Abstract
Attribute-based encryption (ABE) is a cryptographic mechanism that provides fine-grained access control to encrypted data, which can thus be stored in, e.g., public clouds. However, ABE schemes lack the notion of obligations, which is common in attribute-based access control systems such as eXtensible Access Control Markup Language and Usage Control. Obligations are used to define and enforce extra constraints that happen before approving or denying an access request. In this paper, we propose OB-ABE, a system for extending any classical ABE with enforceable obligations. Our system architecture has as core component trusted hardware enclaves, implemented with SGX, used for enforcing obligations. We employ ProVerif to formally model OB-ABE and verify its main property called “enforceable obligations,” i.e., if a message is encrypted along with an obligation, then the message can be decrypted only after enforcing the attached obligation. OB-ABE has two more properties: (i) OB-ABE is a “conservative extension” of the underlying ABE scheme, preserving its security properties; (ii) OB-ABE is “backward compatible” in the sense that any ciphertext produced by an ABE scheme can be decrypted by its extended OB-ABE version, and moreover, a ciphertext produced by an OB-ABE scheme can be decrypted by its underlying ABE scheme provided that the ciphertext does not have obligations attached. We also implement in C using Intel SGX a prototype of an OB-ABE extending the well-known ciphertext-policy ABE.
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00317-1/MediaObjects/13389_2023_317_Fig1_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00317-1/MediaObjects/13389_2023_317_Fig2_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00317-1/MediaObjects/13389_2023_317_Fig3_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00317-1/MediaObjects/13389_2023_317_Fig4_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00317-1/MediaObjects/13389_2023_317_Fig5_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00317-1/MediaObjects/13389_2023_317_Fig6_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00317-1/MediaObjects/13389_2023_317_Fig7_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00317-1/MediaObjects/13389_2023_317_Fig8_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00317-1/MediaObjects/13389_2023_317_Fig9_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs13389-023-00317-1/MediaObjects/13389_2023_317_Fig10_HTML.png)
Similar content being viewed by others
Notes
EU Horizon 2020 ECSEL Joint Undertaking project SCOTT—Secure COnnected Trustable Things (https://scottproject.eu/).
This can be done in various ways, e.g., in our implementation, we use the file extension, e.g., a ciphertext having the .obabe extension has obligations (the .cpabe extension is used for ciphertexts without obligations). Note that there is no reason for an adversary to manipulate the file extension because she would not gain the plaintext as the SGX would not perform the decryption.
Having the same length for different obligations can be achieved in various ways, e.g., (i) considering the same length for all obligations and using padding for those that consume less space; or (ii) having a table of obligations–codes inside the SGX and attaching only the code of obligations when encrypting a plaintext along with obligations.
References
Abadi, M., Blanchet, B., Comon-Lundh, H.: Models and proofs of protocol security: a progress report. In: Computer Aided Verification, Lecture Notes in Computer Science, vol. 5643, pp. 35–49. Springer, Berlin, Heidelberg (2009). https://doi.org/10.1007/978-3-642-02658-4_5
Abadi, M., Blanchet, B., Fournet, C.: The applied pi calculus: mobile values, new names, and secure communication. J. ACM (JACM) 65(1), 1–41 (2017). https://doi.org/10.1145/3127586
Abadi, M., Fournet, C.: Mobile Values, New Names, and Secure Communication. In: Proceedings of the 28th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, POPL ’01, vol. 36, pp. 104-115. ACM, New York, NY, USA (2001). https://doi.org/10.1145/360204.360213
Abdalla, M., Bellare, M.: Increasing the Lifetime of a Key: A Comparative Analysis of the Security of Re-keying Techniques. In: T. Okamoto (ed.) Advances in Cryptology — ASIACRYPT 2000, Lecture Notes in Computer Science, vol. 1976, pp. 546–559. Springer, Berlin, Heidelberg (2000). https://doi.org/10.1007/3-540-44448-3_42
Afshar, M., Samet, S., Hu, T.: An attribute based access control framework for healthcare system. J. Phys. Conf. Ser. 933, 012020 (2017). https://doi.org/10.1088/1742-6596/933/1/012020
Agrawal, S., Chase, M.: Fame: Fast attribute-based message encryption. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS ’17, p. 665-682. Association for Computing Machinery, New York, NY, USA (2017). https://doi.org/10.1145/3133956.3134014
Al-Issa, Y., Ottom, M.A., Tamrawi, A.: eHealth cloud security challenges: a survey. J. Healthc. Eng. 2019, 1–15 (2019). https://doi.org/10.1155/2019/7516035
Alder, F., Asokan, N., Kurnikov, A., Paverd, A., Steiner, M.: S-FaaS: Trustworthy and Accountable Function-as-a-Service using Intel SGX. In: Proceedings of the 2019 ACM SIGSAC Conference on Cloud Computing Security Workshop, pp. 185–199. ACM, New York, NY, USA (2019). https://doi.org/10.1145/3338466.3358916
Arnautov, S., Brito, A., Felber, P., Fetzer, C., Gregor, F., Krahn, R., Ozga, W., Martin, A., Schiavoni, V., Silva, F., Tenorio, M., Thummel, N.: PubSub-SGX: Exploiting trusted execution environments for privacy-preserving publish/subscribe systems. In: 37th Symposium on Reliable Distributed Systems (SRDS), pp. 123–132. IEEE Computer Society, Salvador, Brazil (2018). https://doi.org/10.1109/SRDS.2018.00023
Attrapadung, N., Imai, H.: Attribute-based encryption supporting direct/indirect revocation modes. In: Parker, M.G. (ed.) Cryptography and Coding, Lecture Notes in Computer Science, vol. 5921, pp. 278–300. Springer (2009). https://doi.org/10.1007/978-3-642-10868-6_17
Attrapadung, N., Imai, H.: Conjunctive Broadcast and Attribute-Based Encryption. In: H. Shacham, B. Waters (eds.) Pairing-Based Cryptography – Pairing 2009, Lecture Notes in Computer Science, vol. 5671, pp. 248–265. Springer (2009). https://doi.org/10.1007/978-3-642-03298-1_16
Baden, R., Bender, A., Spring, N., Bhattacharjee, B., Starin, D.: Persona: an online social network with user-defined privacy. In: Proceedings of the ACM SIGCOMM 2009 conference on Data communication, pp. 135–146. ACM, New York, NY, USA (2009). https://doi.org/10.1145/1594977.1592585
Barua, M., Lu, R., Shen, X.: SPS: Secure personal health information sharing with patient-centric access control in cloud computing. In: IEEE Global Communications Conference (GLOBECOM), pp. 647–652. IEEE, Atlanta, GA, USA (2013). https://doi.org/10.1109/GLOCOM.2013.6831145
Beckert, B., Hähnle, R., Schmitt, P.H.: Verification of object-oriented software. The KeY Approach. Springer, Berlin, Heidelberg (2007). https://doi.org/10.1007/978-3-540-69061-0
Bertino, E., Bonatti, P.A., Ferrari, E.: TRBAC: a temporal role-based access control model. ACM Trans. Inf. Syst. Security (TISSEC) 4(3), 191–233 (2001). https://doi.org/10.1145/501978.501979
Bethencourt, J., Sahai, A., Waters, B.: Ciphertext-Policy Attribute-Based Encryption. In: IEEE symposium on security and privacy (SP’07), pp. 321–334. IEEE, Berkeley, CA, USA (2007). https://doi.org/10.1109/SP.2007.11
Blanchet, B., Abadi, M., Fournet, C.: Automated verification of selected equivalences for security protocols. J. Logic Algebraic Program. 75(1), 3–51 (2008). https://doi.org/10.1016/j.jlap.2007.06.002
Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Annual International Cryptology Conference, pp. 213–229. Springer, Berlin, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_13
Brasser, F., Capkun, S., Dmitrienko, A., Frassetto, T., Kostiainen, K., Sadeghi, A.R.: DR. SGX: automated and adjustable side-channel protection for SGX using data location randomization. In: Proceedings of the 35th Annual Computer Security Applications Conference, pp. 788–800. ACM, New York, NY, USA (2019). https://doi.org/10.1145/3359789.3359809
Brasser, F., Müller, U., Dmitrienko, A., Kostiainen, K., Capkun, S., Sadeghi, A.: Software grand exposure: SGX cache attacks are practical. In: WOOT, pp. 1–12. USENIX Association, VANCOUVER, BC, CANADA (2017). https://www.usenix.org/system/files/conference/woot17/woot17-paper-brasser.pdf
Brenner, S., Hundt, T., Mazzeo, G., Kapitza, R.: Secure cloud micro services using Intel SGX. In: IFIP International Conference on Distributed Applications and Interoperable Systems, pp. 177–191. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-59665-5_13
Brenner, S., Wulf, C., Goltzsche, D., Weichbrodt, N., Lorenz, M., Fetzer, C., Pietzuch, P., Kapitza, R.: SecureKeeper: confidential ZooKeeper using Intel SGX. In: Middleware Conference, p. 14. ACM, New York, NY, USA (2016). https://doi.org/10.1145/2988336.2988350
Bulck, J.V., Minkin, M., Weisse, O., Genkin, D., Kasikci, B., Piessens, F., Silberstein, M., Wenisch, T.F., Yarom, Y., Strackx, R.: Foreshadow: extracting the keys to the intel SGX kingdom with transient out-of-order execution. In: USENIX Security Symposium, pp. 991–1008. USENIX Association, BALTIMORE, MD, USA (2018)
Bulck, J.V., Oswald, D.F., Marin, E., Aldoseri, A., Garcia, F.D., Piessens, F.: A tale of two worlds: assessing the vulnerability of enclave shielding runtimes. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, CCS ’19, p. 1741-1758. ACM, New York, NY, USA (2019). https://doi.org/10.1145/3319535.3363206
Bulck, J.V., Piessens, F., Strackx, R.: SGX-Step: a practical attack framework for precise enclave execution control. In: SysTEX@SOSP, SysTEX’17, pp. 4:1–4:6. ACM, New York, NY, USA (2017). https://doi.org/10.1145/3152701.3152706
Bulck, J.V., Weichbrodt, N., Kapitza, R., Piessens, F., Strackx, R.: Telling your secrets without page faults: stealthy page table-based attacks on enclaved execution. In: USENIX Security Symposium, pp. 1041–1056. USENIX Association, VANCOUVER, BC, CANADA (2017). https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-van_bulck.pdf
Chandra, S., Karande, V., Lin, Z., Khan, L., Kantarcioglu, M., Thuraisingham, B.M.: Securing data analytics on SGX with randomization. In: ESORICS (1), Lecture Notes in Computer Science, vol. 10492, pp. 352–369. Springer (2017). https://doi.org/10.1007/978-3-319-66402-6_21
Chen, F., Wang, C., Dai, W., Jiang, X., Mohammed, N., Al Aziz, M.M., Sadat, M.N., Sahinalp, C., Lauter, K., Wang, S.: PRESAGE: privacy-preserving genetic testing via software guard extension. BMC Med. Genom. 10(2), 48 (2017). https://doi.org/10.1186/s12920-017-0281-2
Chen, G., Chen, S., Xiao, Y., Zhang, Y., Lin, Z., Lai, T.: Sgxpectre: stealing intel secrets from SGX enclaves via speculative execution. IEEE Secur. Priv. 18(3), 28–37 (2020). https://doi.org/10.1109/MSEC.2019.2963021
Chen, G., Wang, W., Chen, T., Chen, S., Zhang, Y., Wang, X., Lai, T., Lin, D.: Racing in hyperspace: closing hyper-threading side channels on SGX with contrived data races. In: IEEE Symposium on Security and Privacy, pp. 178–194. IEEE Computer Society, San Francisco, CA, USA (2018). https://doi.org/10.1109/SP.2018.00024
Chen, S., Zhang, X., Reiter, M.K., Zhang, Y.: Detecting privileged side-channel attacks in shielded execution with Déjà Vu. In: AsiaCCS, ASIA CCS ’17, pp. 7–18. ACM, New York, NY, USA (2017). https://doi.org/10.1145/3052973.3053007
Cheng, R., Zhang, F., Kos, J., He, W., Hynes, N., Johnson, N., Juels, A., Miller, A., Song, D.: Ekiden: A platform for confidentiality-preserving, trustworthy, and performant smart contracts. In: 2019 IEEE European Symposium on Security and Privacy (EuroS &P), pp. 185–200. IEEE, Stockholm, Sweden (2019). https://doi.org/10.1109/EuroSP.2019.00023
Coppolino, L., D’Antonio, S., Mazzeo, G., Romano, L.: A comparative analysis of emerging approaches for securing java software with Intel SGX. Futur. Gener. Comput. Syst. 97, 620–633 (2019). https://doi.org/10.1016/j.future.2019.03.018
Dall, F., Micheli, G.D., Eisenbarth, T., Genkin, D., Heninger, N., Moghimi, A., Yarom, Y.: CacheQuote: efficiently recovering long-term secrets of SGX EPID via cache attacks. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2018(2), 171–191 (2018). https://doi.org/10.13154/tches.v2018.i2.171-191
Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The Ponder Policy Specification Language. In: POLICY, Lecture Notes in Computer Science, vol. 1995, pp. 18–38. Springer, Baltimore, Maryland, USA (2001). https://doi.org/10.1007/3-540-44569-2_2
Desharnais, J., Möller, B., Struth, G.: Kleene algebra with domain. ACM Trans. Comput. Logic (TOCL) 7(4), 798–833 (2006). https://doi.org/10.1145/1183278.1183285
Eskandarian, S., Cogan, J., Birnbaum, S., Brandon, P.C.W., Franke, D., Fraser, F., Garcia, G., Gong, E., Nguyen, H.T., Sethi, T.K., et al.: Fidelius: Protecting user secrets from compromised browsers. In: 2019 IEEE Symposium on Security and Privacy (SP), pp. 264–280. IEEE, San Francisco, CA, USA (2019). https://doi.org/10.1109/SP.2019.00036
Evtyushkin, D., Riley, R., Abu-Ghazaleh, N.B., Ponomarev, D.: BranchScope: a new side-channel attack on directional branch predictor. In: ASPLOS, ASPLOS ’18, pp. 693–707. ACM, Williamsburg, VA, USA (2018). https://doi.org/10.1145/3173162.3173204
Ferguson, D., Albright, Y., Lomsak, D., Hanks, T., Orr, K., Ligatti, J.: PoCo: a language for specifying obligation-based policy compositions. In: Proceedings of the 2020 9th International Conference on Software and Computer Applications, ICSCA 2020, p. 331-338. Association for Computing Machinery, New York, NY, USA (2020). https://doi.org/10.1145/3384544.3384585
Fisch, B., Vinayagamurthy, D., Boneh, D., Gorbunov, S.: Iron: functional encryption using Intel SGX. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS ’17, pp. 765–782. ACM, Dallas, Texas, USA (2017). https://doi.org/10.1145/3133956.3134106
Fu, Y., Bauman, E., Quinonez, R., Lin, Z.: Sgx-Lapd: thwarting controlled side channel attacks via enclave verifiable page faults. In: RAID, Lecture Notes in Computer Science, vol. 10453, pp. 357–380. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66332-6_16
Gabbay, D., Horty, J., Parent, X., van der Meyden, R., van der Torre, L.: Handbook of Deontic Logic and Normative Systems. College Publication, Milton Keynes (2013)
Götzfried, J., Eckert, M., Schinzel, S., Müller, T.: Cache attacks on Intel SGX. In: Proceedings of the 10th European Workshop on Systems Security, EuroSec’17, pp. 1–6. ACM, Belgrade, Serbia (2017). https://doi.org/10.1145/3065913.3065915
Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS ’06, pp. 89–98. ACM, Alexandria, Virginia, USA (2006). https://doi.org/10.1145/1180405.1180418
Gruss, D., Lettner, J., Schuster, F., Ohrimenko, O., Haller, I., Costa, M.: Strong and efficient cache side-channel protection using hardware transactional memory. In: USENIX Security Symposium, pp. 217–233. USENIX Association, VANCOUVER, BC, CANADA (2017). https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-gruss.pdf
Gyselinck, J., Bulck, J.V., Piessens, F., Strackx, R.: Off-Limits: Abusing legacy x86 memory segmentation to spy on enclaved execution. In: ESSoS, Lecture Notes in Computer Science, vol. 10953, pp. 44–60. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-94496-8_4
Harel, D., Tiuryn, J., Kozen, D.: Dynamic Logic. MIT Press, Cambridge (2000)
Hathaliya, J.J., Tanwar, S.: An exhaustive survey on security and privacy issues in Healthcare 4.0. Comput. Commun. 153, 311–335 (2020). https://doi.org/10.1016/j.comcom.2020.02.018
Havet, A., Pires, R., Felber, P., Pasin, M., Rouvoy, R., Schiavoni, V.: Securestreams: A reactive middleware framework for secure data stream processing. In: Proceedings of the 11th ACM International Conference on Distributed and Event-based Systems, DEBS ’17, pp. 124–133. ACM, Barcelona, Spain (2017). https://doi.org/10.1145/3093742.3093927
Hilty, M., Basin, D.A., Pretschner, A.: On Obligations. In: ESORICS, Lecture Notes in Computer Science, vol. 3679, pp. 98–117. Springer, Berlin, Heidelberg (2005). https://doi.org/10.1007/11555827_7
Hilty, M., Pretschner, A., Basin, D.A., Schaefer, C., Walter, T.: A policy language for distributed usage control. In: ESORICS, Lecture Notes in Computer Science, vol. 4734, pp. 531–546. Springer, Dresden, Germany (2007). https://doi.org/10.1007/978-3-540-74835-9_35
Hosseinzadeh, S., Liljestrand, H., Leppänen, V., Paverd, A.: Mitigating branch-shadowing attacks on intel SGX using control flow randomization. In: Proceedings of the 3rd Workshop on System Software for Trusted Execution, SysTEX ’18, p. 42-47. Association for Computing Machinery, New York, NY, USA (2018). https://doi.org/10.1145/3268935.3268940
Hu, V.C., Ferraiolo, D., Kuhn, R., Schnitzer, A., Sandlin, K., Miller, R., Scarfone, K.: Guide to attribute based access control (ABAC) definition and considerations. NIST Spec. Publ. (SP) 800(162), 1–47 (2014). https://doi.org/10.6028/NIST.SP.800-162
Huo, T., Meng, X., Wang, W., Hao, C., Zhao, P., Zhai, J., Li, M.: Bluethunder: a 2-level directional predictor based side-channel attack against SGX. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2020(1), 321–347 (2020). https://doi.org/10.13154/tches.v2020.i1.321-347
Iannella, R.: The open digital rights language: XML for digital rights management. Inf. Secur. Tech. Rep. 9(3), 47–55 (2004). https://doi.org/10.1016/S1363-4127(04)00031-7
Irwin, K., Yu, T., Winsborough, W.H.: On the modeling and analysis of obligations. In: CCS, CCS ’06, pp. 134–143. ACM, Alexandria, Virginia, USA (2006). https://doi.org/10.1145/1180405.1180423
Jiang, Y., Susilo, W., Mu, Y., Guo, F.: Ciphertext-policy attribute-based encryption against key-delegation abuse in fog computing. Fut. Gener. Comput. Syst. 78, 720–729 (2018). https://doi.org/10.1016/j.future.2017.01.026
Kagal, L., Finin, T.W., Joshi, A.: A Policy Language for a Pervasive Computing Environment. In: POLICY, p. 63. IEEE Computer Society, Lake Como, Italy (2003). https://doi.org/10.1109/POLICY.2003.1206958
Kim, D., Jang, D., Park, M., Jeong, Y., Kim, J., Choi, S., Kang, B.B.: SGX-LEGO: fine-grained SGX controlled-channel attack and its countermeasure. Comput. Secur. 82, 118–139 (2019). https://doi.org/10.1016/j.cose.2018.12.001
Klooß, M., Lehmann, A., Rupp, A.: (R)CCA Secure updatable encryption with integrity protection. In: Y. Ishai, V. Rijmen (eds.) Advances in Cryptology – EUROCRYPT 2019, pp. 68–99. Springer International Publishing (2019). https://doi.org/10.1007/978-3-030-17653-2_3
Kocher, P., Horn, J., Fogh, A., Genkin, D., Gruss, D., Haas, W., Hamburg, M., Lipp, M., Mangard, S., Prescher, T., et al.: Spectre attacks: exploiting speculative execution. In: IEEE Symposium on Security and Privacy, pp. 1–19. IEEE, San Francisco, CA, USA (2019). https://doi.org/10.1109/SP.2019.00002
Koruyeh, E.M., Khasawneh, K.N., Song, C., Abu-Ghazaleh, N.B.: Spectre Returns! Speculation Attacks using the Return Stack Buffer. In: 12th USENIX Workshop on Offensive Technologies (WOOT 18), pp. 1–12. USENIX Association, BALTIMORE, MD, USA (2018). https://www.usenix.org/system/files/conference/woot18/woot18-paper-koruyeh.pdf
Kozen, D.: A completeness theorem for Kleene algebras and the algebra of regular events. Inf. Comput. 110(2), 366–390 (1994). https://doi.org/10.1006/inco.1994.1037
Kozen, D.: Kleene algebra with tests. ACM Trans. Program. Lang. Syst. (TOPLAS) 19(3), 427–443 (1997). https://doi.org/10.1145/256167.256195
Lai, J., Deng, R.H., Li, Y.: Expressive CP-ABE with partially hidden access structures. In: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, ASIACCS ’12, p. 18-19. Association for Computing Machinery, New York, NY, USA (2012). https://doi.org/10.1145/2414456.2414465
Lambert, C., Fernandes, M., Decouchant, J., Esteves-Verissimo, P.: MaskAl: privacy preserving masked reads alignment using intel SGX. In: 37th Symposium on Reliable Distributed Systems (SRDS), pp. 113–122. IEEE, Salvador, Brazil (2018). https://doi.org/10.1109/SRDS.2018.00022
Lee, S., Shih, M., Gera, P., Kim, T., Kim, H., Peinado, M.: Inferring fine-grained control flow inside SGX enclaves with branch shadowing. In: USENIX Security Symposium, pp. 557–574. USENIX Association, VANCOUVER, BC, CANADA (2017). https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-lee-sangho.pdf
Lehmann, A., Tackmann, B.: Updatable encryption with post-compromise security. In: Nielsen, J.B., Rijmen, V. (eds.) Advances in Cryptology – EUROCRYPT 2018, Lecture Notes in Computer Science, vol. 10822, pp. 685–716. Springer International Publishing (2018). https://doi.org/10.1007/978-3-319-78372-7_22
Li, J., Zhang, Y., Chen, X., Xiang, Y.: Secure attribute-based data sharing for resource-limited users in cloud computing. Comput. Secur. 72, 1–12 (2018). https://doi.org/10.1016/j.cose.2017.08.007
Li, M., Yu, S., Zheng, Y., Ren, K., Lou, W.: Scalable and secure sharing of personal health records in cloud computing using attribute-based encryption. IEEE Trans. Parallel Distrib. Syst. 24(1), 131–143 (2013). https://doi.org/10.1109/TPDS.2012.97
Li, N., Chen, H., Bertino, E.: On practical specification and enforcement of obligations. In: CODASPY, pp. 71–82. ACM, San Antonio Texas, USA (2012). https://doi.org/10.1145/2133601.2133611
Li, Q., Xia, B., Huang, H., Zhang, Y., Zhang, T.: TRAC: traceable and revocable access control scheme for mHealth in 5G-enabled IIoT. IEEE Trans. Industr. Inf. 18(5), 3437–3448 (2022). https://doi.org/10.1109/TII.2021.3109090
Li, X., Jiang, P., Chen, T., Luo, X., Wen, Q.: A survey on the security of blockchain systems. Futur. Gener. Comput. Syst. 107, 841–853 (2020). https://doi.org/10.1016/j.future.2017.08.020
Liu, J., Huang, X., Liu, J.K.: Secure sharing of personal health records in cloud computing: ciphertext-policy attribute-based signcryption. Future Gener. Comput. Syst. 52, 67–76 (2015). https://doi.org/10.1016/j.future.2014.10.014
Liu, Z., Cao, Z., Wong, D.S.: Blackbox traceable CP-ABE: how to catch people leaking their keys by selling decryption devices on ebay. In: CCS, pp. 475–486. ACM (2013). https://doi.org/10.1145/2508859.2516683
Liu, Z., Cao, Z., Wong, D.S.: White-box traceable ciphertext-policy attribute-based encryption supporting any monotone access structures. IEEE Trans. Inf. Forensics Secur. 8(1), 76–88 (2013). https://doi.org/10.1109/TIFS.2012.2223683
Liu, Z., Ding, Y., Yuan, M., Wang, B.: Black-box accountable authority CP-ABE scheme for cloud-assisted e-health system. IEEE Syst. J. (2022). https://doi.org/10.1109/JSYST.2022.3175244
Lockhart, H., Campbell, B.: Security assertion markup language (SAML) v2.0 technical overview. OASIS Comm. Draft 2, 94–106 (2008)
Matetic, S., Ahmed, M., Kostiainen, K., Dhar, A., Sommer, D.M., Gervais, A., Juels, A., Capkun, S.: ROTE: Rollback Protection for Trusted Execution. In: USENIX Security Symposium, pp. 1289–1306. USENIX Association, VANCOUVER, BC, CANADA (2017)
McKeen, F., Alexandrovich, I., Berenzon, A., Rozas, C.V., Shafi, H., Shanbhogue, V., Savagaonkar, U.R.: Innovative instructions and software model for isolated execution. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, HASP ’13. ACM, Tel-Aviv, Israel (2013). https://doi.org/10.1145/2487726.2488368
Meddah, N., Jebrane, A., Toumanari, A.: Scalable lightweight ABAC scheme for secure sharing PHR in cloud computing. In: International Conference on Advanced Information Technology, Services and Systems, pp. 333–346. Springer, Tangier, Morocco (2017). https://doi.org/10.1007/978-3-319-69137-4_30
Meyer, J.J.C.: A different approach to deontic logic: deontic logic viewed as a variant of dynamic logic. Notre Dame J. Formal Logic 29(1), 109–136 (1988). https://doi.org/10.1305/ndjfl/1093637776
Moghimi, A., Irazoqui, G., Eisenbarth, T.: CacheZoom: how SGX amplifies the power of cache attacks. In: CHES, Lecture Notes in Computer Science, vol. 10529, pp. 69–90. Springer, Taipei, Taiwan (2017). https://doi.org/10.1007/978-3-319-66787-4_4
Mokhtar, S.B., Boutet, A., Felber, P., Pasin, M., Pires, R., Schiavoni, V.: X-search: revisiting private web search using Intel SGX. In: Middleware Conference, Middleware ’17, pp. 198–208. ACM, Las Vegas, Nevada (2017). https://doi.org/10.1145/3135974.3135987
Mukherjee, S., Ray, I., Ray, I., Shirazi, H., Ong, T., Kahn, M.G.: Attribute based access control for healthcare resources. In: Proceedings of the 2nd ACM Workshop on Attribute-Based Access Control, ABAC ’17, pp. 29–40. ACM, Scottsdale, Arizona, USA (2017). https://doi.org/10.1145/3041048.3041055
Murdock, K., Oswald, D., Garcia, F.D., Van Bulck, J., Gruss, D., Piessens, F.: Plundervolt: Software-based fault injection attacks against Intel SGX. In: 2020 IEEE Symposium on Security and Privacy (SP), pp. 1466–1482. IEEE, San Francisco, CA, USA (2020). https://doi.org/10.1109/SP40000.2020.00057
Ni, Q., Bertino, E., Lobo, J.: An obligation model bridging access control policies and privacy policies. In: SACMAT, SACMAT ’08, pp. 133–142. ACM, Estes Park, CO, USA (2008). https://doi.org/10.1145/1377836.1377857
Ni, Q., Bertino, E., Lobo, J., Calo, S.B.: Privacy-aware role-based access control. IEEE Secur. Priv. 7(4), 35–43 (2009). https://doi.org/10.1109/MSP.2009.102
Nilsson, A., Bideh, P.N., Brorsson, J.: A Survey of Published Attacks on Intel SGX. (2020) CoRR ArXiv:2006.13598
Ning, J., Dong, X., Cao, Z., Wei, L., Lin, X.: White-box traceable ciphertext-policy attribute-based encryption supporting flexible attributes. IEEE Trans. Inf. Forensics Secur. 10(6), 1274–1288 (2015). https://doi.org/10.1109/TIFS.2015.2405905
Nishide, T., Yoneyama, K., Ohta, K.: Attribute-based encryption with partially hidden encryptor-specified access structures. In: Bellovin, S.M., Gennaro, R., Keromytis, A., Yung, M. (eds.) Applied Cryptography and Network Security, Lecture Notes in Computer Science, vol. 5037, pp. 111–129. Springer Berlin Heidelberg (2008). https://doi.org/10.1007/978-3-540-68914-0_7
Nishimaki, R.: The direction of updatable encryption does matter. In: Hanaoka, G., Shikata, J., Watanabe, Y. (eds.) Public-Key Cryptography – PKC 2022, pp. 194–224. Springer International Publishing (2022). https://doi.org/10.1007/978-3-030-97131-1_7
Ohrimenko, O., Schuster, F., Fournet, C., Mehta, A., Nowozin, S., Vaswani, K., Costa, M.: Oblivious multi-party machine learning on trusted processors. In: USENIX Security Symposium, pp. 619–636. USENIX Association, Austin, TX (2016)
Oleksenko, O., Trach, B., Krahn, R., Silberstein, M., Fetzer, C.: Varys: Protecting SGX enclaves from practical side-channel attacks. In: USENIX Annual Technical Conference, pp. 227–240. USENIX Association, BOSTON, MA, USA (2018)
Osvik, D.A., Shamir, A., Tromer, E.: Cache attacks and countermeasures: the case of AES. In: Pointcheval, D. (ed.) Topics in Cryptology – CT-RSA 2006, pp. 1–20. Springer Berlin Heidelberg, Berlin, Heidelberg (2006). https://doi.org/10.1007/11605805_1
Parducci, B., Lockhart, H., Rissanen, E.: Extensible access control markup language (XACML) version 3.0. OASIS Standard 2013(1), 1–154 (2013)
Park, J.: Usage control: A unified framework for next generation access control. Ph.D. thesis, George Mason University Virginia (2003)
Park, J., Sandhu, R.: The UCON ABC usage control model. ACM Trans. Inf. Syst. Secur. (TISSEC) 7(1), 128–174 (2004). https://doi.org/10.1145/984334.984339
Picazo-Sanchez, P., Pardo, R., Schneider, G.: Secure photo sharing in social networks. In: IFIP International Conference on ICT Systems Security and Privacy Protection, pp. 79–92. Springer, Rome, Italy (2017). https://doi.org/10.1007/978-3-319-58469-0_6
Pires, R., Goltzsche, D., Mokhtar, S.B., Bouchenak, S., Boutet, A., Felber, P., Kapitza, R., Pasin, M., Schiavoni, V.: CYCLOSA: decentralizing private web search through SGX-based browser extensions. In: 38th International Conference on Distributed Computing Systems (ICDCS), pp. 467–477. IEEE, Vienna, Austria (2018). https://doi.org/10.1109/ICDCS.2018.00053
Prisacariu, C., Schneider, G.: A dynamic deontic logic for complex contracts. J. Logic Algebraic Program. 81(4), 458–490 (2012). https://doi.org/10.1016/j.jlap.2012.03.003
Qiang, W., Dong, Z., Jin, H.: Se-Lambda: Securing privacy-sensitive serverless applications using SGX enclave. In: International Conference on Security and Privacy in Communication Systems, pp. 451–470. Springer, Singapore, Singapore (2018). https://doi.org/10.1007/978-3-030-01701-9_25
Ragab, H., Milburn, A., Razavi, K., Bos, H., Giuffrida, C.: CrossTalk: speculative data leaks across cores are real. In: IEEE Symposium on Security and Privacy, pp. 1–16. IEEE, Online (2021). https://download.vusec.net/papers/crosstalk_sp21.pdf
Ray, I., Alangot, B., Nair, S., Achuthan, K.: Using attribute-based access control for remote healthcare monitoring. In: International Conference on Software Defined Systems (SDS), pp. 137–142. IEEE, Valencia, Spain (2017). https://doi.org/10.1109/SDS.2017.7939154
Ray, I., Ong, T.C., Ray, I., Kahn, M.G.: Applying attribute based access control for privacy preserving health data disclosure. In: IEEE-EMBS International Conference on Biomedical and Health Informatics (BHI), pp. 1–4. IEEE, Las Vegas, NV, USA (2016). https://doi.org/10.1109/BHI.2016.7455820
Ribeiro, C., Zuquete, A., Ferreira, P., Guedes, P.: SPL: an access control language for security policies and complex constraints. In: NDSS, pp. 1–19. The Internet Society, San Diego, California (2001). https://www.ndss-symposium.org/wp-content/uploads/2017/09/SPL-An-Access-Control-Language-for-Security-Policies-and-Complex-Constraints-Carlos-Riberio.pdf
Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp. 457–473. Springer, Aarhus, Denmark (2005). https://doi.org/10.1007/11426639_27
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 29(2), 38–47 (1996). https://doi.org/10.1109/2.485845
Sartakov, V., Weichbrodt, N., Krieter, S., Leich, T., Kapitza, R.: STANlite–a database engine for secure data processing at rack-scale level. In: International Conference on Cloud Engineering (IC2E), pp. 23–33. IEEE, Orlando, FL, USA (2018). https://doi.org/10.1109/IC2E.2018.00024
Sasy, S., Gorbunov, S., Fletcher, C.W.: ZeroTrace : Oblivious memory primitives from intel SGX. In: NDSS, pp. 1–15. The Internet Society, San Diego, CA, USA (2018). https://doi.org/10.14722/ndss.2018.23239
van Schaik, S., Kwong, A., Genkin, D., Yarom, Y.: SGAxe: How SGX fails in practice (2020). https://sgaxe.com/files/SGAxe.pdf
van Schaik, S., Milburn, A., Österlund, S., Frigo, P., Maisuradze, G., Razavi, K., Bos, H., Giuffrida, C.: RIDL: rogue in-flight data load. In: IEEE Symposium on Security and Privacy, pp. 88–105. IEEE, San Francisco, CA, USA (2019). https://doi.org/10.1109/SP.2019.00087
van Schaik, S., Minkin, M., Kwong, A., Genkin, D., Yarom, Y.: CacheOut: leaking data on intel cpus via cache evictions. In: IEEE Symposium on Security and Privacy, pp. 339–354. IEEE (2021). https://doi.org/10.1109/SP40001.2021.00064
Schuster, F., Costa, M., Fournet, C., Gkantsidis, C., Peinado, M., Mainar-Ruiz, G., Russinovich, M.: VC3: trustworthy data analytics in the cloud using SGX. In: IEEE Symposium on Security and Privacy, pp. 38–54. IEEE Computer Society, San Jose, CA, USA (2015). https://doi.org/10.1109/SP.2015.10
Schwarz, M., Lipp, M., Moghimi, D., Bulck, J.V., Stecklina, J., Prescher, T., Gruss, D.: ZombieLoad: cross-privilege-boundary data sampling. In: CCS, CCS ’19, pp. 753–768. ACM, London, United Kingdom (2019). https://doi.org/10.1145/3319535.3354252
Schwarz, M., Weiser, S., Gruss, D., Maurice, C., Mangard, S.: Malware guard extension: using SGX to conceal cache attacks. In: DIMVA, Lecture Notes in Computer Science, vol. 10327, pp. 3–24. Springer, Bonn, Germany (2017). https://doi.org/10.1007/978-3-319-60876-1_1
Seo, J., Lee, B., Kim, S.M., Shih, M., Shin, I., Han, D., Kim, T.: SGX-shield: enabling address space layout randomization for SGX programs. In: NDSS, pp. 1–15. The Internet Society, San Diego, California, USA (2017). https://doi.org/10.14722/ndss.2017.23037. https://www.ndss-symposium.org/wp-content/uploads/2017/09/ndss2017_07-1_Seo_paper.pdf
Sfyrakis, I., Gross, T.: UniGuard: protecting unikernels using intel SGX. In: IEEE International Conference on Cloud Engineering (IC2E), pp. 99–105. IEEE, Orlando, FL, USA (2018). https://doi.org/10.1109/IC2E.2018.00032
Shaon, F., Kantarcioglu, M., Lin, Z., Khan, L.: SGX-BigMatrix: a practical encrypted data analytic framework with trusted processors. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS ’17, pp. 1211–1228. ACM, Dallas, Texas, USA (2017). https://doi.org/10.1145/3133956.3134095
Shih, M., Lee, S., Kim, T., Peinado, M.: T-SGX: eradicating controlled-channel attacks against enclave programs. In: NDSS, pp. 1–15. The Internet Society, San Diego, CA, USA (2017). https://doi.org/10.14722/ndss.2017.23193
Shinde, S., Chua, Z.L., Narayanan, V., Saxena, P.: Preventing your faults from telling your secrets: defenses against pigeonhole attacks. pp. 1–16 (2015). CoRR arXiv:1506.04832https://arxiv.org/pdf/1506.04832.pdf
Smari, W.W., Clemente, P., Lalande, J.F.: An extended attribute based access control model with trust and privacy: application to a collaborative crisis management system. Futur. Gener. Comput. Syst. 31, 147–168 (2014). https://doi.org/10.1016/j.future.2013.05.010
Sookhak, M., Yu, F.R., Khan, M.K., Xiang, Y., Buyya, R.: Attribute-based data access control in mobile cloud computing: Taxonomy and open issues. Futur. Gener. Comput. Syst. 72, 273–287 (2017). https://doi.org/10.1016/j.future.2016.08.018
Staddon, J., Golle, P., Gagné, M., Rasmussen, P.: A content-driven access control system. In: Proceedings of the 7th Symposium on Identity and Trust on the Internet, IDtrust ’08, pp. 26–35. Association for Computing Machinery, New York, NY, USA (2008). https://doi.org/10.1145/1373290.1373296
Strackx, R., Piessens, F.: The Heisenberg defense: proactively defending SGX enclaves against page-table-based side-channel attacks. arXiv preprint arXiv:1712.08519abs/1712.08519, 1–16 (2017)
Stubbs, R.: Intel®RSGX Technology and the Impact of Processor Side-Channel Attacks. Fortanix, 10th March 2020 (2020). https://fortanix.com/blog/2020/03/intel-sgx-technology-and-the-impact-of-processor-side-channel-attacks/
Tramèr, F., Boneh, D.: Slalom: fast, verifiable and private execution of neural networks in trusted hardware. In: ICLR, pp. 1–19. OpenReview.net, New Orleans, Louisiana, United States (2019)
Tychalas, D., Tsoutsos, N.G., Maniatakos, M.: SGXCrypter: IP protection for portable executables using Intel’s SGX technology. In: 22nd Asia and South Pacific Design Automation Conference (ASP-DAC), pp. 354–359. IEEE, Chiba, Japan (2017). https://doi.org/10.1109/ASPDAC.2017.7858348
Van Bulck, J., Piessens, F.: Tutorial: uncovering and mitigating side-channel leakage in intel SGX enclaves. In: Proceedings of the 8th International Conference on Security, Privacy, and Applied Cryptography Engineering (SPACE’18), pp. 1–4. Springer, Kanpur, India (2018)
Van Bulck, J., Piessens, F., Strackx, R.: Nemesis: studying microarchitectural timing leaks in rudimentary CPU interrupt logic. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS ’18, p. 178-195. ACM, New York, NY, USA (2018). https://doi.org/10.1145/3243734.3243822
Veloudis, S., Paraskakis, I., Petsos, C., Verginadis, Y., Patiniotakis, I., Gouvas, P., Mentzas, G.: Achieving security-by-design through ontology-driven attribute-based access control in cloud environments. Futur. Gener. Comput. Syst. 93, 373–391 (2019). https://doi.org/10.1016/j.future.2018.08.042
Wang, W., Chen, G., Pan, X., Zhang, Y., Wang, X., Bindschaedler, V., Tang, H., Gunter, C.A.: Leaky cauldron on the dark land: understanding memory side-channel hazards in SGX. In: CCS, CCS ’17, pp. 2421–2434. ACM, Dallas, Texas, USA (2017). https://doi.org/10.1145/3133956.3134038
Xu, Y., Cui, W., Peinado, M.: Controlled-channel attacks: deterministic side channels for untrusted operating systems. In: IEEE Symposium on Security and Privacy, pp. 640–656. IEEE Computer Society, San Jose, CA, USA (2015). https://doi.org/10.1109/SP.2015.45
Yang, L., Li, C., Cheng, Y., Yu, S., Ma, J.: Achieving privacy-preserving sensitive attributes for large universe based on private set intersection. Inf. Sci. 582, 529–546 (2022). https://doi.org/10.1016/j.ins.2021.09.034
Yang, X., Li, W., Fan, K.: A revocable attribute-based encryption EHR sharing scheme with multiple authorities in blockchain. Peer-to-peer Netw. Appl. (2022). https://doi.org/10.1007/s12083-022-01387-4
Yuan, E., Tong, J.: Attributed based access control (ABAC) for web services. In: IEEE International Conference on Web Services (ICWS’05), p. 569. IEEE, Orlando, FL, USA (2005). https://doi.org/10.1109/ICWS.2005.25
Yüksel, B., Küpçü, A., Özkasap, Ö.: Research issues for privacy and security of electronic health services. Futur. Gener. Comput. Syst. 68, 1–13 (2017). https://doi.org/10.1016/j.future.2016.08.011
Zhang, R., Li, J., Lu, Y., Han, J., Zhang, Y.: Key escrow-free attribute based encryption with user revocation. Inf. Sci. 600, 59–72 (2022). https://doi.org/10.1016/j.ins.2022.03.081
Zhang, X., Parisi-Presicce, F., Sandhu, R., Park, J.: Formal model and policy specification of usage control. ACM Trans. Inf. Syst. Secur. (TISSEC) 8(4), 351–387 (2005). https://doi.org/10.1145/1108906.1108908
Zhang, Y., Deng, R.H., Xu, S., Sun, J., Li, Q., Zheng, D.: Attribute-based encryption for cloud computing access control: a survey. ACM Comput. Surv. (2020). https://doi.org/10.1145/3398036
Zhang, Z., Zhang, J., Yuan, Y., Li, Z.: An expressive fully policy-hidden ciphertext policy attribute-based encryption scheme with credible verification based on blockchain. IEEE Int. Things J. 9(11), 8681–8692 (2022). https://doi.org/10.1109/JIOT.2021.3117378
Zhang, Z., Zhang, W., Qin, Z.: A partially hidden policy CP-ABE scheme against attribute values guessing attacks with online privacy-protective decryption testing in IoT assisted cloud computing. Futur. Gener. Comput. Syst. 123, 181–195 (2021). https://doi.org/10.1016/j.future.2021.04.022
Acknowledgements
This work was partially supported by the Swedish Foundation for Strategic Research (SSF) and the Swedish Research Council (VR). The authors would like to thank Sergiu Bursuc at the Security and Trust of Software Systems group, University of Luxembourg, for his help and support in verifying the properties of the proposed scheme.
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they do not have conflict of interests.
Ethical approval
This article does not contain any studies with human participants or animals performed by any of the authors.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Appendices
Appendix
A Intel SGX security
Intel SGX has been under scrutiny since its early releases and several vulnerabilities have been discovered. These are often published along with corresponding countermeasures. The following provides a list of attacks against Intel SGX and possible remedies.
1.1 A.1: Vulnerabilities
Xu et al. [133] introduced controlled-channel attacks against SGX-enabled applications by which sensitive information of the protected applications can be extracted. In such attacks, an adversary causes intentional page faults to get sequence information of page faults, which helps the adversary to infer the data that exists in the protected memory (i.e., the enclave’s data). In [26], it is demonstrated that enclave data can be revealed even without intentional page faults and by monitoring the page table entry (PTE) status, which shows all page read/write attempts. A framework called SGX-Step was presented in [25] to attack SGX enclaves. The SGX-Step makes it possible to configure Advanced Programmable Interrupt Controller (APIC) timer interrupts and then track PTE status. Several attacks [23, 24, 46, 54, 86, 130] have been built on top of the SGX-Step. Another similar attack is the Sneaky Page Monitoring (SPM) attack [132]. This memory-based attack works based on manipulation of the page’s accessed flag in PTE and does not need enclave interrupts contrary to the page fault attacks. The granularity of the SPM attack can be improved using a cache timing method called Prime+Probe [95], which has been used in cache attacks [20, 34, 43, 83, 116] as well.
Cache attacks are based on the time gap between main memory access and CPU cache access. In order to avoid cache attacks, Intel SGX restricts access to the Enclave Page Cache (EPC) memory from a non-enclave code. Nevertheless, several cache attacks against SGX-protected programs have been presented. For instance, Brasser et al. [20] extracted 70% of a 2048-bit RSA key during the decryption. Brasser et al.’s attack is applicable when the attacker’s process and the enclave process share probes cache line and use the same CPU core. Schwarz et al. [116] presented another cache attack, by creating an enclave and attacking a victim enclave using the Prime+Probe method, which does not require the attacker’s process and the enclave process to use the same core. Götzfried et al. [43] presented a cache attack to extract the secret key of an AES algorithm from an enclave. Lee et al. [67] presented a branch prediction attack through branch shadowing, which is possible because the Branch Target Buffer (BTB) address information can be shared between an enclave and the untrusted part (outside the enclave). The goal of the attack was to infer the control flow inside enclaves. BranchScope [38] is another similar attack that does not work based on the BTB. The BranchScope attack can reveal secret information without any knowledge of the internal predictor organization. Bluethunder [54] is also a branch predictor attack for extracting secret information of enclaves. It is demonstrated that the Bluethunder attack is faster than the BranchScope attack as the first one uses a two-level directional predictor.
SgxPectre [29] is a kind of speculative execution attack that reveals enclave secret information by affecting the branch prediction of the enclave code to change the control flow of the program inside the enclave. The aim of changing the control flow is to perform instructions that make cache-state changes observable. Monitoring the cache-state changes helps to extract enclave secrets. Koruyeh et al. [62] presented a similar attack called SpectreRSB by exploiting the return stack buffer (RSB) instead of the branch predictor unit.
Recently, several new attacks such as RIDL [112], CacheOut [113], ZombieLoad [115], SGAxe [111], and CrossTalk [103] have been presented that are classified as microarchitectural data sampling (MDS) attacks. Rogue In-Flight Data Load (RIDL), CacheOut, and ZombieLoad attacks exploit internal CPU buffers, i.e., the Line Fill Buffers (LFBs) between the L1 Data caches and the L2 caches. RIDL can leak data from loads that are not already in the L1D cache. However, using ZombieLoad, the results of memory loads (the requested data may already exist in the L1D cache) can be leaked. While RIDL and ZombieLoad cannot control which data are loaded into the LFBs and thereafter revealed, CacheOut makes it possible to control the leakage by forcing cache contention on the intended L1D data. The SGAxe attack uses the CacheOut to extract the attestation key from the Quoting enclave and then sign fake attestation quotes. Most of the presented attacks can be mitigated by isolating the victim enclaves and the attackers on separate CPU cores. However, CrossTalk [103] makes it possible to attack enclaves even with core separation and leak data among different cores using a global staging buffer.
1.2 A.2: Countermeasures
Most of the presented vulnerabilities either do not expose all the information that exists inside an enclave or need a powerful attacker with significant effort. However, even small leakages can become dangerous over time. Fortunately, Intel and researchers have provided and proposed countermeasures to overcome the attacks exploiting such vulnerabilities. For instance, Intel addresses many weaknesses by changing the hardware of new CPUs, patching the microcode of CPUs (which changes the way that a CPU performs its tasks), and upgrading the system software. ZigZagger, which proposed a remedy for the branch prediction attack presented in [67], converts conditional branches into non-conditional jumps to trampolines (indirect jump vectors). The main idea of ZigZagger was to hide the control flow. Branch shadowing attacks are also addressed by means of control flow randomization [52]. In other words, in [52], conditional branches are eliminated, and the targets of non-conditional branches are hidden through runtime code randomization and modifications at compile time. Both ZigZagger and the solution proposed in [52] were implemented as extensions for the LLVM compiler .Footnote 6 Chen et al. [30] also proposed a solution that restricts access to other CPU cores by creating shadow threads. Shih et al. [120] and Chen et al. [31] addressed controlled-channel attacks using Intel Transactional Synchronization Extensions (TSX) that hide page fault events from OS by handling faults as transaction abort. Strackx et al. [125] proposed a remedy for page table-based controlled-channel attacks utilizing TSX transactions. On the other hand, Fu et al. [41] presented SGX-LAPD as a fix for systems that do not support TSX.
A compiler-assisted solution for page fault-based attacks was proposed by Shinde et al. [121]. Gruss et al. [45] provided a software library that wraps secret handling code and secret data in TSX transactions. Chandra et al.’s solution [27] was to add random noise, e.g., add accesses to dummy data, to the algorithms. Sasy et al. [110] and Ohrimenko et al. [93] proposed solutions based on oblivious RAM (ORAM), which removes access patterns by encrypting and shuffling them. Still other solutions exist that are based on the randomization of the address space layout [117] and decryption of the code at runtime [114].
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Arshad, H., Picazo-Sanchez, P., Johansen, C. et al. Attribute-based encryption with enforceable obligations. J Cryptogr Eng 13, 343–371 (2023). https://doi.org/10.1007/s13389-023-00317-1
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s13389-023-00317-1