Abstract
In state machine replication (SMR), preventing reordering attacks by ensuring a high degree of fairness when ordering commands requires that clients broadcast their commands to all processes. This is impractical due to the impact on scalability, and thus it discourages the adoption of a fair ordering of commands. Alternative approaches to order-fairness allow clients do send their commands to only one process, but provide a weaker notion of order-fairness. In particular, they disadvantage isolated processes. In this paper, we introduce Aion, a set of order-fair protocols for SMR. We first leverage trusted execution environments (TEEs) to enable processes to compute the times when commands are broadcast by their issuers. We then integrate this information into existing consensus protocols to devise order-fair SMR protocols that are both leader-based and leaderless. To realize order-fairness, Aion only requires that a client sends its commands to a single process, while at the same time enabling precise ordering during synchronous periods.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Aion is a Hellenistic deity that symbolizes a cyclic time. The name Aion stems from the fact that our protocols rely on repeating and constant network delays.
References
Alves, T.: TrustZone: integrated hardware and software security. Inf. Q. 3, 18–24 (2004)
Antoniadis, K., Desjardins, A., Gramoli, V., Guerraoui, R., Zablotchi, I.: Leaderless consensus. In: 2021 IEEE 41st International Conference on Distributed Computing Systems (ICDCS), pp. 392–402. IEEE (2021)
Antoniadis, K., Guerraoui, R., Malkhi, D., Seredinschi, D.-A.: State machine replication is more expensive than consensus. In: Schmid, U., Widder, J. (eds), 32nd International Symposium on Distributed Computing (DISC 2018), volume 121 of Leibniz International Proceedings in Informatics (LIPIcs), pp. 7:1–7:18. Schloss Dagstuhl–Leibniz-Zentrum fuer Informatik, Dagstuhl, Germany (2018)
Anwar, F.M., Garcia, L., Han, X., Srivastava, M.: Securing time in untrusted operating systems with timeseal. In: 2019 IEEE Real-Time Systems Symposium (RTSS), pp. 80–92 (2019)
Anwar, F.M., Srivastava, M.: Applications and challenges in securing time. In: 12th USENIX Workshop on Cyber Security Experimentation and Test (CSET 19) (2019)
Arun, B., Peluso, S., Palmieri, R., Losa, G., Ravindran, B.: Speeding up consensus by chasing fast decisions. In: 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pp. 49–60 (2017)
Back, A., et al.: Hashcash-a denial of service counter-measure (2013)
Cachin, C., Kursawe, K., Petzold, F., Shoup, V.: Secure and efficient asynchronous broadcast protocols. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 524–541. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_31
Cachin, C., . Mićić, J., Steinhauer, N., Zanolini, L.: Quick order fairness. In: Eyal, I., Garay, J. (eds.) Financial Cryptography and Data Security. FC 2022. Lecture Notes in Computer Science, vol. 13411, pp. 316–333. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-18283-9_15
Chiesa, M., Kamisiński, A., Rak, J., Retvari, G., Schmid, S.: A survey of fast-recovery mechanisms in packet-switched networks. IEEE Commun. Surv. Tutorials 23(2), 1253–1301 (2021)
Daian, P., et al.: Flash boys 2.0: frontrunning in decentralized exchanges, miner extractable value, and consensus instability. In: 2020 IEEE Symposium on Security and Privacy, pp. 910–927. IEEE (2020)
Défago, X., Schiper, A., Urbán, P.: Total order broadcast and multicast algorithms: taxonomy and survey. ACM Comput. Surv. 36(4), 372–421 (2004)
Diffie, W., Hellman, M.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976)
Dwork, C., Lynch, N., Stockmeyer, L.: Consensus in the presence of partial synchrony. J. ACM (JACM) 35(2), 288–323 (1988)
Dwork, C., Naor, M.: Pricing via processing or combatting junk mail. In: Brickell, E.F. (ed.) CRYPTO 1992. LNCS, vol. 740, pp. 139–147. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-48071-4_10
Eskandari, S., Moosavi, S., Clark, J.: Transparent dishonesty: front-running attacks on blockchain. In: 3rd Workshop on Trusted Smart Contracts (WTSC) (2019)
Fallah, M.: A puzzle-based defense strategy against flooding attacks using game theory. IEEE Trans. Dependable Secure Comput. 7(1), 5–19 (2008)
Fitzi, M., Garay, J.A.: Efficient player-optimal protocols for strong and differential consensus. In: Proceedings of the Twenty-Second Annual Symposium on Principles of Distributed Computing, pp. 211–220 (2003)
Gelashvili, R., et al.: Block-STM: scaling blockchain execution by turning ordering curse to a performance blessing. In: Proceedings of the 28th ACM SIGPLAN Annual Symposium on Principles and Practice of Parallel Programming, pp. 232–244 (2023)
Gilad, Y., Hemo, R., Micali, S., Vlachos, G., Zeldovich, N.: Algorand: scaling byzantine agreements for cryptocurrencies. In: Proceedings of the 26th Symposium on Operating Systems Principles, pp. 51–68 (2017)
Gupta, S., Rahnama, S., Pandey, S., Crooks, N., Sadoghi, M.: Dissecting BFT consensus: in trusted components we trust! In: Proceedings of the Seventeenth European Conference on Computer Systems (EuroSys), (2023)
Heimbach, L., Wattenhofer, R.: SoK: preventing transaction reordering manipulations in decentralized Finance. In: 4th ACM Conference on Advances in Financial Technologies (2022)
Kelkar, M., Deb, S., Long, S., Juels, A., Kannan, S.: Themis: fast, strong order-fairness in byzantine consensus. In: ConsensusDays 21 (2021)
Kelkar, M., Zhang, F., Goldfeder, S., Juels, A.: Order-fairness for byzantine consensus. In: Micciancio, D., Ristenpart, T. (eds.) Advances in Cryptology – CRYPTO 2020: 40th Annual International Cryptology Conference, CRYPTO 2020, Santa Barbara, CA, USA, August 17–21, 2020, Proceedings, Part III, pp. 451–480. Springer International Publishing, Cham (2020). https://doi.org/10.1007/978-3-030-56877-1_16
Kiayias, A., Russell, A., David, B., Oliynykov, R.: Ouroboros: a provably secure proof-of-stake blockchain protocol. In: Katz, J., Shacham, H. (eds.) CRYPTO 2017. LNCS, vol. 10401, pp. 357–388. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-63688-7_12
Kursawe, K.: Wendy, the good little fairness widget: achieving order fairness for blockchains. In: Proceedings of the 2nd ACM Conference on Advances in Financial Technologies, pp. 25–36 (2020)
Laishun, Z., Minglei, Z., Yuanbo, G.: A client puzzle based defense mechanism to resist dos attacks in WLAN. In: 2010 International Forum on Information Technology and Applications, vol. 3, pp. 424–427. IEEE (2010)
Lamport, L.: In: Time, Clocks, and the Ordering of Events in a Distributed System, pp. 179–196. Association for Computing Machinery (2019)
Lamport, L., Shostak, R., Pease, M.: In: The Byzantine Generals Problem, pp. 203–226. Association for Computing Machinery (2019)
Lenzen, C., Sommer, P., Wattenhofer, R.: Optimal clock synchronization in networks. In: Proceedings of the 7th ACM Conference on Embedded Networked Sensor Systems, pp. 225–238 (2009)
Liao, J., Zhang, F., Sun, W., Shi, W.: Speedster: an efficient multi-party state channel via enclaves. In: Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security, pp. 637–651 (2022)
Lind, J., Naor, O., Eyal, I., Kelbert, F., Sirer, E.G., Pietzuch, P.: Teechain: a secure payment network with asynchronous blockchain access. In: Proceedings of the 27th ACM Symposium on Operating Systems Principles, pp. 63–79 (2019)
Liu, J., Li, W., Karame, G.O., Asokan, N.: Scalable byzantine consensus via hardware-assisted secret sharing. IEEE Trans. Comput. 68(1), 139–151 (2018)
Lumezanu, C., Baden, R., Spring, N., Bhattacharjee, B.: Triangle inequality and routing policy violations in the internet. In: Moon, S.B., Teixeira, R., Uhlig, S. (eds.) PAM 2009. LNCS, vol. 5448, pp. 45–54. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00975-4_5
Lundelius, J., Lynch, N.: A new fault-tolerant algorithm for clock synchronization. In: Proceedings of the Third Annual ACM Symposium on Principles of Distributed Computing, pp. 75–88 (1984)
Malkhi, D., Reiter, M.: Byzantine quorum systems. Distrib. Comput. 11(4), 203–213 (1998)
Malkhi, D., Szalachowski, P.: Maximal extractable value (MEV) protection on a DAG. In: 4th International Conference on Blockchain Economics Security and Protocols (2022)
McKeen, F., et al.: Innovative instructions and software model for isolated execution. In: HASP 2013: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, vol. 10, p. 1 (2013)
Micali, S., Rabin, M., Vadhan, S.: Verifiable random functions. In: 40th Annual Symposium on Foundations of Computer Science (cat. No. 99CB37039), pp. 120–130. IEEE (1999)
Mouchet, M., Vaton, S., Chonavel, T.: Statistical characterization of round-trip times with nonparametric hidden Markov models. In: 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM), pp. 43–48. IEEE (2019)
Mouchet, M., Vaton, S., Chonavel, T., Aben, E., Den Hertog, J.: Large-scale characterization and segmentation of internet path delays with infinite HMMs. IEEE Access 8, 16771–16784 (2020)
Murdock, K., Oswald, D., Garcia, F.D., Van Bulck, J., Gruss, D., Piessens, F.: Plundervolt: software-based fault injection attacks against intel SGX. In: 2020 IEEE Symposium on Security and Privacy (SP), pp. 1466–1482. IEEE (2020)
Nakamoto, S.: Bitcoin: A Peer-to-peer Electronic Cash System. Decentralized Business Review, p. 21260 (2008)
Natoli, C., Gramoli, V.: The blockchain anomaly. In: 2016 IEEE 15th International Symposium on Network Computing and Applications (NCA), pp. 310–317. IEEE (2016)
Pease, M., Shostak, R., Lamport, L.: Reaching agreement in the presence of faults. J. ACM 27(2), 228–234 (1980)
Qin, K., Zhou, L., Gervais, A.: Quantifying blockchain extractable value: how dark is the forest? In: 2022 IEEE Symposium on Security and Privacy (SP), pp. 198–214 (2022)
Rezende, T.F., Sutra, P.: Leaderless state-machine replication: specification, properties, limits. In: 34th International Symposium on Distributed Computing (DISC 2020), volume 179 of Leibniz International Proceedings in Informatics (LIPIcs), pp. 24:1–24:17 (2020)
Sabt, M., Achemlal, M., Bouabdallah, A.: Trusted execution environment: what it is, and what it is not. In: 2015 IEEE Trustcom/BigDataSE/Ispa, vol. 1, pp. 57–64. IEEE (2015)
Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)
Stathakopoulou, C., Rüsch, S., Brandenburger, M., Vukolić, M.: Adding fairness to order: preventing front-running attacks in BFT protocols using tees. In: 2021 40th International Symposium on Reliable Distributed Systems (SRDS), pp. 34–45. IEEE (2021)
Wang, X., Reiter, M.K.: Defending against denial-of-service attacks with puzzle auctions. In: 2003 Symposium on Security and Privacy, 2003, pp. 78–92. IEEE (2003)
Wood, G., et al.: Ethereum: a secure decentralised generalised transaction ledger. Ethereum Proj. Yellow Pap. 151(2014), 1–32 (2014)
Wu, Y., Zhao, Z., Bao, F., Deng, R.H.: Software puzzle: a countermeasure to resource-inflated denial-of-service attacks. IEEE Trans. Inf. Forensics Secur. 10(1), 168–177 (2014)
Yin, M., Malkhi, D., Reiter, M.K., Gueta, G.G., Abraham, I.: Hotstuff: BFT consensus with linearity and responsiveness. In: Proceedings of the 2019 ACM Symposium on Principles of Distributed Computing, pp. 347–356 (2019)
Zarbafian, P., Gramoli, V.: Lyra: fast and scalable resilience to reordering attacks in blockchains. In: 2023 IEEE International Parallel & Distributed Processing Symposium. IEEE (2023)
Zhang, J., et al.: TBFT: efficient byzantine fault tolerance using trusted execution environment. In: ICC 2022 - IEEE International Conference on Communications, pp. 1004–1009 (2022)
Zhang, Y., Zhao, M., Li, T., Han, H.: Survey of attacks and defenses against SGX. In: 2020 IEEE 5th Information Technology and Mechatronics Engineering Conference (ITOEC), pp. 1492–1496. IEEE (2020)
Zhang, Y., Setty, S., Chen, Q., Zhou, L., Alvisi, L.: Byzantine ordered consensus without byzantine oligarchy. In: Proceedings of the 14th USENIX Conference on Operating Systems Design and Implementation, pp. 633–649 (2020)
Acknowledgements
This work is supported in part by the Australian Research Council Future Fellowship funding scheme (#180100496).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Zarbafian, P., Gramoli, V. (2024). Aion: Secure Transaction Ordering Using TEEs. In: Tsudik, G., Conti, M., Liang, K., Smaragdakis, G. (eds) Computer Security – ESORICS 2023. ESORICS 2023. Lecture Notes in Computer Science, vol 14347. Springer, Cham. https://doi.org/10.1007/978-3-031-51482-1_17
Download citation
DOI: https://doi.org/10.1007/978-3-031-51482-1_17
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-51481-4
Online ISBN: 978-3-031-51482-1
eBook Packages: Computer ScienceComputer Science (R0)