Extending Tamper-Proof Hardware Security to Untrusted Execution Environments

This paper addresses mobile code protection with respect to potential integrity and confidentiality violations originating from the untrusted runtime environment where the code execution takes place. Both security properties are defined in a framework where code is modeled using Boolean circuits. Two protection schemes are presented. The first scheme addresses the protection of a function that is evaluated by an untrusted environment and yields an encrypted result only meaningful for the party providing the function. The second scheme addresses the protection of a piece of software executed by an untrusted environment. It enforces the secure execution of a series of functions while allowing interactions with the untrusted party. The latter technique relies on trusted tamper-proof hardware with limited capability. Executing a small part of the computations in the tamper-proof hardware extends its intrinsic security to the overall environment.

[1]  Matt Blaze,et al.  High-Bandwidth Encryption with Low-Bandwidth Smartcards , 1996, FSE.

[2]  Christian F. Tschudin,et al.  Towards mobile cryptography , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[3]  Silvio Micali,et al.  Probabilistic Encryption , 1984, J. Comput. Syst. Sci..

[4]  Robert J. McEliece,et al.  The Theory of Information and Coding , 1979 .

[5]  Manuel Blum,et al.  Software reliability via run-time result-checking , 1997, JACM.

[6]  Luis F. G. Sarmenta,et al.  Volunteer Computing , 1996 .

[7]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[8]  Sanjeev Arora,et al.  Probabilistic checking of proofs; a new characterization of NP , 1992, Proceedings., 33rd Annual Symposium on Foundations of Computer Science.

[9]  Bernd Meyer,et al.  Ensuring the Integrity of Agent-Based Computations by Short Proofs , 1998, Mobile Agents.

[10]  Sergio Loureiro,et al.  Privacy for mobile code , 1999 .

[11]  Joan Feigenbaum,et al.  A formal treatment of remotely keyed encryption , 1998, SODA '99.

[12]  Ingo Wegener,et al.  The complexity of Boolean functions , 1987 .

[13]  Anne Canteaut,et al.  Attaques de cryptosystemes a mots de poids faible et construction de fonctions t-resilientes , 1996 .

[14]  Thomas A. Berson,et al.  Failure of the McEliece Public-Key Cryptosystem Under Message-Resend and Related-Message Attack , 1997, CRYPTO.

[15]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[16]  Andrei Mikhailovich Zubkov,et al.  Рецензия на книгу Goldreich Oded. “Modern Cryptography, Probabilistic Proofs and Pseudorandomness”@@@Book review: Goldreich Oded. “Modern Cryptography, Probabilistic Proofs and Pseudorandomness.” , 1999 .

[17]  Sergio Loureiro Mobile code protection with Smartcards , 2000 .

[18]  A. Yao,et al.  Fair exchange with a semi-trusted third party (extended abstract) , 1997, CCS '97.

[19]  Leslie G. Valiant,et al.  Universal circuits (Preliminary Report) , 1976, STOC '76.

[20]  Silvio Micali,et al.  CS Proofs (Extended Abstracts) , 1994, FOCS 1994.

[21]  Sergio Loureiro,et al.  Function hiding based on error correcting codes , 1999 .

[22]  Christian S. Collberg,et al.  A Taxonomy of Obfuscating Transformations , 1997 .

[23]  Robert J. McEliece,et al.  A public key cryptosystem based on algebraic coding theory , 1978 .

[24]  Sergio Loureiro,et al.  Mobile code security , 2000 .

[25]  Bennet S. Yee,et al.  Using Secure Coprocessors , 1994 .

[26]  Oded Goldreich,et al.  Modern Cryptography, Probabilistic Proofs and Pseudorandomness , 1998, Algorithms and Combinatorics.

[27]  Johan van Tilburg,et al.  Extended Majority Voting and Private-Key Algebraic-Code Encryptions , 1991, ASIACRYPT.

[28]  Robert J. McEliece,et al.  The theory of information and coding : a mathematical framework for communication , 1977 .

[29]  Joe Kilian,et al.  One-Round Secure Computation and Secure Autonomous Mobile Agents , 2000, ICALP.

[30]  Martín Abadi,et al.  On hiding information from an oracle , 1987, STOC '87.

[31]  Nicolas Sendrier,et al.  Efficient Generation of Binary Words of Given Weight , 1995, IMACC.

[32]  Moti Yung,et al.  Non-interactive cryptocomputing for NC/sup 1/ , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[33]  Andrew Chi-Chih Yao,et al.  How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[34]  Christian F. Tschudin,et al.  On Software Protection via Function Hiding , 1998, Information Hiding.

[35]  Martín Abadi,et al.  On Hiding Information from an Oracle , 1987, Proceeding Structure in Complexity Theory.

[36]  Joan Feigenbaum,et al.  Locally Random Reductions in Interactive Complexity Theory , 1990, Advances In Computational Complexity Theory.

[37]  Jan Camenisch,et al.  Cryptographic security for mobile code , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[38]  David Aucsmith,et al.  Tamper Resistant Software: An Implementation , 1996, Information Hiding.

[39]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[40]  Manuel Blum,et al.  Designing programs that check their work , 1989, STOC '89.

[41]  Eyal Kushilevitz,et al.  Private information retrieval , 1995, Proceedings of IEEE 36th Annual Foundations of Computer Science.

[42]  J. van Tilburg,et al.  Security-analysis of a class of cryptosystems based on linear error-correcting codes , 1994 .

[43]  Bennet S. Yee A Sanctuary for Mobile Agents , 2001, Secure Internet Programming.

[44]  Hung-Min Sun,et al.  Improving the Security of the McEliece Public-Key Cryptosystem , 1998, ASIACRYPT.

[45]  Carsten Lund,et al.  Proof verification and hardness of approximation problems , 1992, Proceedings., 33rd Annual Symposium on Foundations of Computer Science.

[46]  Daniel Hagimont,et al.  A performance evaluation of the mobile agent paradigm , 1999, OOPSLA '99.