Trusted Hardware Component for Distributed Systems
First Claim
1. A trusted hardware component executable on one or more processors of a first computing device participating in a byzantine-fault-tolerant protocol, the trusted hardware component comprising:
- a monotonically non-decreasing counter;
a cryptographic key; and
logic, stored in the trusted hardware component and configured to;
receive, from the first computing device, a representation of a message for distribution to a second computing device participating in the byzantine-fault-tolerant protocol;
increment the monotonically non-decreasing counter from a first value to a second value that is greater than or equal to the first value;
sign a statement with the cryptographic key attesting that the trusted hardware component incremented the monotonically non-decreasing counter from the first value to the second value at least in part in response to receiving the representation of the message; and
provide the signed statement to the first computing device.
3 Assignments
0 Petitions
Accused Products
Abstract
Techniques for utilizing trusted hardware components for mitigating the effects of equivocation amongst participant computing devices of a distributed system are described herein. For instance, a distributed system employing a byzantine-fault-resilient protocol—that is, a protocol intended to mitigate (e.g., tolerate, detect, isolate, etc.) the effects of byzantine faults—may employ the techniques. To do so, the techniques may utilize a trusted hardware component comprising a non-decreasing counter and a key. This hardware component may be “trusted” in that the respective participant computing device cannot modify or observe the contents of the component in any manner other than according to the prescribed procedures, as described herein. Furthermore, the trusted hardware component may couple to the participant computing device in any suitable manner, such as via a universal serial bus (USB) connection or the like.
69 Citations
20 Claims
-
1. A trusted hardware component executable on one or more processors of a first computing device participating in a byzantine-fault-tolerant protocol, the trusted hardware component comprising:
-
a monotonically non-decreasing counter; a cryptographic key; and logic, stored in the trusted hardware component and configured to; receive, from the first computing device, a representation of a message for distribution to a second computing device participating in the byzantine-fault-tolerant protocol; increment the monotonically non-decreasing counter from a first value to a second value that is greater than or equal to the first value; sign a statement with the cryptographic key attesting that the trusted hardware component incremented the monotonically non-decreasing counter from the first value to the second value at least in part in response to receiving the representation of the message; and provide the signed statement to the first computing device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. One or more computer-readable media storing computer-executable instructions that, when executed, cause one or more processors to perform acts comprising:
-
providing, by a first computing device participating in a byzantine-fault-tolerant protocol and to a trusted hardware component associated with the first computing device, a representation of a message for distribution to a second computing device participating in the byzantine-fault-tolerant protocol; receiving, by the first computing device and from the trusted hardware component, a statement signed by the trusted hardware component attesting that the trusted hardware component incremented a monotonically non-decreasing counter at least in part in response to receiving the representation of the message; storing the signed statement in a log associated with the byzantine-fault-tolerant protocol and maintained outside of the trusted hardware component; and providing the message and the signed statement to the second computing device. - View Dependent Claims (11, 12, 13, 14, 15, 16)
-
-
17. One or more computer-readable media storing computer-executable instructions that, when executed, cause one or more processors to perform acts comprising:
-
receiving, from a first computing device participating in a byzantine-fault-resilient protocol and at a trusted hardware component comprising a counter and a key, a representation of a message for distribution to a second computing device participating in the byzantine-fault-resilient protocol; incrementing the counter from a first value to a second value that is greater than or equal to the first value; signing a statement with the key attesting that the trusted hardware component incremented the counter at least in part in response to receiving the representation of the message; and providing the signed statement to the first computing device. - View Dependent Claims (18, 19, 20)
-
Specification