Pick your identity

ETH doctoral students of computer science show how linking two popular technologies can have highly problematic consequences for web services.

Users can rent their digital identity to third parties, which is problematic for e-voting systems. (Image: Colourbox)
Users can rent their digital identity to third parties, which is problematic for e-voting systems. (Image: Colourbox)

In our age of information, data has become a tradable commodity. Companies habitually finance their “free” offers with targeted advertising. But data is not the only valuable online resource: digital interactions can also be monetised. Businesses already pay users to carry out certain tasks on the internet, from writing paid posts and comments on social media platforms to paid (but genuine-looking) reviews of products and services. Experts have dubbed this business segment “crowdturfing”.

As the paid comments are written by real people, they appear genuine to third parties, and operators of social media platforms struggle to identify fake reviews. But there are disadvantages: the purchased users must be instructed and paid, and execution of their paid work must be monitored. Payment, of course, exposes the relationship between the seller and buyer. As part of their project TEEvil, ETH doctoral students Ivan Puddu, Daniele Lain, Moritz Schneider and Sinisa Matetic have developed a process that solves these issues by combining two existing technologies.

Protected data space

The first technology is TEE, the Trusted Execution Environment. TEE provides a secure runtime environment (container) for applications in modern, conventional processors, with the data in the container protected from any access. This allows users to make sensitive data, e.g. healthcare information, available to third parties without the data leaving their own computer. They can also specify who can use which data for how long – another benefit of TEE. The doctoral students came up with the idea of combining TEE with cryptocurrencies to guarantee bilateral anonymity. This system facilitates completely secret transactions, from which no conclusions can be drawn about the identity of the sender or the recipient. Even the sum of the transfer remains secret.

Leased identity

The ETH students’ system makes certain actions on certain platforms available for lease, such as Facebook posts or – more seriously – votes on an e-voting platform. Although a third party carries out the action, it technically takes place on the seller’s computer. “The seller essentially rents out their digital identity, hence the term ‘identity lease’,” explains Schneider. The insidious part is that the platform operator cannot determine whether the user has carried out the action personally or whether their account has been leased. The owner of the identity can rest assured that their lessee can carry out only pre-determined manipulations.

Susceptible to abuse

Through their project, the doctoral students want to highlight not only the opportunities but also the risks inherent to any system that links a secure, personal data container with a cryptocurrency. “There is a real danger that this technology may, for instance, be used to disseminate fake news, manipulate opinions or influence votes,” Schneider warns. Operators of social networks or e-voting platforms must be aware that the technology provided by them can be relatively easily transformed into an instrument of manipulation with just a bit of criminal energy. Schneider explains: “Social platform operators have made great strides in identifying and eliminating bots; i.e. non-human players. But their systems are not prepared for authentic – but paid – accounts.”

Professor Srdjan Capkun at the Institute for Information Security further cautions: “Any new technology can provide benefits or cause damage.” He is head of the System Security Group at ETH, which includes the doctoral students. TEE and cryptocurrencies can be combined to create anonymous, digital marketplaces where digital voices can be traded in the same way as Facebook “likes”. A system such as TEEvil also makes it difficult to prove an illegal interaction with legal certainty, even with reasonable suspicion. “We must keep an eye on TEE as a potential gateway to manipulation,” Capkun emphasises. “TEEvil as a model shows clearly where we have a problem with modern technology that must be solved.”

Reference

Puddu I, Lain D, Schneider M, Tretiakova E, Matetic S, Capkun S: TEEvil: Identity Lease via Trusted Execution Environments. arxiv: external page 1903.00449

JavaScript has been disabled in your browser