Using Secure Coprocessors

Abstract : How do we build distributed systems that are secure? Cryptographic techniques can be used to secure the communications between physically separated systems, but this is not enough: we must be able to guarantee the privacy of the cryptographic keys and the integrity of the cryptographic functions, in addition to the integrity of the security kernel and access control databases we have on the machines. Physical security is a central assumption upon which secure distributed systems are built; without this foundation even the best cryptosystem or the most secure kernel will crumble. In this thesis, I address the distributed security problem by proposing the addition of a small, physically secure hardware module, a secure coprocessor, to standard workstations and PCs. My central axiom is that secure coprocessors are able to maintain the privacy of the data they process. This thesis attacks the distributed security problem from multiple sides. First, I analyze the security properties of existing system components, both at the hardware and software level. Second, I demonstrate how physical security requirements may be isolated to the secure coprocessor, and showed how security properties may be bootstrapped using cryptographic techniques from this central nucleus of security within a combined hardware/software architecture.

[1]  B. Chor Two Issues in Public Key Cryptography: RSA Bit Security and a New Knapsack Type System , 1986 .

[2]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[3]  Ivan Damgård,et al.  On the Existence of Bit Commitment Schemes and Zero-Knowledge Proofs , 1989, CRYPTO.

[4]  C. J. Date An Introduction to Database Systems, Volume II , 1980 .

[5]  Gustavus J. Simmons,et al.  The Smart Card: A Standardized Security Device Dedicated to Public Cryptology , 1992 .

[6]  Maurice Herlihy,et al.  How to Make Replicated Data Secure , 1987, CRYPTO.

[7]  M. Herlihy A quorum-consensus replication method for abstract data types , 1986, TOCS.

[8]  Maurice Herlihy,et al.  General quorum consensus : a replication method for abstract data types , 1984 .

[9]  Oded Goldreich,et al.  Towards a theory of software protection and simulation by oblivious RAMs , 1987, STOC.

[10]  Richard M. Stallman,et al.  Gnu Emacs Manual , 1996 .

[11]  Amos Fiat,et al.  Zero-knowledge proofs of identity , 1987, Journal of Cryptology.

[12]  Helen Custer,et al.  Inside Windows NT , 1992 .

[13]  David Chaum,et al.  Minimum Disclosure Proofs of Knowledge , 1988, J. Comput. Syst. Sci..

[14]  David L. Black,et al.  The duality of memory and communication in the implementation of a multiprocessor operating system , 1987, SOSP '87.

[15]  David Chaum,et al.  Security without identification: transaction systems to make big brother obsolete , 1985, CACM.

[16]  Tal Rabin,et al.  Verifiable secret sharing and multiparty protocols with honest majority , 1989, STOC '89.

[17]  Rafail Ostrovsky,et al.  Efficient computation on oblivious RAMs , 1990, STOC '90.

[18]  Jerome Swartz,et al.  Fundamentals of bar code information theory , 1990, Computer.

[19]  William J. Bolosky,et al.  Mach: A New Kernel Foundation for UNIX Development , 1986, USENIX Summer.

[20]  Stefan A. Brands,et al.  An Efficient Off-line Electronic Cash System Based On The Representation Problem. , 1993 .

[21]  Gilles Brassard,et al.  Modern Cryptology: A Tutorial , 1989 .

[22]  Sean W. Smith,et al.  Security and Privacy for Partial Order Time , 1994 .

[23]  Jeffrey I. Schiller,et al.  An Authentication Service for Open Network Systems. In , 1998 .

[24]  Eugene H. Spafford,et al.  The design and implementation of tripwire: a file system integrity checker , 1994, CCS '94.

[25]  Stephen T. Kent Protecting externally supplied software in small computers , 1980 .

[26]  Richard M. Karp,et al.  Efficient Randomized Pattern-Matching Algorithms , 1987, IBM J. Res. Dev..

[27]  Sanjoy Paul,et al.  Anonymous credit cards , 1994, CCS '94.

[28]  M. Rabin DIGITALIZED SIGNATURES AND PUBLIC-KEY FUNCTIONS AS INTRACTABLE AS FACTORIZATION , 1979 .

[29]  Alessandro Forin,et al.  UNIX as an Application Program , 1990, USENIX Summer.

[30]  Samuel J. Leffler,et al.  The design and implementation of the 4.3 BSD Unix operating system , 1991, Addison-Wesley series in computer science.

[31]  Fred B. Schneider,et al.  Byzantine generals in action: implementing fail-stop processors , 1984, TOCS.

[32]  Silvio Micali,et al.  Probabilistic encryption & how to play mental poker keeping secret all partial information , 1982, STOC '82.

[33]  E. Berlekamp Factoring polynomials over large finite fields* , 1970, SYMSAC '71.

[34]  Peter J. Denning,et al.  Computers under attack: intruders, worms, and viruses , 1991 .

[35]  Adi Shamir,et al.  The discrete log is very discreet , 1990, STOC '90.

[36]  E. T. An Introduction to the Theory of Numbers , 1946, Nature.

[37]  Louis Guillou,et al.  The smart card: A standardized security device dedicated to public cryptology , 1992 .

[38]  Michael O. Rabin,et al.  Probabilistic Algorithms in Finite Fields , 1980, SIAM J. Comput..

[39]  Amos Fiat,et al.  Zero Knowledge Proofs of Identity , 1987, STOC.

[40]  C. Stoll The Cuckoo's Egg : Tracking a Spy Through the Maze of Computer Espionage , 1990 .

[41]  William A. Wulf,et al.  HYDRA , 1974, Commun. ACM.

[42]  J. D. Tygar,et al.  An Integrated Toolkit for Operating System Security , 1986 .

[43]  조위덕 Cryptography , 1987, The Official (ISC)2 SSCP CBK Reference.

[44]  Dan Hildebrand,et al.  An Architectural Overview of QNX , 1992, USENIX Workshop on Microkernels and Other Kernel Architectures.

[45]  Andrea J. Borr Transaction Monitoring in ENCOMPASS: Reliable Distributed Transaction Processing , 1981, VLDB.

[46]  Steve H. Weingart Physical Security for the μABYSS System , 1987, 1987 IEEE Symposium on Security and Privacy.

[47]  K. Thompson Reflections on trusting trust , 1984, CACM.

[48]  Randy H. Katz,et al.  A case for redundant arrays of inexpensive disks (RAID) , 1988, SIGMOD '88.

[49]  Michael O. Rabin,et al.  Transaction Protection by Beacons , 1983, J. Comput. Syst. Sci..

[50]  E. Wright,et al.  An Introduction to the Theory of Numbers , 1939 .

[51]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[52]  Jerome Swartz,et al.  Information encoding with two-dimensional bar codes , 1992, Computer.

[53]  Michael J. Kelly,et al.  Common Cryptographic Architecture Cryptographic Application Programming Interface , 1991, IBM Syst. J..

[54]  George Eckel Inside Windows NT , 1993 .

[55]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[56]  L. Devroye Non-Uniform Random Variate Generation , 1986 .

[57]  Butler W. Lampson,et al.  Atomic Transactions , 1980, Advanced Course: Distributed Systems.

[58]  Edward Balkovich,et al.  Computing in Higher Education: The Athena Experience , 1985, Computer.

[59]  Jim Gray,et al.  A Transaction Model , 1980, ICALP.

[60]  Donald Ervin Knuth,et al.  The Art of Computer Programming , 1968 .

[61]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[62]  Sean W. Smith,et al.  Asynchronous Optimistic Rollback Recovery Using Secure Distributed Time , 1994 .

[63]  Steven M. Bellovin,et al.  Limitations of the Kerberos authentication system , 1990, CCRV.

[64]  Steve R. White,et al.  ABYSS: ATrusted Architecture for Software Protection , 1987, 1987 IEEE Symposium on Security and Privacy.

[65]  Roger M. Needham,et al.  Using encryption for authentication in large networks of computers , 1978, CACM.

[66]  Benjamin L. b. D'Ooge,et al.  Cæsar's Gallic war , 2022 .

[67]  Gary L. Miller,et al.  On taking roots in finite fields , 1977, 18th Annual Symposium on Foundations of Computer Science (sfcs 1977).

[68]  Lily B. Mummert,et al.  Camelot and Avalon: A Distributed Transaction Facility , 1991 .

[69]  Martín Abadi,et al.  Authentication and Delegation with Smart-cards , 1991, TACS.

[70]  M. Rabin Probabilistic algorithm for testing primality , 1980 .

[71]  Dan Walsh,et al.  Design and implementation of the Sun network filesystem , 1985, USENIX Conference Proceedings.

[72]  Robert D. Silverman The multiple polynomial quadratic sieve , 1987 .

[73]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[74]  Jim Gray,et al.  The Transaction Concept: Virtues and Limitations (Invited Paper) , 1981, VLDB.