

More recommend

Explore More Topics

Stay informed with curated content and fresh updates.

animals pets art culture automotive transportation business finance computer internet construction architecture education-career electronics communication

Logo Sambuz

Unleash a World of Digital Possibilities—Browse, Share, and Explore Content Without Boundaries

Useful Links

About Us Privacy Services FAQ's Contact

Newsletter

Stay Informed & Inspired—Subscribe for the Latest Updates, Tips, and Exclusive Content Directly to Your Inbox.

Mail Us

mail@sambuz.com

2026 SAMBUZ, All right reserved.