1

Beyond AuthenticationDon’t Trust, Just Verify

Eran Tromer

BRCMF Inaguration Ceremony 21 Nov 2013

2

Talking about…

• Principles

authenticating users

trusting devices

Chinese counterfeit chips causing

military hardware crashes

[…]

Component failure reports from

defense contractors worldwide,

including Boeing, Raytheon, BAE,

Northrop Grumman, and Lockheed

[…] and investigations have turned up

a significant number of counterfeit

parts, sometimes installed in mission-

critical systems.

• People

• Things

3

Side-channel leakageEven if the software and hardware function correctly…

electromagnetic acoustic

probing

microarchitecture

optical

power

4

Talking about…

policies and algorithms

authenticating users

trusting devices

• People

• Things

• Principles

5

The challenge

Create general techniques toensure integrity and confidentiality

in computation done bycomponents and parties that are

untrustworthy,faulty, leaky

&malicious.

The approach: modern cryptography

6

Integrity of computation: SNARKs(Succint Noninteractive Arguments of Knowledge)

v=DB[x];w=func(v,y);return z;x

zproof

Current prototype:The correct execution of arbitrary C programs can be

verified in 5 milliseconds using 230-byte proofs.

Verify

DB,y

7

Integrity via Proof-Carrying Data

m1

m2

m5

m6

• Diverse network, containing untrustworthy parties and unreliable components.

• Impractical to verify internals of each node, so give up.• Enforce only correctness of the messages and ultimate

results.

m3

m 4

m 7

mout

8

Integrity via Proof-Carrying Data (cont.)

m1

1

m2

2

m 4

4

m5

5

m6

6

m 7

7

mout

out

m3

3

• Every message is augmented with a proof attesting to its compliance” with a prescribed policy.

• Compliance can express any property that can be verified by locally checking every node.

• Proofs can be verified efficiently and retroactively.

9

Proof-Carrying DataIntegrity for distributed computation

Implementation underway.

Seeking practical impact.