Dr. Wei, Trias CTO, will have a series of Trias Technology Sharing in Trias group( http://t.me/triaslab) on every Monday 12:00 GMT. The following is the recap of the 8th time:
With the variety of malicious user’s attack means, the protector can only build the firewall higher and higher, intrusion detection more complex, malicious code base bigger and bigger, the false alarm rate also increases, which makes the security investment increase continuously, the maintenance and management become more complex and difficult to implement, the efficiency of information system is greatly reduced, and there is no defense ability to new attacks.
Therefore, computer system derives a new security model, which is generally called Trusted Execution Environment (TEE). Trusted computing assumes that trust is scarce. TEE’s technological innovation in logical correctness verification, computing architecture and computing mode can solve the problem that logic defects are not exploited by attackers, form a unity of offensive and defensive contradictions, and ensure that the logical combination of computing tasks is not tampered with and destroyed.
What is TEE?
TEE is a trusted code execution environment proposed by Global Platform, which is committed to developing, formulating and publishing security chip technical standards. It ensures the privacy and integrity of the code, application and data assets in the environment by isolating the operation execution in the environment from the outside. Compared with Rich Operating Systems such as Android and Linux, it can provide a more secure execution environment for trusted applications in the environment. Compared with a single security element, it has stronger extensibility in function, so it has been widely used in mobile payment, intelligent devices and other fields.
How can TEE be credible?
All data assets, codes and the initial state of trusted OS in TEE must be signed and verified by the designer before they can be installed and used. Moreover, these elements in the environment are immutable and isolated from each other. In other words, the invalidation or tampering of one element will not affect other elements in the environment, so as to ensure the credibility of the overall environment.
What can blockchain optimize TEE?
1. Through decentralized network and consensus mechanism, it can reduce the security risk and the possibility of evil of Intel and other manufacturers, and ensure the availability of trusted chain (this chain is not a blockchain).
2. Solve the problem of enclave interacting with untrusted region. The best thing blockchain is to build a trusted network. Both BTC and Ethereum have achieved a very good level of trust — even similar to that of TEE. Therefore, it is a very good complementary scenario for TEE to interact through blockchain and blockchain smart contracts.
Application of TEE in blockchain privacy protection
When it comes to privacy protection, what people think of is the disclosure of Facebook privacy. For example, in the sense of “general-purpose secret protection”, the “E-type” business can not be protected in a more general sense.
We often divide privacy protection technologies into three generations:
Zcash and Monroe coin, the typical representatives of the first generation technology, have realized the privacy protection of transactions through zero knowledge proof, ring signature, secret transfer and other technologies. One of the outstanding features is that their technology can protect the transaction privacy of the original currency.
The typical representative of the second generation technology is Aztec, a privacy protocol on Ethereum, which adopts the technology similar to zcash, which can realize transaction privacy for any erc20 token. The second generation technology is an extension of the first generation, but they can only achieve transaction privacy. If it involves Turing’s complete smart contract, they can’t do anything about it.
In the third generation technology, we hope to expand the concept of “privacy protection” to “confidentiality protection”. Privacy not only refers to the transaction privacy of users, but also can protect any confidential data in smart contracts from being leaked. With the current smart contract technology, all data must be completely disclosed. We hope that the “confidential smart contract” can be the same as Ethereum’s Turing complete smart contract, which can perform general calculation, but does not need to expose confidential data.
Trias, as a project of the third generation privacy protection technology, is a set of heterogeneous consensus graph algorithm (hcgraph) based on trusted technology. Hcgraph is a combination of trusted computing technology based on heterogeneous TEE (trusted execution environment) and graph computing technology based on small world network. Hcgraph makes use of the transitivity of trust and uses the gossip protocol to realize the trusted relationship between consensus nodes using different TEE technologies.
At present, secret intelligent contract technology can be implemented by multi-party computing (MPC) and trusted execution environment (TEE). The former is based on pure cryptography technology such as homomorphic encryption and zero knowledge proof. It does not rely on hardware and can be applied to some specific fields efficiently, such as verifiable random number and distributed key generation. However, it has an average performance loss of 10 ^ 6 times in general computing. The latter is based on trusted computing hardware (mainly Intel’s CPU), but it can achieve very efficient general-purpose computing.
