CSDL Home IEEE Transactions on Dependable and Secure Computing 2008 vol.5 Issue No.01 - January-March

Subscribe

Issue No.01 - January-March (2008 vol.5)

pp: 49-61

ABSTRACT

Trustworthy computing modules, most often in the form of secure co-processors (ScP) are already in extensive use today, albeit limited predominantly to scenarios where constraints on resources like computation complexity, bandwidth, or even cost, is not a serious limiting factor. However, trustworthy computing solutions for many evolving application scenarios where resources may be constrained, and the fact that the sheer scale of such devices may also place constraints on cost, have not received adequate consideration. We introduce a simple security policy, decrypt only when necessary (DOWN), which can substantially improve the ability of low cost ScPs to protect their secrets. The implementation of the DOWN policy is however intricately tied to the nature of computations involving secrets. More specifically, the DOWN policy relies on the ability to operate with fractional parts of secrets. Taking full advantage of the DOWN policy requires consideration of the cryptographic primitives used and even the mechanism employed for distribution of secrets. We discuss the feasibility of extending the DOWN policy to various asymmetric and symmetric cryptographic primitives. Limiting the complexity of operations performed by the ScP to very levels, say by restricting ScPs to perform only symmetric cryptographic primitives, can render them inexpensive and trustworthy. We propose some novel and simple ID-based key predistribution schemes which demand very low complexity of operations to be performed by the ScP, and can take good advantage of the DOWN policy.

INDEX TERMS

Security, integrity, and protection, Security, Mobile Computing

CITATION

Mahalingam Ramkumar, "Trustworthy Computing under Resource Constraints with the DOWN Policy",

*IEEE Transactions on Dependable and Secure Computing*, vol.5, no. 1, pp. 49-61, January-March 2008, doi:10.1109/TDSC.2007.70227REFERENCES

- [1] M. Kwiatkowska and V. Sassone, “Science for Global Ubiquitous Computing,”
Grand Challenges in Computing (Research), T. Hoare and R. Milner, eds., 2004.- [2] S.W. Smith,
Trusted Computing Platforms: Design and Applications. Springer, 2005.- [3] R. Anderson, M. Bond, J. Clulow, and S. Skorobogatov, “Cryptographic Processors—A Survey,” Computer Laboratory Technical Report UCAM-CL-TR-641, Univ. of Cambridge, Aug. 2005.
- [4] R. Anderson and M. Kahn, “Tamper Resistance—A Cautionary Note,”
Proc. Second Usenix Workshop Electronic Commerce, pp. 1-11, 1996.- [6] R. Needham and M. Schroeder, “Using Encryption for Authentication in Large Networks of Computers,”
Comm. ACM, vol. 21, no. 12, Dec. 1978.- [7] D. Lie, C.A. Thekkath, and M. Horowitz, “Implementing an Untrusted Operating System on Trusted Hardware,”
Proc. 19th ACM Symp. Operating Systems Principles, pp. 178-192, Oct. 2003.- [8] P.C. van Oorschot, A. Somayaji, and G. Wurster, “Hardware-Assisted Circumvention of Self-Hashing Software Tamper Resistance,”
IEEE Trans. Dependable and Secure Computing, Apr. 2005.- [9] R. Gennaro, A. Lysyanskaya, T. Malkin, S. Micali, and T. Rabin, “Tamper Proof Security: Theoretical Foundations for Security Against Hardware Tampering,”
Proc. Theory of Cryptography Conf., Feb. 2004.- [10] S. Weingart, “Physical Security for the mABYSS System,”
IEEE Security and Privacy, pp. 38-51, 1987.- [11] S. White, S. Weingart, W. Arnold, and E. Palmer, “Introduction to the Citadel Architecture: Security in Physically Exposed Environments,” Technical Report RC16672, IBM Thomas J. Watson Research Center, Mar. 1991.
- [12] J.D. Tygar and B. Yee, “Dyad: A System for Using Physically Secure Coprocessors,”
Technological Strategies for the Protection of Intellectual Property in the Networked Multimedia Environment, pp.121-152, 1994.- [13] B. Chen and R. Morris, “Certifying Program Execution with Secure Processors,”
Proc. Ninth Workshop Hot Topics in Operating Systems, May 2003.- [14] E. Biham and A. Shamir, “Differential Fault Analysis of Secret Key Cryptosystems,”
Lecture Notes in Computer Science, vol. 1294, 1997.- [15] M.G. Karpovsky, K. Kulikowski, and A. Taubin, “Robust Protection against Fault-Injection Attacks of Smart Cards Implementing the Advanced Encryption Standard,”
Proc. Int'l Conf. Dependable Systems and Networks, July 2004.- [16] P. Kocher, “Differential Power Analysis,”
Advances in Cryptology —Proc. Ann. Int'l Cryptology Conf., pp. 388-397, 1999.- [17] C. Aumeller, P. Bier, W. Fischer, P. Hofreiter, and J.P. Seifert, “Fault Attacks on RSA with CRT: Concrete Results and Practical Countermeasures,” Cryptology ePrint Archive, http://eprint.iacr.org/2002073.pdf, 2002.
- [18] S. Moore, R. Anderson, P. Cunningham, R. Mullins, and G. Taylor, “Improving Smart Card Security Using Self-timed Circuits,”
Proc. Eighth Int'l Symp. Advanced Research in Asynchronous Circuits and Systems, 2002.- [19] O. Kommerling and M. Kuhn, “Design Principles for Tamper-Resistant Smart-Card Processors,”
Proc. Usenix Workshop Smartcard Technology, pp. 9-20, 1999.- [20] Y. Ishai, A. Sahai, and D. Wagner, “Private Circuits: Securing Hardware Against Probing Attacks,”
Advances in Cryptology— Proc. Ann. Int'l Cryptology Conf., Aug. 2003.- [21] J.P. McGregor and R.B. Lee, “Protecting Cryptographic Keys and Computations via Virtual Secure Coprocessing,”
ACM SIGARCH Computer Architecture News Archive, vol. 33, no. 1, Mar. 2005.- [22] P. Gutman, “Secure Deletion of Data from Magnetic and Solid-State Memory,”
Proc. Sixth Usenix Security Symp., July 1996.- [23] R. Anderson and M. Kuhn, “Low Cost Attacks on Tamper Resistant Devices,”
Proc. Int'l Workshop Security Protocols, Apr. 1997.- [24] D.R. Stinson,
Cryptography, Theory and Practice, second ed. Chapman and Hall CRC, 2002.- [25] C. Couvreur and J.-J. Quisquater, “Fast Decipherment Algorithm for RSA Public-Key Cryptosystem,”
Electronics Letters, vol. 18, no. 21, pp. 905-907, 1982.- [26] D. Clarke, J.-E. Elien, M. Fredette, A. Marcos, and R.L. Rivest, “Certificate Chain Discovery in SPKI/SDSI,”
J. Computer Security, vol. 9, no. 4, pp. 285-322, 2001.- [27] A. Shamir, “Identity-Based Cryptosystems and Signature Schemes,”
Advances in Cryptology—Proc. Ann. Int'l Cryptology Conf., vol. 196, pp. 47-53, 1984.- [28] D. Boneh and M. Franklin, “Identity-Based Encryption from the Weil Pairing,”
Advances in Cryptology—Proc. Ann. Int'l Cryptology Conf., pp. 213-229, 2001.- [29] R. Dutta, R. Barua, and P. Sarkar, “Pairing-Based Cryptography: A Survey,” Report 2004/064, Cryptology ePrint Archive, 2004.
- [30] T. Leighton and S. Micali, “Secret-Key Agreement without Public-Key Cryptography,”
Advances in Cryptology—Proc. Ann. Int'l Cryptology Conf., pp. 456-479, 1994.- [31] R. Blom, “An Optimal Class of Symmetric Key Generation Systems,”
Proc. Ann. Int'l Conf. Theory and Applications of Cryptographic Techniques, Advances in Cryptology, pp. 335-338, 1984.- [32] T. Matsumoto and H. Imai, “On the Key Predistribution System: A Practical Solution to the Key Distribution Problem,”
Proc. Ann. Int'l Cryptology Conf., Advances in Cryptology, pp. 185-193, 1987.- [33] R. Di Pietro, L.V. Mancini, and A. Mei, “Random Key Assignment for Secure Wireless Sensor Networks,”
Proc. ACM Workshop Security of Ad Hoc and Sensor Networks, Oct. 2003.- [34] M. Ramkumar, N. Memon, and R. Simha, “Pre-Loaded Key Based Multicast and Broadcast Authentication in Mobile Ad-Hoc Networks,”
Proc. Global Telecomm. Conf., 2003.- [35] M. Ramkumar and N. Memon, “An Efficient Random Key Pre-distribution Scheme for MANET Security,”
IEEE J. Selected Areas of Comm., Mar. 2005.- [36] R. Canetti, J. Garay, G. Itkis, D. Micciancio, M. Naor, and B. Pinkas, “Multicast Security: A Taxonomy and Some Efficient Constructions,”
Proc. INFOCOMM '99, 1999. |