A Touch of Evil: High-Assurance Cryptographic Hardware from
Untrusted Components

D 2017

A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components

MAVROUDIS, Vasilios, Andrea CERULLI, Petr ŠVENDA, Daniel CVRČEK, Dušan KLINEC et. al.

Základní údaje

Originální název

A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components

Autoři

MAVROUDIS, Vasilios (300 Řecko), Andrea CERULLI (826 Velká Británie a Severní Irsko), Petr ŠVENDA (203 Česká republika, garant, domácí), Daniel CVRČEK (203 Česká republika), Dušan KLINEC (703 Slovensko, domácí) a George DANEZIS (300 Řecko)

Vydání

Dallas, TX, USA, CCS '17: Proceedings of the 24th ACM SIGSAC Conference on Computer and Communications Security, od s. 1583-1600, 18 s. 2017

Nakladatel

ACM

Další údaje

Jazyk

angličtina

Typ výsledku

Stať ve sborníku

Obor

10201 Computer sciences, information science, bioinformatics

Stát vydavatele

Česká republika

Utajení

není předmětem státního či obchodního tajemství

Forma vydání

elektronická verze "online"

Kód RIV

RIV/00216224:14330/17:00095059

Organizační jednotka

Fakulta informatiky

ISBN

978-1-4503-4946-8

DOI

http://dx.doi.org/10.1145/3133956.3133961

UT WoS

000440307700100

Klíčová slova anglicky

cryptographic hardware; hardware trojans; backdoor-tolerance; secure architecture

Štítky

best2, core_A, ECC, firank_1, secure multiparty computation, smartcard

Příznaky

Mezinárodní význam, Recenzováno

Změněno: 30. 9. 2019 11:03, RNDr. Pavel Šmerk, Ph.D.

Anotace

V originále

The semiconductor industry is fully globalized and integrated circuits (ICs) are commonly defined, designed and fabricated in different premises across the world. This reduces production costs, but also exposes ICs to supply chain attacks, where insiders introduce malicious circuitry into the final products. Additionally, despite extensive post-fabrication testing, it is not uncommon for ICs with subtle fabrication errors to make it into production systems. While many systems may be able to tolerate a few byzantine components, this is not the case for cryptographic hardware, storing and computing on confidential data. For this reason, many error and backdoor detection techniques have been proposed over the years. So far all attempts have been either quickly circumvented, or come with unrealistically high manufacturing costs and complexity. This paper proposes Myst, a practical high-assurance architecture, that uses commercial off-the-shelf (COTS) hardware, and provides strong security guarantees, even in the presence of multiple malicious or faulty components. The key idea is to combine protective-redundancy with modern threshold cryptographic techniques to build a system tolerant to hardware trojans and errors. To evaluate our design, we build a Hardware Security Module that provides the highest level of assurance possible with COTS components. Specifically, we employ more than a hundred COTS secure cryptocoprocessors, verified to FIPS140-2 Level 4 tamper-resistance standards, and use them to realize high-confidentiality random number generation, key derivation, public key decryption and signing. Our experiments show a reasonable computational overhead (less than 1% for both Decryption and Signing) and an exponential increase in backdoor-tolerance as more ICs are added.

Návaznosti

GA16-08565S, projekt VaV

Název: Rozvoj kryptoanalytických metod prostřednictvím evolučních výpočtů

Investor: Grantová agentura ČR, Advancing cryptanalytic methods through evolutionary computing

Citovat

MAVROUDIS, Vasilios, Andrea CERULLI, Petr ŠVENDA, Daniel CVRČEK, Dušan KLINEC a George DANEZIS. A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components. Online. In ACM. CCS '17: Proceedings of the 24th ACM SIGSAC Conference on Computer and Communications Security. Dallas, TX, USA: ACM, 2017, s. 1583-1600. ISBN 978-1-4503-4946-8. Dostupné z: https://dx.doi.org/10.1145/3133956.3133961.

@inproceedings{1392236,
   author = {Mavroudis, Vasilios and Cerulli, Andrea and Švenda, Petr and Cvrček, Daniel and Klinec, Dušan and Danezis, George},
   address = {Dallas, TX, USA},
   booktitle = {CCS '17: Proceedings of the 24th ACM SIGSAC Conference on Computer and Communications Security},
   doi = {http://dx.doi.org/10.1145/3133956.3133961},
   editor = {ACM},
   keywords = {cryptographic hardware; hardware trojans; backdoor-tolerance; secure architecture},
   howpublished = {elektronická verze "online"},
   language = {eng},
   location = {Dallas, TX, USA},
   isbn = {978-1-4503-4946-8},
   pages = {1583-1600},
   publisher = {ACM},
   title = {A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components},
   year = {2017}
}

TY  - JOUR
ID  - 1392236
AU  - Mavroudis, Vasilios - Cerulli, Andrea - Švenda, Petr - Cvrček, Daniel - Klinec, Dušan - Danezis, George
PY  - 2017
TI  - A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components
PB  - ACM
CY  - Dallas, TX, USA
SN  - 9781450349468
KW  - cryptographic hardware
KW  - hardware trojans
KW  - backdoor-tolerance
KW  - secure architecture
N2  - The semiconductor industry is fully globalized and integrated circuits (ICs) are commonly defined, designed and fabricated in different premises across the world. This reduces production costs, but also exposes ICs to supply chain attacks, where insiders introduce malicious circuitry into the final products. Additionally, despite extensive post-fabrication testing, it is not uncommon for ICs with subtle fabrication errors to make it into production systems. While many systems may be able to tolerate a few byzantine components, this is not the case for cryptographic hardware, storing and computing on confidential data. For this reason, many error and backdoor detection techniques have been proposed over the years. So far all attempts have been either quickly circumvented, or come with unrealistically high manufacturing costs and complexity. This paper proposes Myst, a practical high-assurance architecture, that uses commercial off-the-shelf (COTS) hardware, and provides strong security guarantees, even in the presence of multiple malicious or faulty components. The key idea is to combine protective-redundancy with modern threshold cryptographic techniques to build a system tolerant to hardware trojans and errors. To evaluate our design, we build a Hardware Security Module that provides the highest level of assurance possible with COTS components. Specifically, we employ more than a hundred COTS secure cryptocoprocessors, verified to FIPS140-2 Level 4 tamper-resistance standards, and use them to realize high-confidentiality random number generation, key derivation, public key decryption and signing. Our experiments show a reasonable computational overhead (less than 1% for both Decryption and Signing) and an exponential increase in backdoor-tolerance as more ICs are added.
ER  -

MAVROUDIS, Vasilios, Andrea CERULLI, Petr ŠVENDA, Daniel CVRČEK, Dušan KLINEC a George DANEZIS. A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components. Online. In ACM. \textit{CCS '17: Proceedings of the 24th ACM SIGSAC Conference on Computer and Communications Security}. Dallas, TX, USA: ACM, 2017, s.~1583-1600. ISBN~978-1-4503-4946-8. Dostupné z: https://dx.doi.org/10.1145/3133956.3133961.

Podrobný výpis o publikaci