Table of Links
III. Systematization Methodology
VIII. Concluding Remarks and References
Appendix B. Anonymity and Confidentiality
Appendix D. A TCSC-Based Voting Protocol
APPENDIX A. KEY MANAGEMENT
A variety of different keys are used in the life cycle of TCSC. For simplicity, we use Intel SGX as the instance. We classify these keys into two types, namely, service keys (top half) and SGX internal keys (bottom half).
SGX internal keys. The MEE key is generated at boot, and is placed in special registers, and destroyed at system reset. The MEE key is used for memory encryption and decryption, which plays a crucial role in protecting the confidentiality and integrity of enclaves. At the same time, different enclaves in the same TEE platform share one function key, such as the report key and the attestation key [88].
APPENDIX B. ANONYMITY AND CONFIDENTIALITY
Anonymity refers to the privacy that relates to real entities, especially for users’ identities. In a blockchain system, anonymity indicates that users’ transaction activities will not expose any personal information about them. Alternatively, an attack cannot obtain the correct links between real users and their corresponding account/address that sends the transaction [98]. Bitcoin and Ethereum only provide a very early version of anonymity, using the pseudonym-based address mechanism to protect identities. However, this cannot guarantee anonymity because attackers can effortlessly map virtual addresses to physical entities through the relationship analysis.
Confidentiality in a blockchain system mainly refers to the privacy of data and contents recorded on-chain [99], [9]. Classic blockchain systems expose all transactions (includes amount information, addresses, amount, etc.) plainly where anyone can read and access. Sensitive information might unconsciously be leaked to malicious analyzers. For instance, ERC20 tokens in the Ethereum system do not provide confidentiality, since anyone can observe every amount’s balance. Adversaries can keep tracing the accounts that have a huge amount of tokens and launch attacks such as using the phishing website or cheating through offline activities.
Authors:
(1) Rujia Li, Southern University of Science and Technology, China, University of Birmingham, United Kingdom and this author contributed equally to this work;
(2) Qin Wang, CSIRO Data61, Australia and this author contributed equally to this work;
(3) Qi Wang, Southern University of Science and Technology, China;
(4) David Galindo, University of Birmingham, United Kingdom;
(5) Mark Ryan, University of Birmingham, United Kingdom.
This paper is