Abstract
Due to limited computing and storage resources, light clients and full nodes coexist in a typical blockchain system. Any query from light clients must be forwarded to full nodes for execution, and light clients verify the integrity of query results returned. Since existing authenticated query based on Authenticated Data Structure (ADS) suffers from significant network, storage and computing overheads by virtue of Verification Objects (VO), an alternative way turns to Trust Execution Environment (TEE), with which light clients have no need to receive or verify any VO. However, state-of-the-art TEE cannot deal with large-scale application conveniently due to limited secure memory space (i.e, the size of enclave in Intel SGX is only 128MB). Hence, we organize data hierarchically in both trusted (enclave) and untrusted memory and only buffer hot data in enclave to reduce page swapping overhead between two kinds of memory. Security analysis and empirical study validate the effectiveness of our proposed solutions.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Cheng, R., et al.: Ekiden: a platform for confidentiality-preserving, trustworthy, and performant smart contracts. In: 2019 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 185–200. IEEE (2019)
Hu, S., Cai, C., Wang, Q., Wang, C., Luo, X., Ren, K.: Searching an encrypted cloud meets blockchain: A decentralized, reliable and fair realization. In: IEEE INFOCOM 2018-IEEE Conference on Computer Communications, pp. 792–800. IEEE (2018)
Li, F., Hadjieleftheriou, M., Kollios, G., Reyzin, L.: Dynamic authenticated index structures for outsourced databases. In: Proceedings of the 2006 International Conference on Management of Data, pp. 121–132. ACM (2006)
Li, F., Hadjieleftheriou, M., Kollios, G., Reyzin, L.: Authenticated index structures for aggregation queries. ACM Trans. Inf. Syst. Secur. (TISSEC) 13(4), 32 (2010)
Matetic, S., et al.: ROTE: rollback protection for trusted execution. In: 26th USENIX Security Symposium (USENIX Security 17), pp. 1289–1306 (2017)
Matetic, S., Wüst, K., Schneider, M., Kostiainen, K., Karame, G., Capkun, S.: BITE: bitcoin lightweight client privacy using trusted execution. In: 28th USENIX Security Symposium (USENIX Security 19), pp. 783–800 (2019)
McKeen, F., et al.: Innovative instructions and software model for isolated execution. HASP@ISCA 10(1) (2013)
Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, New York (1990). https://doi.org/10.1007/0-387-34805-0_21
Nakamoto, S., et al.: Bitcoin: a peer-to-peer electronic cash system (2008)
Pang, H., Tan, K.L.: Authenticating query results in edge computing. In: Proceedings of the 20th International Conference on Data Engineering, pp. 560–571. IEEE (2004)
Robinson, J.T., Devarakonda, M.V.: Data cache management using frequency-based replacement, vol. 18. ACM (1990)
Weisse, O., Bertacco, V., Austin, T.: Regaining lost cycles with hotcalls: a fast interface for SGX secure enclaves. ACM SIGARCH Comput. Archit. News 45(2), 81–93 (2017)
Xu, C., Zhang, C., Xu, J.: vChain: enabling verifiable Boolean range queries over blockchain databases. In: Proceedings of the 2019 International Conference on Management of Data, pp. 141–158. ACM (2019)
Yang, Y., Papadias, D., Papadopoulos, S., Kalnis, P.: Authenticated join processing in outsourced databases. In: Proceedings of the 2009 ACM SIGMOD International Conference on Management of Data, pp. 5–18. ACM (2009)
Zhang, C., Xu, C., Xu, J., Tang, Y., Choi, B.: Gem\(\hat{\,} \)2-tree: a gas-efficient structure for authenticated range queries in blockchain. In: 2019 IEEE 35th International Conference on Data Engineering (ICDE), pp. 842–853. IEEE (2019)
Zhang, F., Cecchetti, E., Croman, K., Juels, A., Shi, E.: Town crier: an authenticated data feed for smart contracts. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 270–282. ACM (2016)
Zhu, Y., Zhang, Z., Jin, C., Zhou, A., Yan, Y.: SEBDB: semantics empowered blockchain database. In: 2019 IEEE 35th International Conference on Data Engineering (ICDE), pp. 1820–1831. IEEE (2019)
Acknowledgment
This research is supported in part by National Science Foundation of China under grant number U1811264, U1911203, 61972152 and 61532021.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Shao, Q., Pang, S., Zhang, Z., Jing, C. (2020). Authenticated Range Query Using SGX for Blockchain Light Clients. In: Nah, Y., Cui, B., Lee, SW., Yu, J.X., Moon, YS., Whang, S.E. (eds) Database Systems for Advanced Applications. DASFAA 2020. Lecture Notes in Computer Science(), vol 12114. Springer, Cham. https://doi.org/10.1007/978-3-030-59419-0_19
Download citation
DOI: https://doi.org/10.1007/978-3-030-59419-0_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-59418-3
Online ISBN: 978-3-030-59419-0
eBook Packages: Computer ScienceComputer Science (R0)