Remote Attestation (RA) enables the integrity and authenticity of applications in Trusted Execution Environment (TEE) to be verified. Existing TEE RA designs employ a centralized trust model where they rely on a single provisioned secret key and a centralized verifier to establish trust for remote parties. This model is however brittle and can be untrusted under advanced attacks nowadays. Besides, most designs only provide fixed functionalities once deployed, making them hard to adapt to different needs on availability, Quality of Service (QoS), etc. Therefore, we propose JANUS, an open and resilient TEE RA scheme. To decentralize trust, we, on one hand, introduce Physically Unclonable Function (PUF) as an intrinsic root of trust (RoT) in TEE to provide additional measurements and cryptographic enhancements. On the other hand, we use blockchain and smart contract to realize decentralized verification and result audit. Furthermore, we design an automated turnout mechanism that allows JANUS to remain resilient and offer flexible RA services under various situations. We provide a UC-based security proof and demonstrate the scalability and generality of JANUS by implementing an open-sourced prototype.

翻译：远程证明（RA）能够验证可信执行环境（TEE）中应用的完整性和真实性。现有TEE RA设计采用集中式信任模型，依赖单个预置密钥和集中式验证器为远程方建立信任。然而，这种模型脆弱且易受新型高级攻击。此外，大多数设计部署后仅提供固定功能，难以适应可用性、服务质量（QoS）等不同需求。为此，我们提出JANUS——一种开放且弹性的TEE RA方案。为去中心化信任，我们一方面引入物理不可克隆函数（PUF）作为TEE内生信任根（RoT），提供额外度量与密码学增强；另一方面利用区块链与智能合约实现去中心化验证与结果审计。此外，我们设计自动化调节机制，使JANUS在多种场景下保持弹性并提供灵活RA服务。我们提供基于UC的安全证明，并通过开源原型验证JANUS的可扩展性与通用性。