securing circuits
play

Securing Circuits Against Constant-Rate Tampering Dana - PowerPoint PPT Presentation

Mar 29, 2024 •346 likes •564 views

Securing Circuits Against Constant-Rate Tampering Dana Dachman-Soled Yael Tauman Kalai Microsoft Research Tamper-Resilient Circuits [Ishai-Prabhakaran-Sahai-Wagner06] wire tampering: Tamper with me toggle, set wire to 0/1 I will

  1. Securing Circuits Against Constant-Rate Tampering Dana Dachman-Soled Yael Tauman Kalai Microsoft Research

  2. Tamper-Resilient Circuits [Ishai-Prabhakaran-Sahai-Wagner06] wire tampering: Tamper with me toggle, set wire to 0/1 I will self destruct! [IPSW06]: 1/size tampering rate Our work: 1/const tampering rate

  3. Physical Attacks Cold-boot attack [Halderman-Schoen- Heninger-Clarkson- Calandrino-Feldman- Appelbaum – Felten08] Fault attacks [Boneh-DeMillo-Lipton97, Timing attacks Biham- Shamir98, …] [Kocher96,…] Power attacks [Kocher-Jaffe- Jun99,…] Radiation Attacks Acoustic attacks [Agrawal-Archambeault- [Shamir-Tromer] Rao-Rohatgi02]

  4. Leakage attacks Tampering attacks Cold-boot attack [Halderman-Schoen- Heninger-Clarkson- Calandrino-Feldman- Appelbaum – Felten08] Fault attacks [Boneh-DeMillo-Lipton97, Timing attacks Biham- Shamir98, …] [Kocher96,…] Power attacks [Kocher-Jaffe- Jun99,…] Radiation Attacks Acoustic attacks [Agrawal-Archambeault- [Shamir-Tromer] Rao-Rohatgi02]

  5. Leakage attacks Tampering attacks [Rivest1997, Boyko1999, Canetti-Dodis- [Bellare-Kohno2003, Gennaro-Lysyanskaya-Malkin- Halevi-Kushilevitz-Sahai2000, Ishai-Sahai- Micali-Rabin2004, Ishai-Prabhakaran-Sahai- Wagner2003, Micali-Reyzin2004, Ishai- Wagner2006, Applebaum-Harnik-Ishai2010, Prabhakaran-Sahai-Wagner2006, Dziembowski-Pietrzak-Wichs2010, Kalai-kanakhurthi- Dziembowski-Pietrzak2008, Pietrzak2009 , Sahai2011, , Choi-Kiayias-Malkin11, Kalai-Lewko- Akavia-Goldwasser-Vaikuntanathan2009, Rao2011, Liu-Lysyanskaya12] Dodis-K-Lovett2009, Naor-Segev2009, Katz- Vaikuntanathan2009, Alwen-Dodis- Wichs2009, Alwen-Dodis-Naor-Segev- Walfish-Wichs2009, Faust-Kiltz-Pietrzak- Rothblum2009, Faust-Rabin-Reyzin-Tromer- Vaikuntanathan2010, Dodis-Goldwasser-K- Peikert-Vaikuntanathan2010, Goldwasser-K- Peikert-Vaikuntanathan2010, Juma- Vahlis2010, Goldwasswer-Rothblum2010, Canetti-K-Mayank-Wichs2010, Dodis- Haralambiev-LopezAlt-Wichs2010, Brakerski-K-Katz-Vaikuntanathan2010, Boyle-Segev-Wichs2010, Dodis- Pietrzak2010, Braverman-Hassidim-K2010, Lewko-Waters2010, Lewko-Rouselakis- Waters2011, Lewko-Lewko-Waters2011, Jain-Pietrzak2011, Bitansky-Canetti-Halevi- Goldwasser-K-Rothblum2011, Bitansky- Canetti-Halevi2011, Garg-Jain-Sahai2011, Brakerski-K2011, Dodis-Lewko-Waters- Wichs2011,Boyle-Garg-Goldwasser-Jain- Sahai11…]

  6. Our Results Compiler 𝐷’ 𝐷 “tamper r esilient” Need to define: 1. Tampering model 2. Security guarantee

  7. Theoretical Result

  8. Tampering Model (tampering with individual wires) Inspired by [Ishai-Prabhakaran-Sahai-Wagner2006] input 𝑦 𝑗 𝐷 tampering function 𝑦 𝑗 Memory Secret 𝑡 Public input 𝑦 𝑗

  9. Tampering Model (tampering with individual wires) Inspired by [Ishai-Prabhakaran-Sahai-Wagner2006] input 𝑦 𝑗 tampering function 𝑦 𝑗 Impossible! Memory Secret 𝑡 Public input [IPSW06] 𝑦 𝑗

  10. Tampering Model (tampering with individual wires) Inspired by [Ishai-Prabhakaran-Sahai-Wagner2006] input 𝑦 𝑗 tampering function 𝑦 𝑗 Memory Secret 𝑡 𝑗 Public input 𝑦 𝑗

  11. Our Results Compiler 𝐷’ 𝐷 tamper resilient Need to define: 1. Tampering model 2. Security guarantee

  12. Security Guarantee there exists simulator 𝑇𝑗𝑛 s.t. For every 𝑇𝑗𝑛 𝐷 ≈ , 𝑀(𝑡) 𝑡 𝑗 𝑦 𝑗 When did self- Only log bits destruct occur of leakage

  13. Our Results Compiler 𝐷’ 𝐷 tamper resilient • Resilient to constant tampering rate. • Information theoretic

  14. Comparison with [IPSW06] [IPSW06] Our Work 1 Tampering rate < Tampering rate is const . 𝑙 Uses randomness gates or Information theoretic relies on computational no need for randomness assumptions No leakage log bits of leakage Non-persistent Persistent faults faults

  15. Other Related Work • Fault-tolerant computation [VonNeumann56, . . ., KLM94, GZ95, KRL12] • Tampering only with the memory gates. [Gennaro-Lysyanskaya-Malkin-Micali-Rabin2004, Applebaum- Harnik-Ishai2010, Dziembowski-Pietrzak-Wichs2010, Kalai- Kanakhurthi-Sahai2011 , Choi-Kiayias-Malkin11, Liu- Lysyanskaya12] • Tampering with the entire circuit: [IPSW06, Faust-Pietrzak-Venturi11] – [FPV11] logarithmic leakage. – [FPV11] tamper with wires, but random errors

  16. Overview of our Construction tamper- Starting point [IPSW06]: resilient Add tamper-detection component that erases memory if tampering is detected. Key : Tamper-detection component in 𝑂𝐷 0 . . . circuit of constant size Tool: PCP of Proximity [Ben-Sasson-Goldreich-Harsha-Sudan-Vadhan06]

  17. Overview of our Construction (Cont.) Tool: PCP of Proximity [Ben-Sasson-Goldreich-Harsha-Sudan-Vadhan06] 𝐷 PCPP for 𝐷(𝑦) = 𝑐 Compiler 𝐷 Memory Secret 𝑡 Public input 𝑦 Memory Secret 𝑡 Public input 𝑦

  18. 𝑐 Error Cascade Output ˄ 𝐻 𝑝𝑣𝑢 ˄ 𝐻 𝑑𝑏𝑡 PCPP Verification b PCPP Computation Circuit Computation X = ECC(x) Encoding Memory: S = ECC(s) of Input Input: x

  19. Summary Compiler 𝐷’ 𝐷 tamper resilient • Resilient to constant tampering rate. • Information theoretic • Extend to leakage + tampering (in the paper)

  20. Thank you!

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Securing Hardware Platforms Against Malicious Circuits Through Static Analysis Matthew Hicks -

Securing Hardware Platforms Against Malicious Circuits Through Static Analysis Matthew Hicks -

Securing Hardware Platforms Against Malicious Circuits Through Static Analysis Matthew Hicks - University of Illinois Samuel T. King - University of Illinois Milo M. K. Martin - University of Pennsylvania Jonathan M. Smith - University of

625 views • 27 slides
IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT

IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT

IoT Security Image: xkcd How is securing IoT different from securing any other system? IoT is a system of systems, with A great deal of heterogeneity (sensing, computation, communication, energy) New types of devices appearing all

1.35k views • 65 slides
Building&amp;Hacking modern iOS apps Wojciech Regua @_r3ggi wojciech.regula@securing.pl

Building&amp;Hacking modern iOS apps Wojciech Regua @_r3ggi wojciech.regula@securing.pl

www.securing.pl Building&amp;Hacking modern iOS apps Wojciech Regua @_r3ggi wojciech.regula@securing.pl @_r3ggi wojciech.regula@securing.pl www.securing.pl www.securing.pl WHOAMI -Senior IT Security Consultant @ SecuRing -Focused on

998 views • 67 slides
Sequential Circuits Combinational circuits : current input output Sequential circuit :

Sequential Circuits Combinational circuits : current input output Sequential circuit :

14:332:231 DIGITAL LOGIC DESIGN Ivan Marsic, Rutgers University Electrical &amp; Computer Engineering Fall 2013 Lecture #15: Sequential Circuits: Latches Sequential Circuits Combinational circuits : current input output Sequential

483 views • 15 slides
Lecture 14: Sequential Circuits, FSM Todays topics: Sequential circuits Finite

Lecture 14: Sequential Circuits, FSM Todays topics: Sequential circuits Finite

Lecture 14: Sequential Circuits, FSM Todays topics: Sequential circuits Finite state machines 1 Sequential Circuits Until now, circuits were combinational when inputs change, the outputs change after a while (time = logic

435 views • 19 slides
Lecture 13: Sequential Circuits, FSM Todays topics: Sequential circuits Finite

Lecture 13: Sequential Circuits, FSM Todays topics: Sequential circuits Finite

Lecture 13: Sequential Circuits, FSM Todays topics: Sequential circuits Finite state machines 1 Clocks A microprocessor is composed of many different circuits that are operating simultaneously if each circuit X takes in

449 views • 20 slides
SANS Securing The Human Training Department of Safety Securing the Human Training Web

SANS Securing The Human Training Department of Safety Securing the Human Training Web

SANS Securing The Human Training Department of Safety Securing the Human Training Web based Centrally Administrated Divisionally managed Consistent content Central reporting Ability to add custom content (Policy's)

761 views • 10 slides
Stevenage Circuits Group Incorporating: Stevenage Circuits Tru-Lon Printed Circuits March 2011

Stevenage Circuits Group Incorporating: Stevenage Circuits Tru-Lon Printed Circuits March 2011

Stevenage Circuits Group Incorporating: Stevenage Circuits Tru-Lon Printed Circuits March 2011 The Organisation Stevenage Circuits formed 1971 Tru-Lon integrated into the Stevenage site March 2011 Group privately owned 11m

1.26k views • 67 slides
Securing and Protecting Securing and Protecting Water Rights and Uses in Water Rights and Uses

Securing and Protecting Securing and Protecting Water Rights and Uses in Water Rights and Uses

Securing and Protecting Securing and Protecting Water Rights and Uses in Water Rights and Uses in Arizona Arizona L. William Staudenmaier One Arizona Center 400 East Van Buren Street, Suite 1900 Phoenix, Arizona 85004 2202 602.382.6000 |

574 views • 32 slides
Securing a future for our horses. Securing a future for our sport. TABLE OF CONTENTS

Securing a future for our horses. Securing a future for our sport. TABLE OF CONTENTS

Securing a future for our horses. Securing a future for our sport. TABLE OF CONTENTS Industry-United Initiative ............................................ 2 The TAA Difference .................................................... 3 Life After

466 views • 19 slides
Securing Internet Routing Securing Internet Routing $ Local ISP Sharon Goldberg g Princeton

Securing Internet Routing Securing Internet Routing $ Local ISP Sharon Goldberg g Princeton

Jobtalk Securing Internet Routing Securing Internet Routing $ Local ISP Sharon Goldberg g Princeton University Based on work with: Based on work with: Boaz Barak, Shai Halevi, Aaron Jaggard, Vijay Ramachandran, Jennifer Rexford, Eran

1.12k views • 42 slides
Securing home Wi-Fi with WPA3 personal Raoul Dijksman and Erik Lamers Securing home Wi-Fi with

Securing home Wi-Fi with WPA3 personal Raoul Dijksman and Erik Lamers Securing home Wi-Fi with

Securing home Wi-Fi with WPA3 personal Raoul Dijksman and Erik Lamers Securing home Wi-Fi with WPA3 personal Making Wi-Fi great again With security this time, right? Securing home Wi-Fi with WPA3 personal - July 3 rd 2020 2 Why is WPA3

853 views • 28 slides
Web Security Thierry Sans Securing the web architecture means securing ... The network

Web Security Thierry Sans Securing the web architecture means securing ... The network

Web Security Thierry Sans Securing the web architecture means securing ... The network The operating system The web server ( Apache for instance) The administration server ( SSH for instance) The database ( Oracle for instance)

1.37k views • 61 slides
SECURING DONATIONS SECURING DONATIONS nonprofit.212mediastudios.com | 574.269.0720 |

SECURING DONATIONS SECURING DONATIONS nonprofit.212mediastudios.com | 574.269.0720 |

NON-PROFIT PRESENTATION TIPS FOR NON-PROFIT PRESENTATION TIPS FOR SECURING DONATIONS SECURING DONATIONS nonprofit.212mediastudios.com | 574.269.0720 | info@212mediastudios.com Having an efgective communication strategy is the fjrst step for your

116 views • 9 slides
Getting Acquainted W ith Zoom Outline Securing Your Computer Your Invitation The

Getting Acquainted W ith Zoom Outline Securing Your Computer Your Invitation The

Getting Acquainted W ith Zoom Outline Securing Your Computer Your Invitation The Waiting Room Working with Audio Working with Video Using the Tool Tray Chat In the Meeting When Things Go Wrong 2 Securing Your

325 views • 14 slides
RC Circuits RC Circuits Charging At t=0, capacitance is uncharged and C Q=0 (initial

RC Circuits RC Circuits Charging At t=0, capacitance is uncharged and C Q=0 (initial

RC Circuits RC Circuits Charging At t=0, capacitance is uncharged and C Q=0 (initial condition). At t=0, switched is closed, it the capacitor has no charge, it behaves like a conductor and I= /R. R After the capacitor is

539 views • 12 slides
Attractive routes Sound pleasantness of pedestrian walks in urban environment Catherine Lavandier

Attractive routes Sound pleasantness of pedestrian walks in urban environment Catherine Lavandier

Attractive routes Sound pleasantness of pedestrian walks in urban environment Catherine Lavandier (Pauline Delaitre Pierre Aumond) Sound pleasantness of a soundscape in urban situations Aim of different projects was to propose urban sound

226 views • 19 slides
Parsing and Speech Research at Brown University Mark Johnson Brown University The University of

Parsing and Speech Research at Brown University Mark Johnson Brown University The University of

Parsing and Speech Research at Brown University Mark Johnson Brown University The University of Tokyo, March 2004 Joint work with Eugene Charniak, Michelle Gregory and Keith Hall Supported by NSF grants LIS 9720368 and IIS0095940 1 Talk

752 views • 42 slides
Difficult acoustic environments? Maintaining voice intelligibility Measurement Conventions

Difficult acoustic environments? Maintaining voice intelligibility Measurement Conventions

Difficult acoustic environments? Maintaining voice intelligibility Measurement Conventions Speech transmission index, Alcons and all the others Measurement Conventions % Alcons, STI or C50? %ALcons = Articulation Loss of Consonants expressed

975 views • 73 slides
Delay-based Audio Effect Graduate School of Culture Technology (GSCT) Juhan Nam 1 Introduction

Delay-based Audio Effect Graduate School of Culture Technology (GSCT) Juhan Nam 1 Introduction

CTP 431 Music and Audio Computing Delay-based Audio Effect Graduate School of Culture Technology (GSCT) Juhan Nam 1 Introduction Types of delay-based audio effect Delay Chorus Flanger Reverberation 2 Perception of Time

363 views • 12 slides
Argon : tradeoff-resilient password hashing scheme Alex Biryukov Dmitry Khovratovich University

Argon : tradeoff-resilient password hashing scheme Alex Biryukov Dmitry Khovratovich University

Argon : tradeoff-resilient password hashing scheme Alex Biryukov Dmitry Khovratovich University of Luxembourg Concept of password hashing 1 Client generates password P and sends it to the server; 2 Server generates salt S and computes hash H (

664 views • 34 slides
Applications of Berkeley s Dwarfs on Nvidia GPUs Seminar: Topics in High-Performance and

Applications of Berkeley s Dwarfs on Nvidia GPUs Seminar: Topics in High-Performance and

Applications of Berkeley s Dwarfs on Nvidia GPUs Seminar: Topics in High-Performance and Scientific Computing Team N2: Yang Zhang, Haiqing Wang 05.02.2015 Overview CUDA Dynamic Programming Sparse Linear Algebra The Dwarfs

819 views • 40 slides
A Correctness Result for Synthesizing Plans With Loops in Stochastic Domains Laszlo Treszkai

A Correctness Result for Synthesizing Plans With Loops in Stochastic Domains Laszlo Treszkai

A Correctness Result for Synthesizing Plans With Loops in Stochastic Domains Laszlo Treszkai &amp; Vaishak Belle , University of Edinburgh Finite State Controllers FSCs, such as plans with loops, are powerful and compact representations of

522 views • 12 slides
Markov decision process (MDP) Robert Platt Northeastern University The RL Setting Action Agent

Markov decision process (MDP) Robert Platt Northeastern University The RL Setting Action Agent

Markov decision process (MDP) Robert Platt Northeastern University The RL Setting Action Agent World Observation Reward On a single time step, agent does the following: 1. observe some information 2. select an action to execute 3. take

858 views • 69 slides

More recommend