Robin Vassantlal, Bernardo Ferreira, and Alysson Bessani, LASIGE’s researchers, published a paper, co-authored with Eduardo Alchieri, titled “COBRA: Dynamic Proactive Secret Sharing for Confidential BFT Services”, in Proceedings of the 43rd IEEE Symposium on Security and Privacy (SP’22), a top cybersecurity conference (Core A*).
This paper proposes a method for ensuring confidentiality for the data stored on secure replicated services. Typically, secure replication (called Byzantine Fault-Tolerant, or BFT) ensure integrity and availability of the service even if a fraction of the replicas fails or are controlled by an adversary. However, they provide no confidentiality since a single compromised replica can leak all the data stored in the service. COBRA introduces an efficient dynamic proactive secret sharing scheme capable of recovering faulty replicas and reconfiguring replica groups, having thus all required features to be used as a confidentiality layer in practical BFT-replicated systems. This scheme is a core component of SIRE, the decentralised attestation and coordination service being developed at VEDLIoT for establishing trust between the IoT devices of an application.
The paper is available here.