Off-Chain Trusted Computing

Abstract

Trustworthiness and privacy are of primary concern as companies connect their manufacturing and logistic infrastructures to the Internet of Things (IoT). They want to reap the benefit of automated asset management, process control and predictive maintenance. However, to do so effectively, companies need to facilitate information sharing among trustworthy partners while complying with data protection and privacy preserving regulations. In this respect, Distributed Ledgers (a.k.a. Blockchains) offer a viable solution by enabling their participants to discover one another and establish peer-to-peer trust relations without a centralized intermediary. Nonetheless, this approach comes with a caveat: Blockchains may not scale well. Since each Blockchain-based transaction must be attested by multiple Blockchain participants, it may take time to complete a transaction. Besides, since each transaction is processed by multiple participants, information privacy is sacrificed in exchange for Byzantine fault tolerance and trustworthiness of the results. To overcome these shortcomings of on-chain computing, OffChain Trusted Computing was devised to offload the bulk of transaction workload to the Trusted Execution Environments (TEEs) established in the off-chain computing nodes that are trusted by the Blockchain participants, leaving only the execution of business logic to on-chain computing. This hybrid approach greatly increases the efficiency and speed of the transactions. Moreover, by concealing the input and output of the TEEs with data encryption and verifying the states of transaction execution in the TEEs through remote attestation, Off-Chain Trusted Computing can preserve the information privacy of data providers and confirm the proper execution of the business logic. This column provides an introduction to this new technology by explaining its operation, surveying its standardized application programming interfaces (APIs) and mentioning an example application.