Hardware support for high performance, intrusion- and fault-tolerant systems

The paper proposes a combined hardware/software approach for realizing high performance, intrusion- and fault-tolerant services. The approach is demonstrated for (yet not limited to) an attribute authority server, which provides a compelling application due to its stringent performance and security requirements. The key element of the proposed architecture is an FPGA-based, parallel crypto-engine providing (1) optimally dimensioned RSA Processors for efficient execution of computationally intensive RSA signatures and (2) a KeyStore facility used as tamper-resistant storage for preserving secret keys. To achieve linear speed-up (with the number of RSA Processors) and deadlock-free execution in spite of resource-sharing and scheduling/synchronization issues, we have resorted to a number of performance enhancing techniques (e.g., use of different clock domains, optimal balance between internal and external parallelism) and have formally modeled and mechanically proved our crypto-engine with the Spin model checker. At the software level, the architecture combines active replication and threshold cryptography, but in contrast with previous work, the code of our replicas is multithreaded so it can efficiently use an attached parallel crypto-engine to compute an attribute authority partial signature (as required by threshold cryptography). Resulting replicated systems that exhibit nondeterministic behavior, which cannot be handled with conventional replication approaches. Our architecture is based on a preemptive deterministic scheduling algorithm to govern scheduling of replica threads and guarantee strong replica consistency.

[1]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[2]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[3]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[4]  Yves Deswarte,et al.  Intrusion tolerance in distributed computing systems , 1991, Proceedings. 1991 IEEE Computer Society Symposium on Research in Security and Privacy.

[5]  Yves Deswarte,et al.  An authorization scheme for distributed object systems , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[6]  Gerard J. Holzmann,et al.  The Model Checker SPIN , 1997, IEEE Trans. Software Eng..

[7]  Configuration Issues : Power-up , Volatility , Security , Battery Back , 1998 .

[8]  Mark Garland Hayden,et al.  The Ensemble System , 1998 .

[9]  M. Kuhn,et al.  The Advanced Computing Systems Association Design Principles for Tamper-resistant Smartcard Processors Design Principles for Tamper-resistant Smartcard Processors , 2022 .

[10]  Adi Shamir,et al.  Playing "Hide and Seek" with Stored Keys , 1999, Financial Cryptography.

[11]  William E. Johnston,et al.  Certificate-based Access Control for Widely Distributed Resources , 1999, USENIX Security Symposium.

[12]  Ricardo Jiménez-Peris,et al.  Deterministic scheduling for transactional multithreaded replicas , 2000, Proceedings 19th IEEE Symposium on Reliable Distributed Systems SRDS-2000.

[13]  Navjot Singh,et al.  Transparent Run-Time Defense Against Stack-Smashing Attacks , 2000, USENIX Annual Technical Conference, General Track.

[14]  Victor Shoup,et al.  Practical Threshold Signatures , 2000, EUROCRYPT.

[15]  Sean W. Smith,et al.  Building the IBM 4758 Secure Coprocessor , 2001, Computer.

[16]  Yves Deswarte,et al.  An Internet Authorization Scheme Using Smart-Card-Based Security Kernels , 2001, E-smart.

[17]  William H. Sanders,et al.  Intrusion Tolerance Approaches in ITUA , 2001 .

[18]  M. Joye,et al.  Recovering lost efficiency of exponentiation algorithms on smart cards , 2002 .

[19]  Christian Cachin,et al.  Secure INtrusion-Tolerant Replication on the Internet , 2002, Proceedings International Conference on Dependable Systems and Networks.

[20]  Christian S. Collberg,et al.  Watermarking, Tamper-Proofing, and Obfuscation-Tools for Software Protection , 2002, IEEE Trans. Software Eng..

[21]  Fred B. Schneider,et al.  COCA: a secure distributed online certification authority , 2002 .

[22]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[23]  Ravishankar K. Iyer,et al.  A preemptive deterministic scheduling algorithm for multithreaded replicas , 2003, 2003 International Conference on Dependable Systems and Networks, 2003. Proceedings..

[24]  Antonino Mazzeo,et al.  FPGA-based implementation of a serial RSA processor , 2003, 2003 Design, Automation and Test in Europe Conference and Exhibition.

[25]  Robbert van Renesse,et al.  COCA: a secure distributed online certification authority , 2002, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].

[26]  Gerard J. Holzmann,et al.  The SPIN Model Checker , 2003 .

[27]  Christof Paar,et al.  Cryptography on FPGAs: State of the Art Implementations and Attacks , 2003 .

[28]  Alessandro Cilardo,et al.  An FPGA-based key-store for improving the dependability of security services , 2005, 10th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems.