Accountability is key to detecting and punishing illegal actions in cryptosystems, but ensuring accountability for decryption is challenging. The decryption is normally conducted by end-users locally, where a decrypter may refuse to provide auditable information on his decryption. Portex addresses this by using a Trusted Execution Environment (TEE) to force each decryption to generate publicly verifiable logs, ensuring accountability. Meanwhile, we have noticed the risk of the compromised TEE. We further introduce a tracing mechanism to inspect the TEE's behaviors to guarantee that the attacks on trusted hardware are traceable.
| 1. We propose a practical accountable cryptosystems, in which the users are accountable for their decryption. Each decryption will be faithfully recorded by the log maintainer, whose actions are publicly verifiable. |
| 2. Our proposed scheme relies on TEE, but we further take consider the mainstream vulnerability of TEE that may leak the users’ private keys and destroy accountability. We accordingly design a tracing mechanism to make trusted hardware, additionally, accountable for the private key generation and distribution. |
| 3. We formalize the syntax and security definitions of Portex. The formal security analyses indicate that our system is provably secure, which satisfies the properties of key privacy, fairness, completeness, and TEE traceability. |
| 4. We provide a full-functional implementation for Portex and evaluate performance in terms of theoretical complexity, running time, and log size for major functionalities. The experimental results demonstrate the feasibility and efficiency of our system. |
Four types of entities are involved: private key generator PKG, a log manager LM, CLIENT and TRACER . The PKG is required to run inside TEEs. The log manager and users’ platforms do not necessarily to support TEEs. The main idea behind Portex is to run PKG inside a TEE and force the action of key generation to render a public auditable log.
Government and law enforcement with court-issued warrants commonly access citizens' sensitive information. However, the potential for warrant abuse or unauthorized access exists, jeopardizing user privacy. Our system makes law enforcement officers accountable for accessing and decrypting sensitive information, which prevents unsafe warrant usage.
Current package delivery solutions are susceptible to information leakage as they transmit sensitive information, such as name and address, in plaintext. Our system uses an encrypted barcode to tag this information, limiting access to only authorized barcode readers. Any access is logged and auditable, ensuring accountability and preventing misuse.
The implementation is published in Portex-tee/Portex (github.com). Here we present the functions:
