Room 206 (2nd floor, badged access)
18 December 2025 - 14h00
Defending TEE-aided Blockchain Consensus against Rollback Attacks
by Jérémie Decouchant from TU Delft (Pays-Bas)
Abstract: In this talk, I will first provide some background on Damysus (EuroSys'21), an efficient Byzantine Fault-Tolerant (BFT) consensus protocol that uses Trusted Execution Environments (TEEs) to achieve resilience with fewer replicas and reduced communication rounds compared to protocols like HotStuff.
We will then see how rollback attacks, which have been recently highlihted in security conferences, threaten the liveness and safety guarantees of Damysus. In these attacks, an adversary might crash a TEE, which results in it losing its state, or clone a TEE. Most (if not all) TEEs are vulnerable to rollback attacks and they have to be tolerated at the software level.
The solution I will describe (to appear at NDSS 2026) is made of two protocols: Pallas and Aegis. Together, these protocols form a rollback-resilient TEE-aided blockchain consensus algorithm. Aegis is a novel TEE-aware view synchronizer that prevents malicious TEE cloning by strictly ensuring only one TEE per replica can vote in any view. Pallas is the first BFT consensus protocol that guarantees both safety and liveness under a strong adversary model that includes Byzantine faults and unbounded mobile TEE crash-recoveries, without increasing replica count or incurring high state replication costs.
Candidat potentiel au poste PR en Cybersécu Verimag/UGA
