Generalized external interaction with tamper-resistant hardware with bounded information leakage

Authors:
Xiangyao Yu;Christopher W. Fletcher;Ling Ren;Marten van Dijk;Srinivas Devadas
Affiliations:
MIT, Cambridge, Massachusetts, USA;MIT, Cambridge, Massachusetts, USA;MIT, Cambridge, Massachusetts, USA;University of Connecticut, Storrs, Connecticut, USA;MIT, Cambridge, Massachusetts, USA
Venue:
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
Year:
2013

Citing 25
Cited 0

Towards a theory of software protection and simulation by oblivious RAMs

STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
Efficient computation on oblivious RAMs

STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
Software protection and simulation on oblivious RAMs

Journal of the ACM (JACM)
Architectural support for copy and tamper resistant software

ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
AEGIS: architecture for tamper-evident and tamper-resistant processing

ICS '03 Proceedings of the 17th annual international conference on Supercomputing
Private information retrieval

FOCS '95 Proceedings of the 36th Annual Symposium on Foundations of Computer Science
Replication is not needed: single database, computationally-private information retrieval

FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Specifying and Verifying Hardware for Tamper-Resistant Software

SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
A secure and reliable bootstrap architecture

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Implementing an untrusted operating system on trusted hardware

SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Video Google: A Text Retrieval Approach to Object Matching in Videos

ICCV '03 Proceedings of the Ninth IEEE International Conference on Computer Vision - Volume 2
Distinctive Image Features from Scale-Invariant Keypoints

International Journal of Computer Vision
Learning Generative Visual Models from Few Training Examples: An Incremental Bayesian Approach Tested on 101 Object Categories

CVPRW '04 Proceedings of the 2004 Conference on Computer Vision and Pattern Recognition Workshop (CVPRW'04) Volume 12 - Volume 12
Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions

Proceedings of the 32nd annual international symposium on Computer Architecture
New Constructions and Practical Applications for Private Stream Searching (Extended Abstract)

SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Virtual monotonic counters and count-limited objects using a TPM without a trusted OS

Proceedings of the first ACM workshop on Scalable trusted computing
TrustedDB: a trusted hardware based database with privacy and data confidentiality

Proceedings of the 2011 ACM SIGMOD International Conference on Management of data
Keyword search and oblivious pseudorandom functions

TCC'05 Proceedings of the Second international conference on Theory of Cryptography
Private searching on streaming data

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Private information retrieval using trusted hardware

ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
Oblivious RAM with o((logn)3) worst-case cost

ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
A secure processor architecture for encrypted computation on untrusted programs

Proceedings of the seventh ACM workshop on Scalable trusted computing
Design space exploration and optimization of path oblivious RAM in secure processors

Proceedings of the 40th Annual International Symposium on Computer Architecture
ObliviStore: High Performance Oblivious Cloud Storage

SP '13 Proceedings of the 2013 IEEE Symposium on Security and Privacy
Path ORAM: an extremely simple oblivious RAM protocol

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper investigates secure ways to interact with tamper-resistant hardware leaking a strictly bounded amount of information. Architectural support for the interaction mechanisms is studied and performance implications are evaluated. The interaction mechanisms are built on top of a recently-proposed secure processor Ascend[ascend-stc12]. Ascend is chosen because unlike other tamper-resistant hardware systems, Ascend completely obfuscates pin traffic through the use of Oblivious RAM (ORAM) and periodic ORAM accesses. However, the original Ascend proposal, with the exception of main memory, can only communicate with the outside world at the beginning or end of program execution; no intermediate information transfer is allowed. Our system, Stream-Ascend, is an extension of Ascend that enables intermediate interaction with the outside world. Stream-Ascend significantly improves the generality and efficiency of Ascend in supporting many applications that fit into a streaming model, while maintaining the same security level.Simulation results show that with smart scheduling algorithms, the performance overhead of Stream-Ascend relative to an insecure and idealized baseline processor is only 24.5%, 0.7%, and 3.9% for a set of streaming benchmarks in a large dataset processing application. Stream-Ascend is able to achieve a very high security level with small overheads for a large class of applications.