verifiable asics trustworthy hardware with untrusted
play

Verifiable ASICs: trustworthy hardware with untrusted components - PowerPoint PPT Presentation

Aug 27, 2023 •309 likes •1.04k views

Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max Howald , Siddharth Garg , abhi shelat , and Michael Walfish Stanford University New York University The Cooper Union

  1. Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby ◦ ⋆ , Max Howald † ⋆ , Siddharth Garg ⋆ , abhi shelat ‡ , and Michael Walfish ⋆ ◦ Stanford University ⋆ New York University † The Cooper Union ‡ The University of Virginia May 25 th , 2016

  2. Untrusted manufacturers can craft hardware Trojans

  3. Untrusted manufacturers can craft hardware Trojans

  4. Untrusted manufacturers can craft hardware Trojans

  5. Untrusted manufacturers can craft hardware Trojans

  6. Untrusted manufacturers can craft hardware Trojans Trusted fabrication is not a panacea: ✗ Only 5 countries have cutting-edge fabs on-shore ✗ Building a new fab takes $$$$$$, years of R&D ✗ An old fab could mean 10 8 × performance hit accounting for speed, chip area, and energy Can we get trust more cheaply?

  7. Can we build Verifiable ASICs? Principal F → designs for P , V

  8. Can we build Verifiable ASICs? Principal F → designs Trusted Untrusted for P , V fab (slow) fab (fast) builds V builds P

  9. Can we build Verifiable ASICs? Principal F → designs Trusted Untrusted for P , V fab (slow) fab (fast) builds V builds P Integrator V P

  10. Can we build Verifiable ASICs? Principal F → designs Trusted Untrusted for P , V fab (slow) fab (fast) builds V builds P Integrator input V P output

  11. Can we build Verifiable ASICs? Principal F → designs Trusted Untrusted for P , V fab (slow) fab (fast) builds V builds P Integrator input x V y P output proof that y = F( x )

  12. Can we build Verifiable ASICs? input x V y P vs. F output proof that y = F( x ) • Makes sense if V + P are cheaper than trusted F

  13. Can we build Verifiable ASICs? input x V y P vs. F output proof that y = F( x ) • Makes sense if V + P are cheaper than trusted F • Reasons for hope: • running time of V < running time of F (asymptotically) • speed of cutting-edge fab might offset P ’s overheads

  14. Can we build Verifiable ASICs? input x V y P vs. F output proof that y = F( x ) • Makes sense if V + P are cheaper than trusted F • Reasons for hope: • running time of V < running time of F (asymptotically) • speed of cutting-edge fab might offset P ’s overheads • Challenges remain: • Hardware issues: energy, chip area • Need physically realizable circuit design • V needs to save work at plausible computation sizes

  15. Zebra: a hardware design that saves costs

  16. A qualified success Zebra: a hardware design that saves costs. . . . . . sometimes.

  17. Probabilistic proof systems, briefly input x V y P output proof that y = F( x ) F must be expressed as an arithmetic circuit (AC) generalized boolean circuit over F p ∨ → + ∧ → ×

  18. Probabilistic proof systems, briefly input x V y P output proof that y = F( x ) F must be expressed as an arithmetic circuit (AC) AC satisfiable ⇐ ⇒ F was executed correctly P convinces V that the AC is satisfiable

  19. Probabilistic proof systems, briefly input x V y P output proof that y = F( x ) Arguments [GGPR13, IPs SBVBPW13, PGHR13, BCTV14] [GKR08, CMT12, VSBW13] e.g., Muggles, CMT, Allspice e.g., Zaatar, Pinocchio, libsnark

  20. Probabilistic proof systems, briefly input x V y P output proof that y = F( x ) Arguments [GGPR13, IPs SBVBPW13, PGHR13, BCTV14] [GKR08, CMT12, VSBW13] e.g., Muggles, CMT, Allspice e.g., Zaatar, Pinocchio, libsnark – “Quasi–straight line” F + F with RAM, complex control flow – Lots of V - P communication + Little V - P communication

  21. Probabilistic proof systems, briefly input x V y P output proof that y = F( x ) Arguments [GGPR13, IPs SBVBPW13, PGHR13, BCTV14] [GKR08, CMT12, VSBW13] e.g., Muggles, CMT, Allspice e.g., Zaatar, Pinocchio, libsnark – “Quasi–straight line” F + F with RAM, complex control flow – Lots of V - P communication + Little V - P communication Unsuited to hardware ✗ implementation

  22. Probabilistic proof systems, briefly input x V y P output proof that y = F( x ) Arguments [GGPR13, IPs SBVBPW13, PGHR13, BCTV14] [GKR08, CMT12, VSBW13] e.g., Muggles, CMT, Allspice e.g., Zaatar, Pinocchio, libsnark – “Quasi–straight line” F + F with RAM, complex control flow – Lots of V - P communication + Little V - P communication Suited to hardware Unsuited to hardware ✓ ✗ implementation implementation

  23. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] F must be expressed as a layered arithmetic circuit. Note: this is an abstraction of F, not a physical circuit!

  24. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs

  25. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit

  26. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit

  27. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit

  28. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit, returns output y y

  29. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit, returns output y 3. V cross-examines P about the last layer

  30. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit, returns output y 3. V cross-examines P about the last layer, ends up with claim about second-last layer

  31. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit, returns output y 3. V cross-examines P about the last layer, ends up with claim about second-last layer 4. V iterates

  32. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit, returns output y 3. V cross-examines P about the last layer, ends up with claim about second-last layer 4. V iterates

  33. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit, returns output y 3. V cross-examines P about the last layer, ends up with claim about second-last layer 4. V iterates

  34. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit, returns output y 3. V cross-examines P about the last layer, ends up with claim about second-last layer 4. V iterates, ends up with claim about inputs

  35. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit, returns output y 3. V cross-examines P about the last layer, ends up with claim about second-last layer 4. V iterates, ends up with claim about inputs 5. V checks consistency with the inputs V ’s work ≈ O (depth · log width), so it saves work when width ≫ depth

  36. Can we parallelize this interaction? Can V and P interact about all of F’s layers at once? No. V must ask questions in correct order or P can cheat!

  37. Can we parallelize this interaction? Can V and P interact about all of F’s layers at once? No. V must ask questions in correct order or P can cheat! But: Zebra uses pipelining to parallelize several Fs.

  38. Extracting parallelism through pipelining V questions P about F( x 1 )’s output layer. F( x 1 )

  39. Extracting parallelism through pipelining V questions P about F( x 1 )’s output layer. Simultaneously, P returns F( x 2 ). F( x 1 ) F( x 2 )

  40. Extracting parallelism through pipelining V questions P about F( x 1 )’s next layer F( x 1 )

  41. Extracting parallelism through pipelining V questions P about F( x 1 )’s next layer, and F( x 2 )’s output layer. F( x 1 ) F( x 2 )

  42. Extracting parallelism through pipelining V questions P about F( x 1 )’s next layer, and F( x 2 )’s output layer. Meanwhile, P returns F( x 3 ). F( x 1 ) F( x 2 ) F( x 3 )

  43. Extracting parallelism through pipelining This process continues until the pipeline is full. F( x 1 ) F( x 2 ) F( x 3 ) F( x 4 )

  44. Extracting parallelism through pipelining This process continues until the pipeline is full. F( x 1 ) F( x 2 ) F( x 3 ) F( x 4 ) F( x 5 )

  45. Extracting parallelism through pipelining F( x 1 ) This process continues F( x 2 ) until the pipeline is full. F( x 3 ) V and P can complete one proof in each time F( x 4 ) step. F( x 5 ) F( x 6 ) F( x 7 ) F( x 8 )

  46. Zebra’s design approach ✓ Extract parallelism e.g., pipelined proving

  47. Zebra’s design approach ✓ Extract parallelism e.g., pipelined proving ✓ Exploit locality: distribute data and control e.g., no RAM: data is kept close to places it is needed e.g., latency-insensitive design: distributed state machine avoids bottlenecks associated with central controller

  48. Zebra’s design approach ✓ Extract parallelism e.g., pipelined proving ✓ Exploit locality: distribute data and control e.g., no RAM: data is kept close to places it is needed e.g., latency-insensitive design: distributed state machine avoids bottlenecks associated with central controller ✓ Reduce, reuse, recycle e.g., computation: save energy by adding memoization to P e.g., hardware: save chip area by reusing the same circuits

  49. Architectural challenges Interaction between V and P requires a lot of bandwidth ✗ V and P on circuit board? Too much energy, circuit area Protocol requires input-independent precomputation [Allspice13]

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max

Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max

Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max Howald , Siddharth Garg , abhi shelat , and Michael Walfish Stanford University New York University The Cooper Union

1.26k views • 110 slides
Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max

Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max

Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max Howald , Siddharth Garg , abhi shelat , and Michael Walfish Stanford University New York University The Cooper Union

1.17k views • 88 slides
Verifiable ASICs Aarhus Workshop on Secure Multiparty Computation 1 June 2016 Michael Walfish

Verifiable ASICs Aarhus Workshop on Secure Multiparty Computation 1 June 2016 Michael Walfish

Verifiable ASICs Aarhus Workshop on Secure Multiparty Computation 1 June 2016 Michael Walfish Dept. of Computer Science, Courant Institute, NYU This is joint work with: Riad S. Wahby (Stanford), Max Howald (Cooper Union and NYU), Siddharth

723 views • 44 slides
Secure Hardware HOW CAN WE PROTECT OUR HARDWARE ??? HOW CAN OUR HARDWARE PROTECT ITSELF ??? 1

Secure Hardware HOW CAN WE PROTECT OUR HARDWARE ??? HOW CAN OUR HARDWARE PROTECT ITSELF ??? 1

Secure Hardware HOW CAN WE PROTECT OUR HARDWARE ??? HOW CAN OUR HARDWARE PROTECT ITSELF ??? 1 OReilly 2 Trusted or Trustworthy? An object is trusted if and only if it operates as expected An object is trustworthy if and only if it is

707 views • 45 slides
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware F LORIAN T

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware F LORIAN T

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware F LORIAN T RAMR &amp; D AN B ONEH ICLR, New Orleans May 7 th 2019 2 Securely outsourcing ML inference with hardware isolation - Intel SGX input X -

554 views • 10 slides
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian Tramr (joint work with Dan Boneh) Intel, Santa Clara August 30 th 2018 Trusted execution of ML: 3 motivating scenarios 1. Outsourced ML Data

781 views • 21 slides
Hardware Enclaves &amp; In Intel SGX CS261 Hardware Enclaves HW abstractions for

Hardware Enclaves &amp; In Intel SGX CS261 Hardware Enclaves HW abstractions for

Hardware Enclaves &amp; In Intel SGX CS261 Hardware Enclaves HW abstractions for distributing trusted execution to untrusted platforms 2 Hardware Enclaves HW abstractions for distributing trusted execution to untrusted platforms

1.06k views • 18 slides
SegSlice: new primitives for trustworthy computing Sergey Bratus, PKI/Trust Lab, Dartmouth

SegSlice: new primitives for trustworthy computing Sergey Bratus, PKI/Trust Lab, Dartmouth

SegSlice: new primitives for trustworthy computing Sergey Bratus, PKI/Trust Lab, Dartmouth College Michael Locasto, George Mason U. Brian Schulte, George Mason U. A policy should prevent the system transitions to untrusted states from

621 views • 13 slides
VERIFIABLE DELAY FUNCTIONS Benjamin Wesolowski VERIFIABLE DELAY FUNCTIONS How to slow things

VERIFIABLE DELAY FUNCTIONS Benjamin Wesolowski VERIFIABLE DELAY FUNCTIONS How to slow things

Confrence de lancement de l'ANR Ciao, Fvrier 2020, Bordeaux, France VERIFIABLE DELAY FUNCTIONS Benjamin Wesolowski VERIFIABLE DELAY FUNCTIONS How to slow things down VERIFIABLE DELAY FUNCTIONS [Boneh, Bonneau, Bnz, Fisch 2018] A VDF is

616 views • 32 slides
Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras

Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras

Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras Untrusted Programs Untrusted Application Entire Application untrusted Part of application untrusted Modules or library untrusted

797 views • 46 slides
When NOT to Use ASICs When NOT to Use ASICs Rick Van Berg HEPIC2013 When NOT to Use ASICs When

When NOT to Use ASICs When NOT to Use ASICs Rick Van Berg HEPIC2013 When NOT to Use ASICs When

When NOT to Use ASICs When NOT to Use ASICs Rick Van Berg HEPIC2013 When NOT to Use ASICs When NOT to Use ASICs Rick Van Berg HEPIC2013 When not to Put Effort Into ASICs When not to Put Effort Into ASICs Rick Van Berg HEPIC2013 Hieronymus Bosch

352 views • 14 slides
Jitk: A trustworthy in-kernel interpreter infrastructure Xi Wang, David Lazar, Nickolai Zeldovich,

Jitk: A trustworthy in-kernel interpreter infrastructure Xi Wang, David Lazar, Nickolai Zeldovich,

Jitk: A trustworthy in-kernel interpreter infrastructure Xi Wang, David Lazar, Nickolai Zeldovich, Adam Chlipala, Zachary Tatlock MIT and University of Washington Modern OSes run untrusted user code in kernel In-kernel interpreters

1k views • 30 slides
Verifiable Random Functions and Verifiable Delay Functions Caleb Smith University of

Verifiable Random Functions and Verifiable Delay Functions Caleb Smith University of

Verifiable Random Functions and Verifiable Delay Functions Caleb Smith University of Virginia Why do these matter? Alternative consensus protocols Applications to public randomness generation Leader election Bitcoin Proof of Work

355 views • 19 slides
ECON ASICs Gregory Deptuch, Zoltan Gecse, Jim Hirschauer, Sandeep Miryala, Paul Rubinov ASICs

ECON ASICs Gregory Deptuch, Zoltan Gecse, Jim Hirschauer, Sandeep Miryala, Paul Rubinov ASICs

ECON ASICs Gregory Deptuch, Zoltan Gecse, Jim Hirschauer, Sandeep Miryala, Paul Rubinov ASICs PMG 10 May 2019 Reminders Two Endcap Concentrator (ECON) ASICs on independent data paths: ECON-TRG : select and compress interesting data for

273 views • 10 slides
ECON ASICs Jim Hirschauer, Ralph Wickwire ASICs PMG 11 Nov 2019 DOE CD-1 IPR and CERN P2UG

ECON ASICs Jim Hirschauer, Ralph Wickwire ASICs PMG 11 Nov 2019 DOE CD-1 IPR and CERN P2UG

ECON ASICs Jim Hirschauer, Ralph Wickwire ASICs PMG 11 Nov 2019 DOE CD-1 IPR and CERN P2UG CD-1 / IPR went well on Oct 22-24. Reviewers clearly concerned about ECON: The ECON ASIC is a critical component for which the US has sole

376 views • 14 slides
Verifiable Cloud Outsourcing for Network Func9ons (+

Verifiable Cloud Outsourcing for Network Func9ons (+

Verifiable Cloud Outsourcing for Network Func9ons (+ Verifiable Resource Accoun9ng for Cloud Services) Vyas Sekar vNFO joint with Seyed Fayazbakhsh,

434 views • 28 slides
11-731 Machine Translation Speech 2 Speech Translation Speech Translation Three part systems

11-731 Machine Translation Speech 2 Speech Translation Speech Translation Three part systems

11-731 Machine Translation Speech 2 Speech Translation Speech Translation Three part systems Three part systems ASR ASR - -&gt; Translation &gt; Translation - -&gt; TTS &gt; TTS System configurations System

284 views • 27 slides
CAPITAMALL TRUST Singapores First &amp; Largest REIT Annual General Meeting 16 April 2015

CAPITAMALL TRUST Singapores First &amp; Largest REIT Annual General Meeting 16 April 2015

Photo Credit: Kwek Swee Seng, Singapore CAPITAMALL TRUST Singapores First &amp; Largest REIT Annual General Meeting 16 April 2015 Annual General Meeting *April 2015* Disclaimer This presentation may contain forward-looking statements that

535 views • 38 slides
through Glo lobal Valu lue Chains: Methodological Innovations in measuring technological

through Glo lobal Valu lue Chains: Methodological Innovations in measuring technological

Local fi firm Capabilities &amp; In Industrialization through Glo lobal Valu lue Chains: Methodological Innovations in measuring technological capabilities Dr. Lindsay Whitfield Professor MSO in Global Studies Roskilde University, Denmark

271 views • 12 slides
next steps Srinath Setty Microsoft Research (Thanks to Michael Walfish for some of the slides.)

next steps Srinath Setty Microsoft Research (Thanks to Michael Walfish for some of the slides.)

Implementations of probabilistic proofs for verifiable outsourcing: survey and next steps Srinath Setty Microsoft Research (Thanks to Michael Walfish for some of the slides.) GMR 85 BCC 88 Kilian92 without executing f, Micali94 can check

674 views • 34 slides
From Identification using Rejection Sampling to Signatures via the Fiat-Shamir Transform:

From Identification using Rejection Sampling to Signatures via the Fiat-Shamir Transform:

From Identification using Rejection Sampling to Signatures via the Fiat-Shamir Transform: Application to the BLISS Signature Pauline Bert and Adeline Roux-Langlois Journes C2 2018 Univ Rennes, CNRS, IRISA 1 Contribution Fiat-Shamir

326 views • 19 slides
INCMAP: A JOURNEY TOWARDS ONTOLOGY -BASED DATA INTEGRATION CHRISTOPH PINKEL (MAIN AUTHOR),

INCMAP: A JOURNEY TOWARDS ONTOLOGY -BASED DATA INTEGRATION CHRISTOPH PINKEL (MAIN AUTHOR),

INCMAP: A JOURNEY TOWARDS ONTOLOGY -BASED DATA INTEGRATION CHRISTOPH PINKEL (MAIN AUTHOR), CARSTEN BINNIG, ERNESTO JIMENEZ-RUIZ, EVGENY KARMALOV, ET AL. EXPLORING DATABASES CAN BE TEDIOUS Author of paper with title IncMap? SQL 2

614 views • 20 slides
Hadoop Jrg Mllenkamp Principal Field Technologist Sun Microsystems Agenda Introduction

Hadoop Jrg Mllenkamp Principal Field Technologist Sun Microsystems Agenda Introduction

Hadoop Jrg Mllenkamp Principal Field Technologist Sun Microsystems Agenda Introduction CMT+Hadoop Solaris+Hadoop Sun Grid Engine+Hadoop Introduction Im ... Jrg Mllenkamp better known as c0t0d0s0.org Sun Employee

1.37k views • 103 slides
TCP-Friendliness of SCTP and Concurrent Multipath Transfer (CMT) ILKNUR AYDIN ICCRG meeting

TCP-Friendliness of SCTP and Concurrent Multipath Transfer (CMT) ILKNUR AYDIN ICCRG meeting

TCP-Friendliness of SCTP and Concurrent Multipath Transfer (CMT) ILKNUR AYDIN ICCRG meeting @PFLDNET Nov 28-29 2010, Lancaster, PA, USA Outline Background on TCP-Friendliness (TCP-F) TCP-F of single-homed SCTP Motivation, SCTP vs. TCP

818 views • 28 slides

More recommend