Secure Remote Attestation with Strong Key Insulation Guarantees

Secure processors with hardware-enforced isolation are crucial for secure cloud computation. However, commercial have underestimated the capabilities of attackers and failed to provide execution environments capable protecting sensitive information against side-channel attacks. Remote Attestation protocols based on traditional signature schemes not under attacks anymore since their secret keys can be leaked. Previously, Key-Insulated Schemes (KIS) been introduced mitigate damage caused by key exposure in cryptosystems breaking lifetime into independent sessions. KIS protect security all other sessions if any session compromised, however, no guarantees a compromised session. We introduce new cryptographic primitive called One-Time Signature Secret Key Exposure (OTS-SKE), which ensures one forge valid message or nonce even OTS-SKE enables us sign attestation reports securely powerful adversary who observe digital states enclaves through also minimize trusted computing base introducing co-processor that is only responsible generation system. Our experiments show signing faster than as well Elliptic Curve Digital Algorithm (ECDSA) used Intel SGX.