Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Triad: Trusted Timestamps in Untrusted Environments

Gabriel P. Fernandez, Andrey Brito, Christof Fetzer

TL;DR

Triad tackles the absence of durable, absolute timestamps inside untrusted environments by deploying a multi-enclave, multi-node timestamp service that mutually validates running clocks to create a continuous, monotonic timeline with bounded error. It combines SGX-based enclaves and the SCONE runtime to securely exchange encrypted timestamps, while a calibration protocol and kernel-tuning techniques guard against TSC-rate and enclave-exit attacks. The work formalizes trusted-time guarantees, including $|TT_T(t)-t| \le \epsilon$ (R1) and $t_1 < t_2 \Rightarrow TT_T(t_1) < TT_T(t_2)$ (R2), and demonstrates a practical implementation with a three-node Triad cluster and an external failover mechanism. The result is a low-latency, trusted time source suitable for distributed confidential computing, with detailed evaluation of timing error, RTT, and enclave-exit behavior, and clear directions for broader platform support in future work.

Abstract

We aim to provide trusted time measurement mechanisms to applications and cloud infrastructure deployed in environments that could harbor potential adversaries, including the hardware infrastructure provider. Despite Trusted Execution Environments (TEEs) providing multiple security functionalities, timestamps from the Operating System are not covered. Nevertheless, some services require time for validating permissions or ordering events. To address that need, we introduce Triad, a trusted timestamp dispatcher of time readings. The solution provides trusted timestamps enforced by mutually supportive enclave-based clock servers that create a continuous trusted timeline. We leverage enclave properties such as forced exits and CPU-based counters to mitigate attacks on the server's timestamp counters. Triad produces trusted, confidential, monotonically-increasing timestamps with bounded error and desirable, non-trivial properties. Our implementation relies on Intel SGX and SCONE, allowing transparent usage. We evaluate Triad's error and behavior in multiple dimensions.

Triad: Trusted Timestamps in Untrusted Environments

TL;DR

Triad tackles the absence of durable, absolute timestamps inside untrusted environments by deploying a multi-enclave, multi-node timestamp service that mutually validates running clocks to create a continuous, monotonic timeline with bounded error. It combines SGX-based enclaves and the SCONE runtime to securely exchange encrypted timestamps, while a calibration protocol and kernel-tuning techniques guard against TSC-rate and enclave-exit attacks. The work formalizes trusted-time guarantees, including (R1) and (R2), and demonstrates a practical implementation with a three-node Triad cluster and an external failover mechanism. The result is a low-latency, trusted time source suitable for distributed confidential computing, with detailed evaluation of timing error, RTT, and enclave-exit behavior, and clear directions for broader platform support in future work.

Abstract

We aim to provide trusted time measurement mechanisms to applications and cloud infrastructure deployed in environments that could harbor potential adversaries, including the hardware infrastructure provider. Despite Trusted Execution Environments (TEEs) providing multiple security functionalities, timestamps from the Operating System are not covered. Nevertheless, some services require time for validating permissions or ordering events. To address that need, we introduce Triad, a trusted timestamp dispatcher of time readings. The solution provides trusted timestamps enforced by mutually supportive enclave-based clock servers that create a continuous trusted timeline. We leverage enclave properties such as forced exits and CPU-based counters to mitigate attacks on the server's timestamp counters. Triad produces trusted, confidential, monotonically-increasing timestamps with bounded error and desirable, non-trivial properties. Our implementation relies on Intel SGX and SCONE, allowing transparent usage. We evaluate Triad's error and behavior in multiple dimensions.
Paper Structure (40 sections, 8 figures)

This paper contains 40 sections, 8 figures.

Table of Contents

  1. Introduction
  2. Background
  3. Time Concepts
  4. Error and Drift
  5. Round Trip Time
  6. Clock Reading Error
  7. Trusted Execution Environments and Intel SGX
  8. SCONE
  9. Threat Model
  10. Application Domain
  11. Peer Domain and External Domain
  12. Approach
  13. Overview
  14. Attack on Freshness and Drift Rate
  15. Freshness
  16. ...and 25 more sections

Figures (8)

  • Figure 1: Triad’s Architecture
  • Figure 2: Failure model for Triad enclaves. One of the enclaves in the trio is omitted for simplicity
  • Figure 3: Instruction count in 1 millisecond. All trials concentrate on a small range.
  • Figure 4: Frequency of time resources access -- Local vs Peer vs Remote
  • Figure 5: Inner clock error for nodes of a sample Triad deployment with the calibration round.
  • ...and 3 more figures