RA-WEBs: Remote Attestation for WEB services

Day 1 | 13:10 | 00:20 | K.4.401 | Yoshimichi Nakatsuka


Note: I'm reworking this at the moment, some things won't work.

The stream isn't available yet! Check back at 13:10.
Get involved in the conversation!Join the chat

Data theft and leakage, caused by external adversaries and insiders, demonstrate the need for protecting user data. Trusted Execution Environments (TEEs) offer a promising solution by creating secure environments that protect data and code from such threats. The rise of confidential computing on cloud platforms facilitates the deployment of TEE-enabled server applications, which are expected to be widely adopted in web services such as privacy-preserving LLM inference and secure data logging. One key feature is Remote Attestation (RA), which enables integrity verification of a TEE. However, compatibility issues with RA verification arise as no browsers natively support this feature, making prior solutions cumbersome and risky.

To address these challenges, in this talk, we present RA-WEBs (Remote Attestation for Web services), a novel RA protocol designed for high compatibility with the current web ecosystem. RA-WEBs leverages established web mechanisms for immediate deployability, enabling RA verification on existing browsers. We will show preliminary evaluation results and highlight open challenges when introducing RA to the web.