TrInc: Small Trusted Hardware for Large Distributed Systems

This talk presents TrInc, a small, trusted component that prevents many types of participant misbehavior in large, distributed systems. Consisting fundamentally of only a non-decreasing counter and a key, it provides a new primitive: unique, once-in-a-lifetime attestations. This primitive prevents parties from equivocating, i.e., making conflicting statements, thereby thwarting a crucial component of much selfish and malicious operation.

The talk will show that TrInc is practical and versatile. Its deployment is viable because it is simple and because its fundamental components are already deployed in many new personal computers today. Even computers without these components can use TrInc as a peripheral attachment, since its interface is unintrusive and can operate over an untrusted channel. TrInc is easily applicable to a wide range of distributed systems, demonstrated by three detailed case studies: attested append-only memory (A2M), PeerReview, and BitTorrent. Two of these demonstrate how TrInc can be used in generic frameworks that prevent and detect arbitrary incorrect behavior.
Jacob R. Lorch has been a Researcher at Microsoft Research in Redmond, WA for the last seven years. Before that, he received his Ph.D. in Computer Science from UC Berkeley in 2001 under the supervision of Alan Jay Smith. Jay's research focuses broadly on computer systems, with particular emphasis on distributed systems, online games, web security, cloud computing, and energy management. In recent work, he has developed Donnybrook (SIGCOMM 2008), a system for dramatically increasing the scale of peer-to-peer, latency-sensitive games; Xax (OSDI 2008), a secure, OS-independent platform enabling web applications to be built with legacy code; and TrInc (NSDI 2009), a simple piece of trusted hardware useful in securing a variety of distributed systems. His current work includes leveraging cloud computing in interactive desktop applications, and improving game matchmaking with a latency prediction system.