Beyond Authentication Don’t Trust, Just Verify
description
Transcript of Beyond Authentication Don’t Trust, Just Verify
![Page 1: Beyond Authentication Don’t Trust, Just Verify](https://reader036.fdocuments.net/reader036/viewer/2022062410/568164c6550346895dd6dce4/html5/thumbnails/1.jpg)
1
Beyond AuthenticationDon’t Trust, Just Verify
Eran Tromer
BRCMF Inaguration Ceremony 21 Nov 2013
![Page 2: Beyond Authentication Don’t Trust, Just Verify](https://reader036.fdocuments.net/reader036/viewer/2022062410/568164c6550346895dd6dce4/html5/thumbnails/2.jpg)
2
Talking about…
• Principles
authenticating users
trusting devices
Chinese counterfeit chips causing
military hardware crashes
[…]
Component failure reports from
defense contractors worldwide,
including Boeing, Raytheon, BAE,
Northrop Grumman, and Lockheed
[…] and investigations have turned up
a significant number of counterfeit
parts, sometimes installed in mission-
critical systems.
• People
• Things
![Page 3: Beyond Authentication Don’t Trust, Just Verify](https://reader036.fdocuments.net/reader036/viewer/2022062410/568164c6550346895dd6dce4/html5/thumbnails/3.jpg)
3
Side-channel leakageEven if the software and hardware function correctly…
electromagnetic acoustic
probing
microarchitecture
optical
power
![Page 4: Beyond Authentication Don’t Trust, Just Verify](https://reader036.fdocuments.net/reader036/viewer/2022062410/568164c6550346895dd6dce4/html5/thumbnails/4.jpg)
4
Talking about…
policies and algorithms
authenticating users
trusting devices
• People
• Things
• Principles
![Page 5: Beyond Authentication Don’t Trust, Just Verify](https://reader036.fdocuments.net/reader036/viewer/2022062410/568164c6550346895dd6dce4/html5/thumbnails/5.jpg)
5
The challenge
Create general techniques toensure integrity and confidentiality
in computation done bycomponents and parties that are
untrustworthy,faulty, leaky
&malicious.
The approach: modern cryptography
![Page 6: Beyond Authentication Don’t Trust, Just Verify](https://reader036.fdocuments.net/reader036/viewer/2022062410/568164c6550346895dd6dce4/html5/thumbnails/6.jpg)
6
Integrity of computation: SNARKs(Succint Noninteractive Arguments of Knowledge)
v=DB[x];w=func(v,y);return z;x
zproof
Current prototype:The correct execution of arbitrary C programs can be
verified in 5 milliseconds using 230-byte proofs.
Verify
DB,y
![Page 7: Beyond Authentication Don’t Trust, Just Verify](https://reader036.fdocuments.net/reader036/viewer/2022062410/568164c6550346895dd6dce4/html5/thumbnails/7.jpg)
7
Integrity via Proof-Carrying Data
m1
m2
m5
m6
• Diverse network, containing untrustworthy parties and unreliable components.
• Impractical to verify internals of each node, so give up.• Enforce only correctness of the messages and ultimate
results.
m3
m 4
m 7
mout
![Page 8: Beyond Authentication Don’t Trust, Just Verify](https://reader036.fdocuments.net/reader036/viewer/2022062410/568164c6550346895dd6dce4/html5/thumbnails/8.jpg)
8
Integrity via Proof-Carrying Data (cont.)
m1
1
m2
2
m 4
4
m5
5
m6
6
m 7
7
mout
out
m3
3
• Every message is augmented with a proof attesting to its compliance” with a prescribed policy.
• Compliance can express any property that can be verified by locally checking every node.
• Proofs can be verified efficiently and retroactively.
![Page 9: Beyond Authentication Don’t Trust, Just Verify](https://reader036.fdocuments.net/reader036/viewer/2022062410/568164c6550346895dd6dce4/html5/thumbnails/9.jpg)
9
Proof-Carrying DataIntegrity for distributed computation
Implementation underway.
Seeking practical impact.