Fortified Universal Composability: Taking Advantage of Simple Secure Hardware Modules

Adaptive security is the established way to capture adversaries breaking into computers during secure computations. However, adaptive security does not prevent remote hacks where adversaries learn and modify a party’s secret inputs and outputs. We initiate the study of security notions which go beyond adaptive security. To achieve such a strong security notion, we utilize realistic simple remotely unhackable hardware modules such as air-gap switches and data diodes together with isolation assumptions. Such hardware modules have, to the best of our knowledge, not been used for secure multi-party computation so far. As a result, we are able to construct protocols with very strong composable security guarantees against remote hacks, which are not provided by mere adaptive security. We call our new notion Fortified UC security. Using only very few and very simple remotely unhackable hardware modules, we construct protocols where mounting remote attacks does not enable an adversary to learn or modify a party’s inputs and outputs unless he hacks a party via the input port before it has received its (first) input (or gains control over all parties). Hence, our protocols protect inputs and outputs against all remote attacks, except for hacks via the input port while a party is waiting for input. To achieve this level of security, the parties’ inputs and outputs are authenticated, masked and shared in our protocols in such a way that an adversary is unable to learn or modify them when gaining control over a party via a remote hack. It is important to note that the remotely unhackable hardware modules applied in this work are based on substantially weaker assumptions than the hardware tokens proposed by Katz at EUROCRYPT ‘07. In particular, they are not assumed to be physically tamper-proof, can thus not be passed to other (possibly malicious) parties, and are therefore not sufficient to circumvent the impossibility results in the Universal Composability (UC) framework. Our protocols therefore rely on wellestablished UC-complete setup assumptions in tandem with our remotely unhackable hardware modules to achieve composability.

[1]  Rafail Ostrovsky,et al.  How to withstand mobile virus attacks (extended abstract) , 1991, PODC '91.

[2]  Ran Canetti,et al.  Universally Composable Commitments , 2001, CRYPTO.

[3]  Ran Canetti,et al.  Equivocating Yao: constant-round adaptively secure multiparty computation in the plain model , 2017, STOC.

[4]  Moni Naor,et al.  Adaptively secure multi-party computation , 1996, STOC '96.

[5]  Hamed Nemati,et al.  Secure System Virtualization: End-to-End Verification of Memory Isolation , 2020, ArXiv.

[6]  Yehuda Lindell,et al.  Universally composable two-party and multi-party secure computation , 2002, STOC '02.

[7]  Yuval Ishai,et al.  Founding Cryptography on Tamper-Proof Hardware Tokens , 2010, IACR Cryptol. ePrint Arch..

[8]  Nico Döttling,et al.  Concurrently Composable Security with Shielded Super-Polynomial Simulators , 2017, EUROCRYPT.

[9]  Nico Döttling,et al.  Implementing Resettable UC-Functionalities with Untrusted Tamper-Proof Hardware-Tokens , 2013, TCC.

[10]  Yehuda Lindell,et al.  On the Limitations of Universally Composable Two-Party Computation Without Set-Up Assumptions , 2003, Journal of Cryptology.

[11]  Erkang Zheng,et al.  Building a virtually air-gapped secure environment in AWS: with principles of devops security program and secure software delivery , 2018, HoTSoS '18.

[12]  Yehuda Lindell,et al.  Adaptively Secure Computation with Partial Erasures , 2015, IACR Cryptol. ePrint Arch..

[13]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[14]  Carmit Hazay,et al.  Constant Round Adaptively Secure Protocols in the Tamper-Proof Hardware Model , 2017, Public Key Cryptography.

[15]  Yuval Ishai,et al.  Founding Cryptography on Oblivious Transfer - Efficiently , 2008, CRYPTO.

[16]  Rafail Ostrovsky,et al.  Cryptography with One-Way Communication , 2014, CRYPTO.

[17]  Jörn Müller-Quade,et al.  Universally Composable Firewall Architectures Using Trusted Hardware , 2014, BalkanCryptSec.

[18]  Jonathan Katz,et al.  Universally Composable Multi-party Computation Using Tamper-Proof Hardware , 2007, EUROCRYPT.

[19]  Rafail Ostrovsky,et al.  How to withstand mobile virus attacks, revisited , 2014, PODC '14.