ADAM-CS: Advanced Asynchronous Monotonic Counter Service

Publikation: Beitrag zu KonferenzenPaperBeigetragenBegutachtung



Trusted execution environments (TEEs) offer the technological breakthrough to allow several applications to be deployed and executed over untrusted public cloud environments. Although TEEs (e. g., Intel SGX, ARM TrustZone, AMD SEV) provide several mechanisms to ensure confidentiality and integrity of data and code, they do not offer freshness out of the box, a critical aspect yet often overlooked, for instance, to protect against rollback attacks. Monotonic counters are a popular way to detect rollbacks, as their counter values cannot be decremented. However, counter increments are slow (i.e., 10 th of milliseconds), making their use impractical for distributed services and applications processing thousands of transactions simultaneously, for which an order of magnitude improvement is needed. ADAM-CS is an asynchronous monotonic counter service to protect such high-traffic applications against rollback attacks. Leveraging a set of distributed monotonic counters and specific algorithms, ADAM-CS minimizes the maximum vulnerability window (MVW), i.e., the amount of transactions an adversary could successfully rollback. Thanks to its asynchronous nature, ADAM-CS supports thousands of increments per second without introducing additional latency in the transactions performed by applications. Our measurements indicate that we can keep the MVW well below 10ms while supporting a throughput of more than 21K requests/s when using eight counters.


PublikationsstatusVeröffentlicht - 2021

Externe IDs

ORCID /0000-0003-0768-6351/work/141545304
Scopus 85114882756


Forschungsprofillinien der TU Dresden

DFG-Fachsystematik nach Fachkollegium


  • TPM, monotonic counters, rollback attacks