We use cookies to improve your experience with our site.

Indexed in:

SCIE, EI, Scopus, INSPEC, DBLP, CSCD, etc.

Submission System
(Author / Reviewer / Editor)
Advanced Search
Volume 38 Issue 3
May  2023
Turn off MathJax
Article Contents
Abstract
References
Related Articles
Supplements
Shao QF, Zhang Z, Jin CQ et al. Query authentication using Intel SGX for blockchain light clients. JOURNAL OF COMPUTER SCIENCE AND TECHNOLOGY 38(3): 714−734 May 2023. DOI: 10.1007/s11390-022-1007-2.
Citation: Shao QF, Zhang Z, Jin CQ et al. Query authentication using Intel SGX for blockchain light clients. JOURNAL OF COMPUTER SCIENCE AND TECHNOLOGY 38(3): 714−734 May 2023. DOI: 10.1007/s11390-022-1007-2.
shu

Query Authentication Using Intel SGX for Blockchain Light Clients

  • 1.

    School of Data Science and Engineering, East China Normal University, Shanghai 200062, China

  • 2.

    School of Software, Zhongyuan University of Technology, Zhengzhou 450007, China

Funds: This work was supported by the National Key Research and Development Program of China under Grant No. 2021YFB- 2700100 and the National Natural Science Foundation of China under Grant Nos. U1911203, U1811264 and 61972152.
More Information
  • Author Bio:

    Qi-Feng Shao received his M.S. degree in computer technology from Wuhan University, Wuhan, in 2011. He is an associate professor with Zhongyuan University of Technology, Zhengzhou. Currently, he is working toward his Ph.D. degree in East China Normal University, Shanghai. His research interests include verifiable query and data provenance over blockchain databases

    Zhao Zhang received her B.S. degree in computer science from Northwest Normal University, Lanzhou, in 2000, and her M.S. and Ph.D. degrees in computer application technology from East China Normal University, Shanghai, in 2003 and 2012, respectively. She is a professor with East China Normal University, Shanghai. Her research interests include distributed databases, blockchain, and location-based service

    Che-Qing Jin received his B.S. and M.S. degrees in computer science from Zhejiang University, Hangzhou, in 1999 and 2002 respectively, and his Ph.D. degree in computer science from Fudan University, Shanghai, in 2005. He is a professor with East China Normal University, Shanghai. He is the winner of the Fok Ying Tung Education Foundation Fourteenth Young Teacher Award. He is a distinguished member of CCF, and serves as an editor of Journal of Computer Research and Development. His research interests include blockchain, streaming data management, location-based services, and uncertain data management

    Ao-Ying Zhou received his B.S. and M.S. degrees in computer science from Sichuan University, Chengdu, and his Ph.D. degree in computer software and theory from Fudan University, Shanghai, in 1988, 1985, and 1993, respectively. He is a professor with East China Normal University, Shanghai. He is the winner of the National Science Fund for Distinguished Young Scholars supported by the National Natural Science Foundation of China (NSFC) and the professorship appointment under the Changjiang Scholars Program of Ministry of Education (MoE). He is a CCF fellow, and an associate editor-in-chief of the Chinese Journal of Computer. He served as the general chair of the ER2004, vice PC chair of ICDE2009 and ICDE2012, and PC co-chair of VLDB2014. His research interests include Web data management, data management for data-intensive computing, in-memory cluster computing and distributed transaction processing, and benchmarking for big data and performance

  • Corresponding author:

    cqjin@dase.ecnu.edu.cn

  • Received Date: September 21, 2020
  • Accepted Date: March 03, 2022
    Abstract

  • Due to limited computing and storage resources, light clients and full nodes coexist in a typical blockchain system. Any query from light clients must be forwarded to full nodes for execution, and light clients verify the integrity of query results returned. Since existing verifiable queries based on an authenticated data structure (ADS) suffer from significant network, storage and computing overheads by virtue of verification objects (VOs), an alternative way turns to the trusted execution environment (TEE), with which light clients do not need to receive or verify any VO. However, state-of-the-art TEEs cannot deal with large-scale applications conveniently due to the limited secure memory space (e.g., the size of the enclave in Intel SGX (software guard extensions), a typical TEE product, is only 128 MB). Hence, we organize data hierarchically in trusted (enclave) and untrusted memory, along with hot data buffered in the enclave to reduce page swapping overhead between two kinds of memory. The cost analysis and empirical study validate the effectiveness of our proposed scheme. The VO size of our scheme is reduced by one to two orders of magnitude compared with that of the traditional scheme.

    • FullText(HTML)
    • References (22)
  • [1]
    Pang H H, Tan K L. Authenticating query results in edge computing. In Proc. the 20th IEEE International Conference on Data Engineering, Apr. 2004, pp.560–571. DOI: 10.1109/ICDE.2004.1320027.
    [2]
    Li F F, Hadjieleftheriou M, Kollios G, Reyzin L. Dynamic authenticated index structures for outsourced databases. In Proc. the 2006 ACM SIGMOD International Conference on Management of Data, Jun. 2006, pp.121–132. DOI: 10.1145/1142473.1142488.
    [3]
    McKeen F, Alexandrovich I, Berenzon A, Rozas C V, Shafi H, Shanbhogue V, Savagaonkar U R. Innovative instructions and software model for isolated execution. In Proc. the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy, Jun. 2013, Article No. 10. DOI: 10.1145/2487726.2488368.
    [4]
    Weisse O, Bertacco V, Austin T. Regaining lost cycles with HotCalls: A fast interface for SGX secure enclaves. In Proc. the 44th ACM/IEEE Annual International Symposium on Computer Architecture, Jun. 2017, pp.81–93. DOI: 110.1145/3079856.3080208.
    [5]
    Shao Q F, Pang S F, Zhang Z, Jin C Q. Authenticated range query using SGX for blockchain light clients. In Proc. the 25th International Conference on Database Systems for Advanced Applications, Aug. 2020, pp.306–321. DOI: 10.1007/978-3-030-59419-0_19.
    [6]
    Li F F, Hadjieleftheriou M, Kollios G, Reyzin L. Authenticated index structures for aggregation queries. ACM Trans. Information and System Security, 2010, 13(4): 32. DOI: 10.1145/1880022.1880026.
    [7]
    Merkle R C. A certified digital signature. In Proc. the 1989 Conference on the Theory and Application of Cryptology, Aug. 1989, pp.218–238. DOI: 10.1007/0-387-34805-0_21.
    [8]
    Yang Y, Papadias D, Papadopoulos S, Kalnis P. Authenticated join processing in outsourced databases. In Proc. the 2009 ACM SIGMOD International Conference on Management of Data, Jun. 2009, pp.5–18. DOI: 10.1145/1559845.1559849.
    [9]
    Li J W, Squicciarini A C, Lin D, Sundareswaran S, Jia C F. MMBcloud-tree: Authenticated index for verifiable cloud service selection. IEEE Trans. Dependable and Secure Computing, 2017, 14(2): 185–198. DOI: 10.1109/TDSC.2015.2445752.
    [10]
    Hu S S, Cai C J, Wang Q, Wang C, Luo X Y, Ren K. Searching an encrypted cloud meets blockchain: A decentralized, reliable and fair realization. In Proc. the 2018 IEEE Conference on Computer Communications, Apr. 2018, pp.792–800. DOI: 10.1109/INFOCOM.2018.8485890.
    [11]
    Xu C, Zhang C, Xu J J. vChain: Enabling verifiable Boolean range queries over blockchain databases. In Proc. the 2019 International Conference on Management of Data, Jun. 2019, pp.141–158. DOI: 10.1145/3299869.3300083.
    [12]
    Zhang C, Xu C, Xu J L, Tang Y Z, Choi B. GEM^2-tree: A gas-efficient structure for authenticated range queries in blockchain. In Proc. the 35th IEEE International Conference on Data Engineering, Apr. 2019, pp.842–853. DOI: 10.1109/ICDE.2019.00080.
    [13]
    Zhu Y C, Zhang Z, Jin C Q, Zhou A Y, Yan Y. SEBDB: Semantics empowered blockChain database. In Proc. the 35th IEEE International Conference on Data Engineering, Apr. 2019, pp.1820–1831. DOI: 10.1109/ICDE.2019.00198.
    [14]
    Zhang F, Cecchetti E, Croman K, Juels A, Shi E. Town crier: An authenticated data feed for smart contracts. In Proc. the 2016 ACM SIGSAC Conference on Computer and Communications Security, Oct. 2016, pp.270–282. DOI: 10.1145/2976749.2978326.
    [15]
    Cheng R, Zhang F, Kos J, He W, Hynes N, Johnson N, Juels A, Miller A, Song D. Ekiden: A platform for confidentiality-preserving, trustworthy, and performant smart contracts. In Proc. the 2019 IEEE European Symposium on Security and Privacy, Jun. 2019, pp.185–200. DOI: 10.1109/EuroSP.2019.00023.
    [16]
    Yan Y, Wei C Z, Guo X P, Lu X M, Zheng X F, Liu Q, Zhou C H, Song X Y, Zhao B R, Zhang H, Jiang G F. Confidentiality support over financial grade consortium blockchain. In Proc. the 2020 ACM SIGMOD International Conference on Management of Data, Jun. 2020, pp.2227–2240. DOI: 10.1145/3318464.3386127.
    [17]
    Dang H, Dinh T T A, Loghin D, Chang E C, Lin Q, Ooi B C. Towards scaling blockchain systems via sharding. In Proc. the 2019 Int. Conf. Management of Data, Jun. 2019, pp.123–140. DOI: 10.1145/3299869.3319889.
    [18]
    Matetic S, Wüst K, Schneider M, Kostiainen K, Karame G, Capkun S. BITE: Bitcoin lightweight client privacy using trusted execution. In Proc. the 28th USENIX Conference on Security Symposium, Aug. 2019, pp.783–800.
    [19]
    Gray J, Bosworth A, Lyaman A, Pirahesh H. Data cube: A relational aggregation operator generalizing GROUP-BY, CROSS-TAB, and SUB-TOTAL. In Proc. the 12th IEEE International Conference on Data Engineering, Feb. 1996, pp.152–159. DOI: 10.1109/ICDE.1996.492099.
    [20]
    O'Neil E J, O'Neil P E, Weikum G. The LRU-K page replacement algorithm for database disk buffering. In Proc. the 1993 ACM SIGMOD Int. Conf. Management of Data, Jun. 1993, pp.297–306. DOI: 10.1145/170035.170081.
    [21]
    Gassend B, Suh G E, Clarke D E, Van Dijk M, Devadas S. Caches and hash trees for efficient memory integrity verification. In Proc. the 9th Int. Symp. High-Performance Computer Architecture, Feb. 2003, pp.295–306. DOI: 10.1109/HPCA.2003.1183547.
    [22]
    Matetic S, Ahmed M, Kostiainen K, Dhar A, Sommer D, Gervais A, Juels A, Capkun S. ROTE: Rollback protection for trusted execution. In Proc. the 26th USENIX Conference on Security Symposium, Aug. 2017, pp.1289–1306.
    • Relative Articles

  • Related Articles

    [1]Rui-Xiang Ma, Fei Wu, Bu-Rong Dong, Meng Zhang, Wei-Jun Li, Chang-Sheng Xie. Write-Optimized B+ Tree Index Technology for Persistent Memory[J]. Journal of Computer Science and Technology, 2021, 36(5): 1037-1050. DOI: 10.1007/s11390-021-1247-6
    [2]Heng Bu, Ming-Kai Dong, Ji-Fei Yi, Bin-Yu Zang, Hai-Bo Chen. Revisiting Persistent Indexing Structures on Intel Optane DC Persistent Memory[J]. Journal of Computer Science and Technology, 2021, 36(1): 140-157. DOI: 10.1007/s11390-020-9871-0
    [3]Chun-Meng Kang, Lu Wang, Pei Wang, Yan-Ning Xu, Xiang-Xu Meng. Coherent Photon Mapping on the Intel MIC Architecture[J]. Journal of Computer Science and Technology, 2015, 30(3): 519-527. DOI: 10.1007/s11390-015-1542-1
    [4]Jie Tang, Pollawat Thanarungroj, Chen Liu, Shao-Shan Liu, Zhi-Min Gu, Jean-Luc Gaudiot. Pinned OS/Services: A Case Study of XML Parsing on Intel SCC[J]. Journal of Computer Science and Technology, 2013, 28(1): 3-13. DOI: 10.1007/s11390-013-1308-6
    [5]WAN Yingyu, XU Yinlong, GU Xiaodong, CHEN Guoliang. Efficient Minimum Spanning Tree Algorithms on the Reconfigurable Mesh[J]. Journal of Computer Science and Technology, 2000, 15(2): 116-125.
    [6]MA Jun, YANG Bo, MA Shaohan. A Practical Algorithm for the Minimum Rectilinear Steiner Tree[J]. Journal of Computer Science and Technology, 2000, 15(1): 96-99.
    [7]SUN Ninghui. Reference Implementation of Scalable I/O Low-Level API on Intel Paragon[J]. Journal of Computer Science and Technology, 1999, 14(3): 206-223.
    [8]Chung-Han CHEN. Embedding Binary Tree in VLSI/WSI Processor Array[J]. Journal of Computer Science and Technology, 1996, 11(3): 326-336.
    [9]Xu Meirui, Liu Xiaolin. A VLSI Algorithm for Calculating the Tree to Tree Distance[J]. Journal of Computer Science and Technology, 1993, 8(1): 68-76.
    [10]Li Hao, Liu Qun. A Problem of Tree Graph[J]. Journal of Computer Science and Technology, 1989, 4(1): 61-66.
    • Supplements (3)

  • Others

  • Cited by

    Periodical cited type(2)

    1. Haotian Wu, Yuzhe Tang, Zhaoyan Shen, et al. TELEX: Two-Level Learned Index for Rich Queries on Enclave-based Blockchain Systems. IEEE Transactions on Knowledge and Data Engineering, 2025. DOI:10.1109/TKDE.2025.3564905
    2. Haoyu Jia, Xiaoming Wu, Shanshan Liu, et al. An Efficient Multi-Layer Indexing Method on Blockchain for Multimodal Data Querying. 2024 IEEE International Conference on Systems, Man, and Cybernetics (SMC), DOI:10.1109/SMC54092.2024.10830935

    Other cited types(0)

Catalog

    Get Citation
    PDF
    XML
    Read Online
    Article views (255) PDF downloads (22) Cited by(2)
    Related

    Copyright ©2025 JCST, All Rights Reserved     京ICP备05002829号-1

    Institute of Computing Technology, Chinese Academy of Sciences
    P.O. Box 2704, Beijing 100190, P.R. China

    Tel.: 86-10-62610746 E-mail: jcst@ict.ac.cn

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return