verifiable asics trustworthy hardware with untrusted
play

Verifiable ASICs: trustworthy hardware with untrusted components - PowerPoint PPT Presentation

Jun 22, 2023 •279 likes •1.17k views

Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max Howald , Siddharth Garg , abhi shelat , and Michael Walfish Stanford University New York University The Cooper Union

  1. Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby ◦ ⋆ , Max Howald † ⋆ , Siddharth Garg ⋆ , abhi shelat ‡ , and Michael Walfish ⋆ ◦ Stanford University ⋆ New York University † The Cooper Union ‡ The University of Virginia April 8, 2016

  2. You (probably) shouldn’t trust your hardware. . .

  3. You (probably) shouldn’t trust your hardware. . .

  4. You (probably) shouldn’t trust your hardware. . .

  5. You (probably) shouldn’t trust your hardware. . . . . . because fabs sometimes make mistakes

  6. You (probably) shouldn’t trust your hardware. . . . . . because fabs sometimes make “mistakes” [Tehranipoor and Koushanfar. “A survey of hardware Trojan taxon- omy and detection.” IEEE DTC, 2010.]

  7. What’s a chip designer to do? ◮ Post-fab testing ◮ Hardware obfuscation ◮ Trusted manufacturer [Bhunia, Hsiao, Banga, and Narasimhan. “Hardware Trojan attacks: threat analysis and countermeasures.” Proc. IEEE, Aug. 2014.]

  8. What’s a chip designer to do? ◮ Post-fab testing ◮ Hardware obfuscation ◮ Trusted manufacturer [Bhunia, Hsiao, Banga, and Narasimhan. “Hardware Trojan attacks: threat analysis and countermeasures.” Proc. IEEE, Aug. 2014.]

  9. What’s a chip designer to do? ◮ Post-fab testing ◮ Hardware obfuscation ◮ Trusted manufacturer – but a fab is expensive and hard to build. . . [Bhunia, Hsiao, Banga, and Narasimhan. “Hardware Trojan attacks: threat analysis and countermeasures.” Proc. IEEE, Aug. 2014.]

  10. What’s a chip designer to do? ◮ Post-fab testing ◮ Hardware obfuscation ◮ Trusted manufacturer – but a fab is expensive and hard to build. . . – . . . so trusted fab might have 10 8 × worse performance! [Bhunia, Hsiao, Banga, and Narasimhan. “Hardware Trojan attacks: threat analysis and countermeasures.” Proc. IEEE, Aug. 2014.]

  11. Roadmap 1. Problem statement: verifiable ASICs 2. Probabilistic proof systems, briefly 3. Zebra: a system for verifiable ASICs 4. Implementation and evaluation

  12. Roadmap 1. Problem statement: verifiable ASICs 2. Probabilistic proof systems, briefly 3. Zebra: a system for verifiable ASICs 4. Implementation and evaluation

  13. Problem statement: verifiable ASICs Principal Ψ → specs for P , V

  14. Problem statement: verifiable ASICs Principal Ψ → specs Supplier for P , V (foundry, Foundry processor vendor, etc.)

  15. Problem statement: verifiable ASICs Principal Ψ → specs Supplier for P , V (foundry, Foundry processor vendor, etc.) Integrator V P

  16. Problem statement: verifiable ASICs Principal Ψ → specs Supplier for P , V (foundry, Foundry processor vendor, etc.) Integrator Operator V P

  17. Problem statement: verifiable ASICs Operator V P

  18. Problem statement: verifiable ASICs Operator x V P

  19. Problem statement: verifiable ASICs Operator x V y P

  20. Problem statement: verifiable ASICs Operator x V y P proof

  21. Problem statement: verifiable ASICs Operator x V y P proof ◮ P is efficient, but can deviate arbitrarily from the protocol

  22. Problem statement: verifiable ASICs Operator x V y P proof ◮ P is efficient, but can deviate arbitrarily from the protocol ◮ Honest P always convinces V that y = Ψ( x )

  23. Problem statement: verifiable ASICs Operator x V y P proof ◮ P is efficient, but can deviate arbitrarily from the protocol ◮ Honest P always convinces V that y = Ψ( x ) ◮ V must catch dishonest P except with negligible probability

  24. Problem statement: verifiable ASICs Operator x V y P proof ◮ P is efficient, but can deviate arbitrarily from the protocol ◮ Honest P always convinces V that y = Ψ( x ) ◮ V must catch dishonest P except with negligible probability ◮ P cannot attack or disable V , or communicate with outside world (see paper for more discussion)

  25. Problem statement: verifiable ASICs Operator x V y P proof ◮ P is efficient, but can deviate arbitrarily from the protocol ◮ Honest P always convinces V that y = Ψ( x ) ◮ V must catch dishonest P except with negligible probability ◮ P cannot attack or disable V , or communicate with outside world (see paper for more discussion) ◮ Goal: V and P together should outperform Ψ executed in trusted substrate

  26. Roadmap 1. Problem statement: verifiable ASICs 2. Probabilistic proof systems, briefly 3. Zebra: a system for verifiable ASICs 4. Implementation and evaluation

  27. Probabilistic proof systems, briefly A weak verifier checks the work of a powerful prover prover verifier program, inputs outputs [Walfish and Blumberg. “Verifying computations without reexecuting them: from theoretical possibility to near practicality.” CACM, Feb. 2015.]

  28. Probabilistic proof systems, briefly A weak verifier checks the work of a powerful prover prover verifier program, inputs outputs + proof Idea : checking proof should be easier for verifier than executing program [Walfish and Blumberg. “Verifying computations without reexecuting them: from theoretical possibility to near practicality.” CACM, Feb. 2015.]

  29. Probabilistic proof systems, briefly A weak verifier checks the work of a powerful prover Recent work is in three strands: ◮ Interactive arguments ◮ [Pepper12, Ginger12, Zaatar13] [Walfish and Blumberg. “Verifying computations without reexecuting them: from theoretical possibility to near practicality.” CACM, Feb. 2015.]

  30. Probabilistic proof systems, briefly A weak verifier checks the work of a powerful prover Recent work is in three strands: ◮ Interactive arguments ◮ [Pepper12, Ginger12, Zaatar13] ◮ Non-interactive arguments (SNARKs) ◮ [PGHR13, BCGTV13, BCTV14] [Walfish and Blumberg. “Verifying computations without reexecuting them: from theoretical possibility to near practicality.” CACM, Feb. 2015.]

  31. Probabilistic proof systems, briefly A weak verifier checks the work of a powerful prover Recent work is in three strands: ◮ Interactive arguments ◮ [Pepper12, Ginger12, Zaatar13] ◮ Non-interactive arguments (SNARKs) ◮ [PGHR13, BCGTV13, BCTV14] ◮ Interactive proofs ◮ [CMT12, TRMP12, Allspice13, Tha13] [Walfish and Blumberg. “Verifying computations without reexecuting them: from theoretical possibility to near practicality.” CACM, Feb. 2015.]

  32. Probabilistic proof systems, briefly A weak verifier checks the work of a powerful prover Recent work is in three strands: ◮ Interactive arguments ◮ [Pepper12, Ginger12, Zaatar13] + Low round complexity + Mild cryptograhic assumptions ◮ Non-interactive arguments (SNARKs) ◮ [PGHR13, BCGTV13, BCTV14] ◮ Interactive proofs ◮ [CMT12, TRMP12, Allspice13, Tha13] [Walfish and Blumberg. “Verifying computations without reexecuting them: from theoretical possibility to near practicality.” CACM, Feb. 2015.]

  33. Probabilistic proof systems, briefly A weak verifier checks the work of a powerful prover Recent work is in three strands: ◮ Interactive arguments ◮ [Pepper12, Ginger12, Zaatar13] + Low round complexity + Mild cryptograhic assumptions ◮ Non-interactive arguments (SNARKs) ◮ [PGHR13, BCGTV13, BCTV14] + Public verifiability, zero knowledge – Non-falsifiable cryptographic assumptions [GW10] ◮ Interactive proofs ◮ [CMT12, TRMP12, Allspice13, Tha13] [Walfish and Blumberg. “Verifying computations without reexecuting them: from theoretical possibility to near practicality.” CACM, Feb. 2015.]

  34. Probabilistic proof systems, briefly A weak verifier checks the work of a powerful prover Recent work is in three strands: ◮ Interactive arguments ◮ [Pepper12, Ginger12, Zaatar13] + Low round complexity + Mild cryptograhic assumptions ◮ Non-interactive arguments (SNARKs) ◮ [PGHR13, BCGTV13, BCTV14] + Public verifiability, zero knowledge – Non-falsifiable cryptographic assumptions [GW10] ◮ Interactive proofs ◮ [CMT12, TRMP12, Allspice13, Tha13] + Simple and efficient prover and verifier + Information theoretic guarantees (no crypto) [Walfish and Blumberg. “Verifying computations without reexecuting them: from theoretical possibility to near practicality.” CACM, Feb. 2015.]

  35. Probabilistic proof systems, briefly A weak verifier checks the work of a powerful prover For all systems, expressiveness is somewhat limited: ◮ Arguments (interactive & non-interactive) – Computation must be expressed as an arithmetic circuit ◮ Interactive proofs – Computation must be expressed as an arithmetic circuit [Walfish and Blumberg. “Verifying computations without reexecuting them: from theoretical possibility to near practicality.” CACM, Feb. 2015.]

  36. Probabilistic proof systems, briefly A weak verifier checks the work of a powerful prover For all systems, expressiveness is somewhat limited: ◮ Arguments (interactive & non-interactive) – Computation must be expressed as an arithmetic circuit generalized boolean circuit over F p ∨ → + ∧ → × ◮ Interactive proofs – Computation must be expressed as an arithmetic circuit [Walfish and Blumberg. “Verifying computations without reexecuting them: from theoretical possibility to near practicality.” CACM, Feb. 2015.]

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max

Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max

Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max Howald , Siddharth Garg , abhi shelat , and Michael Walfish Stanford University New York University The Cooper Union

1.26k views • 110 slides
Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max

Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max

Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max Howald , Siddharth Garg , abhi shelat , and Michael Walfish Stanford University New York University The Cooper Union

1.04k views • 72 slides
Verifiable ASICs Aarhus Workshop on Secure Multiparty Computation 1 June 2016 Michael Walfish

Verifiable ASICs Aarhus Workshop on Secure Multiparty Computation 1 June 2016 Michael Walfish

Verifiable ASICs Aarhus Workshop on Secure Multiparty Computation 1 June 2016 Michael Walfish Dept. of Computer Science, Courant Institute, NYU This is joint work with: Riad S. Wahby (Stanford), Max Howald (Cooper Union and NYU), Siddharth

723 views • 44 slides
Secure Hardware HOW CAN WE PROTECT OUR HARDWARE ??? HOW CAN OUR HARDWARE PROTECT ITSELF ??? 1

Secure Hardware HOW CAN WE PROTECT OUR HARDWARE ??? HOW CAN OUR HARDWARE PROTECT ITSELF ??? 1

Secure Hardware HOW CAN WE PROTECT OUR HARDWARE ??? HOW CAN OUR HARDWARE PROTECT ITSELF ??? 1 OReilly 2 Trusted or Trustworthy? An object is trusted if and only if it operates as expected An object is trustworthy if and only if it is

707 views • 45 slides
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware F LORIAN T

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware F LORIAN T

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware F LORIAN T RAMR & D AN B ONEH ICLR, New Orleans May 7 th 2019 2 Securely outsourcing ML inference with hardware isolation - Intel SGX input X -

554 views • 10 slides
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian Tramr (joint work with Dan Boneh) Intel, Santa Clara August 30 th 2018 Trusted execution of ML: 3 motivating scenarios 1. Outsourced ML Data

781 views • 21 slides
Hardware Enclaves & In Intel SGX CS261 Hardware Enclaves HW abstractions for

Hardware Enclaves & In Intel SGX CS261 Hardware Enclaves HW abstractions for

Hardware Enclaves & In Intel SGX CS261 Hardware Enclaves HW abstractions for distributing trusted execution to untrusted platforms 2 Hardware Enclaves HW abstractions for distributing trusted execution to untrusted platforms

1.06k views • 18 slides
SegSlice: new primitives for trustworthy computing Sergey Bratus, PKI/Trust Lab, Dartmouth

SegSlice: new primitives for trustworthy computing Sergey Bratus, PKI/Trust Lab, Dartmouth

SegSlice: new primitives for trustworthy computing Sergey Bratus, PKI/Trust Lab, Dartmouth College Michael Locasto, George Mason U. Brian Schulte, George Mason U. A policy should prevent the system transitions to untrusted states from

621 views • 13 slides
VERIFIABLE DELAY FUNCTIONS Benjamin Wesolowski VERIFIABLE DELAY FUNCTIONS How to slow things

VERIFIABLE DELAY FUNCTIONS Benjamin Wesolowski VERIFIABLE DELAY FUNCTIONS How to slow things

Confrence de lancement de l'ANR Ciao, Fvrier 2020, Bordeaux, France VERIFIABLE DELAY FUNCTIONS Benjamin Wesolowski VERIFIABLE DELAY FUNCTIONS How to slow things down VERIFIABLE DELAY FUNCTIONS [Boneh, Bonneau, Bnz, Fisch 2018] A VDF is

616 views • 32 slides
Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras

Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras

Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras Untrusted Programs Untrusted Application Entire Application untrusted Part of application untrusted Modules or library untrusted

797 views • 46 slides
When NOT to Use ASICs When NOT to Use ASICs Rick Van Berg HEPIC2013 When NOT to Use ASICs When

When NOT to Use ASICs When NOT to Use ASICs Rick Van Berg HEPIC2013 When NOT to Use ASICs When

When NOT to Use ASICs When NOT to Use ASICs Rick Van Berg HEPIC2013 When NOT to Use ASICs When NOT to Use ASICs Rick Van Berg HEPIC2013 When not to Put Effort Into ASICs When not to Put Effort Into ASICs Rick Van Berg HEPIC2013 Hieronymus Bosch

352 views • 14 slides
Jitk: A trustworthy in-kernel interpreter infrastructure Xi Wang, David Lazar, Nickolai Zeldovich,

Jitk: A trustworthy in-kernel interpreter infrastructure Xi Wang, David Lazar, Nickolai Zeldovich,

Jitk: A trustworthy in-kernel interpreter infrastructure Xi Wang, David Lazar, Nickolai Zeldovich, Adam Chlipala, Zachary Tatlock MIT and University of Washington Modern OSes run untrusted user code in kernel In-kernel interpreters

1k views • 30 slides
Verifiable Random Functions and Verifiable Delay Functions Caleb Smith University of

Verifiable Random Functions and Verifiable Delay Functions Caleb Smith University of

Verifiable Random Functions and Verifiable Delay Functions Caleb Smith University of Virginia Why do these matter? Alternative consensus protocols Applications to public randomness generation Leader election Bitcoin Proof of Work

355 views • 19 slides
ECON ASICs Gregory Deptuch, Zoltan Gecse, Jim Hirschauer, Sandeep Miryala, Paul Rubinov ASICs

ECON ASICs Gregory Deptuch, Zoltan Gecse, Jim Hirschauer, Sandeep Miryala, Paul Rubinov ASICs

ECON ASICs Gregory Deptuch, Zoltan Gecse, Jim Hirschauer, Sandeep Miryala, Paul Rubinov ASICs PMG 10 May 2019 Reminders Two Endcap Concentrator (ECON) ASICs on independent data paths: ECON-TRG : select and compress interesting data for

273 views • 10 slides
ECON ASICs Jim Hirschauer, Ralph Wickwire ASICs PMG 11 Nov 2019 DOE CD-1 IPR and CERN P2UG

ECON ASICs Jim Hirschauer, Ralph Wickwire ASICs PMG 11 Nov 2019 DOE CD-1 IPR and CERN P2UG

ECON ASICs Jim Hirschauer, Ralph Wickwire ASICs PMG 11 Nov 2019 DOE CD-1 IPR and CERN P2UG CD-1 / IPR went well on Oct 22-24. Reviewers clearly concerned about ECON: The ECON ASIC is a critical component for which the US has sole

376 views • 14 slides
Verifiable Cloud Outsourcing for Network Func9ons (+

Verifiable Cloud Outsourcing for Network Func9ons (+

Verifiable Cloud Outsourcing for Network Func9ons (+ Verifiable Resource Accoun9ng for Cloud Services) Vyas Sekar vNFO joint with Seyed Fayazbakhsh,

434 views • 28 slides
Natural Language Processing: Part II Overview of Natural Language Processing (L90): ACS Lecture

Natural Language Processing: Part II Overview of Natural Language Processing (L90): ACS Lecture

Natural Language Processing: Part II Overview of Natural Language Processing (L90): ACS Natural Language Processing: Part II Overview of Natural Language Processing (L90): ACS Lecture 7: Lexical Semantics Simone Teufel (Materials mostly by Ann

552 views • 31 slides
Part of Speech Tagging Informatics 2A: Lecture 16 John Longley School of Informatics University

Part of Speech Tagging Informatics 2A: Lecture 16 John Longley School of Informatics University

Automatic POS tagging: the problem Methods for tagging Part of Speech Tagging Informatics 2A: Lecture 16 John Longley School of Informatics University of Edinburgh 23 October 2014 Informatics 2A: Lecture 16 Part of Speech Tagging 1

663 views • 26 slides
Discovering Desistance Workshop 2 ! Programme 9.30am Arrival/tea & coffee

Discovering Desistance Workshop 2 ! Programme 9.30am Arrival/tea & coffee

! ! ! ! Discovering Desistance Workshop 2 ! Programme 9.30am Arrival/tea & coffee 10-10.20 Welcome and film re-cap 10.20 -10.40 Reflections on first workshops; Have you done anything differently as a result of

449 views • 12 slides
Updates to and Features of the Dark Energy Survey Gravitational Wave Collaboration Data Pipeline

Updates to and Features of the Dark Energy Survey Gravitational Wave Collaboration Data Pipeline

Updates to and Features of the Dark Energy Survey Gravitational Wave Collaboration Data Pipeline Nora Field Sherman SIST/GEM Final Presentations 5 August 2019 Outline Science Motivation The Dark Energy Camera DESGW Data Pipeline

339 views • 10 slides
Projections for Approximate Policy Iteration Algorithms Riad Akrour , Joni Pajarinen, Gerhard

Projections for Approximate Policy Iteration Algorithms Riad Akrour , Joni Pajarinen, Gerhard

Projections for Approximate Policy Iteration Algorithms Riad Akrour , Joni Pajarinen, Gerhard Neumann, Jan Peters IAS, TU Darmstadt, Germany ICML19 Entropy Regularization in RL Widespread with actor-critic methods ICML19 Hard vs Soft

374 views • 6 slides
CHANGE IT . I N THIS PRECISE WEEKS OR DAYS , WE IN UNESPA ARE DISCLOSING THE E NGLISH VERSION OF

CHANGE IT . I N THIS PRECISE WEEKS OR DAYS , WE IN UNESPA ARE DISCLOSING THE E NGLISH VERSION OF

T HANKS VERY MUCH TO RIAD FOR HAVING THOUGH ABOUT ME TO BE HERE TODAY . I T IS AN REAL PLEASURE FOR ME TO HAVE THIS OPPORTUNITY TO DEVELOP BRIEFLY SOME CONCEPTS AND MESSAGES AROUND THOSE INSURANCE FIGURES FOCUSED ON LEGAL PROTECTION AND ASSISTANCE

579 views • 5 slides
Understanding the Performance of GPGPU Applications from a Data-Centric View Hui Zhang

Understanding the Performance of GPGPU Applications from a Data-Centric View Hui Zhang

Understanding the Performance of GPGPU Applications from a Data-Centric View Hui Zhang w.hzhang86@samsung.com Jeffrey K. Hollingsworth hollings@umd.edu Hui Zhang SC19 - Protools19 11/17/19 Motivation Its hard for programmers

362 views • 18 slides
Encoding, Fast and Slow: Low-Latency Video Processing Using Thousands of Tiny Threads Sadjad

Encoding, Fast and Slow: Low-Latency Video Processing Using Thousands of Tiny Threads Sadjad

Encoding, Fast and Slow: Low-Latency Video Processing Using Thousands of Tiny Threads Sadjad Fouladi, Riad S. Wahby, and Brennan Shacklett, Stanford University; Karthikeyan Vasuki Balasubramaniam, University of California, San Diego; William Zeng,

317 views • 19 slides

More recommend