A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components

The semiconductor industry is fully globalized and integrated circuits (ICs) are commonly defined, designed and fabricated in different premises across the world. This reduces production costs, but also exposes ICs to supply chain attacks, where insiders introduce malicious circuitry into the final products. Additionally, despite extensive post-fabrication testing, it is not uncommon for ICs with subtle fabrication errors to make it into production systems. While many systems may be able to tolerate a few byzantine components, this is not the case for cryptographic hardware, storing and computing on confidential data. For this reason, many error and backdoor detection techniques have been proposed over the years. So far all attempts have been either quickly circumvented, or come with unrealistically high manufacturing costs and complexity. This paper proposes Myst, a practical high-assurance architecture, that uses commercial off-the-shelf (COTS) hardware, and provides strong security guarantees, even in the presence of multiple malicious or faulty components. The key idea is to combine protective-redundancy with modern threshold cryptographic techniques to build a system tolerant to hardware trojans and errors. To evaluate our design, we build a Hardware Security Module that provides the highest level of assurance possible with COTS components. Specifically, we employ more than a hundred COTS secure crypto-coprocessors, verified to FIPS140-2 Level 4 tamper-resistance standards, and use them to realize high-confidentiality random number generation, key derivation, public key decryption and signing. Our experiments show a reasonable computational overhead (less than 1% for both Decryption and Signing) and an exponential increase in backdoor-tolerance as more ICs are added

Privacy in the Genomic Era

Genome sequencing technology has advanced at a rapid pace and it is now possible to generate highly-detailed genotypes inexpensively. The collection and analysis of such data has the potential to support various applications, including personalized medical services. While the benefits of the genomics revolution are trumpeted by the biomedical community, the increased availability of such data has major implications for personal privacy; notably because the genome has certain essential features, which include (but are not limited to) (i) an association with traits and certain diseases, (ii) identification capability (e.g., forensics), and (iii) revelation of family relationships. Moreover, direct-to-consumer DNA testing increases the likelihood that genome data will be made available in less regulated environments, such as the Internet and for-profit companies. The problem of genome data privacy thus resides at the crossroads of computer science, medicine, and public policy. While the computer scientists have addressed data privacy for various data types, there has been less attention dedicated to genomic data. Thus, the goal of this paper is to provide a systematization of knowledge for the computer science community. In doing so, we address some of the (sometimes erroneous) beliefs of this field and we report on a survey we conducted about genome data privacy with biomedical specialists. Then, after characterizing the genome privacy problem, we review the state-of-the-art regarding privacy attacks on genomic data and strategies for mitigating such attacks, as well as contextualizing these attacks from the perspective of medicine and public policy. This paper concludes with an enumeration of the challenges for genome data privacy and presents a framework to systematize the analysis of threats and the design of countermeasures as the field moves forward

Randomized encoding of combinational and sequential logic for resistance to hardware Trojans

Globalization of micro-chip fabrication has opened a new avenue of cyber-crime. It is now possible to insert hardware Trojans directly into a chip during the manufacturing process. These hardware Trojans are capable of destroying a chip, reducing performance or even capturing sensitive data. To date, defensive methods have focused on detection of the Trojan circuitry or prevention through design for security methods. This dissertation presents a shift away from prevention and detection to a design methodology wherein one no longer cares if a Trojan is present or not. The Randomized Encoding of Combinational Logic for Resistance to Data Leakage or RECORD process is presented in the first of three papers. This chip design process utilizes dual rail encoding and Quilt Packaging to create a secure combinational design that can resist data leakage even when the full design is known to an attacker. This is done with only a 2.28x-2.33 x area increase and 1.7x-2.24x increase in power. The second paper describes a new method, Sequential RECORD, which introduces additional randomness and moves to 3D split manufacturing to isolate the secure areas of the design. Sequential RECORD is shown to work with 3.75x area overhead and 4.5x power increase with a 3% reduction in slack. Finally, the RECORD concept is refined into a Time Division Multiplexed (TDM) version in the third paper, which reduces area and power overhead by 63% and 56% respectively. A method to safely utilize commercial chips based on the TDM RECORD concept is also demonstrated. This method allows the commercial chip to be operated safely without modification at the cost of latency, which increases by 3.9x --Abstract, page iv