Glimmers: Resolving the Privacy/Trust Quagmire

TL;DR

The paper proposes a hardware-based architecture called Glimmers that enables trustworthy validation of user contributions without compromising user privacy, addressing the privacy-trust conflict in service provision.

Contribution

It introduces a novel architecture utilizing client-side trustworthy hardware like Intel SGX to improve privacy-preserving trust validation methods.

Findings

Glimmer architecture effectively balances privacy and trust.

Client-side SGX can be used for trustworthy contribution validation.

The approach resolves privacy-trust conflicts in various scenarios.

Abstract

Many successful services rely on trustworthy contributions from users. To establish that trust, such services often require access to privacy-sensitive information from users, thus creating a conflict between privacy and trust. Although it is likely impractical to expect both absolute privacy and trustworthiness at the same time, we argue that the current state of things, where individual privacy is usually sacrificed at the altar of trustworthy services, can be improved with a pragmatic $Glimmer$ $of$ $Trust$, which allows services to validate user contributions in a trustworthy way without forfeiting user privacy. We describe how trustworthy hardware such as Intel's SGX can be used client-side -- in contrast to much recent work exploring SGX in cloud services -- to realize the Glimmer architecture, and demonstrate how this realization is able to resolve the tension between privacy and trust in a variety of cases.