TEA - TEE-Enabled Anonymity

TEA is a prototype instance of a provably secure anonymous communication system [1] that was developed in Subproject C1 of the SFB901. In this system, each node can generate a number of pseudonyms unlinkable to the node that created them. Nodes can send message from and to pseudonyms, allowing both senders and receivers of messages to remain anonymous.

To achieve the provably high security, [1] requires each node to be equipped with a Trusted Execution Environment (TEE). In TEA, we rely on Intel Software Guard Extensions (SGX) which are one possible specification of a TEE. Assuming that SGX keeps its promises, the theorems proven for the anonymous communication system equally apply to TEA: The system guarantees strong anonymity in spite of the presence of an adversary that observes all network traffic and can adaptively but with a small delay corrupt a constant fraction of the participating nodes. This means the adversary could completely overtake the nodes' operating systems, block incoming or outgoing messages, and even tamper with the binary code of the executable. The only part the adversary has no access to is the code and memory of the sealed SGX enclave.

In order to try out TEA, one does not need to have Intel SGX-enabled hardware. TEA can also be run in simulation mode using the official Intel SGX SDK.

[1] ris.uni-paderborn.de/record/5820

Contact

The TEA Tool has been developed by subproject C1. If you have any questions, please contact research staff from Subproject C1.