Presentation on theme: "1 Beyond Authentication Don’t Trust, Just Verify Eran Tromer BRCMF Inaguration Ceremony 21 Nov 2013."— Presentation transcript:
1 Beyond Authentication Don’t Trust, Just Verify Eran Tromer BRCMF Inaguration Ceremony 21 Nov 2013
2 Talking about… Principles authenticating users trusting devices Chinese counterfeit chips causing military hardware crashes […] Component failure reports from defense contractors worldwide, including Boeing, Raytheon, BAE, Northrop Grumman, and Lockheed […] and investigations have turned up a significant number of counterfeit parts, sometimes installed in mission- critical systems. People Things
3 Side-channel leakage Even if the software and hardware function correctly… electromagneticacoustic probing microarchitecture optical power
4 Talking about… policies and algorithms authenticating users trusting devices People Things Principles
5 The challenge Create general techniques to ensure integrity and confidentiality in computation done by components and parties that are untrustworthy, faulty, leaky & malicious. The approach: modern cryptography
6 Integrity of computation: SNARKs (Succint Noninteractive Arguments of Knowledge) v=DB[x]; w=func(v,y); return z; x z proof Current prototype: The correct execution of arbitrary C programs can be verified in 5 milliseconds using 230-byte proofs. Current prototype: The correct execution of arbitrary C programs can be verified in 5 milliseconds using 230-byte proofs. Verify DB,y
7 Integrity via Proof-Carrying Data m1m1 m2m2 m5m5 m6m6 Diverse network, containing untrustworthy parties and unreliable components. Impractical to verify internals of each node, so give up. Enforce only correctness of the messages and ultimate results. m3m3 m4m4 m7m7 m out
8 Integrity via Proof-Carrying Data (cont.) m11m11 m22m22 m44m44 m55m55 m66m66 m77m77 m out out m33m33 Every message is augmented with a proof attesting to its compliance” with a prescribed policy. Compliance can express any property that can be verified by locally checking every node. Proofs can be verified efficiently and retroactively.
9 Proof-Carrying Data Integrity for distributed computation Implementation underway. Seeking practical impact.