Olivier Bronchain, Louis Dassy, Sebastian Faust, François-Xavier Standaert
{"title":"从(大多数)由串通制造商设计的不可信组件中实现抗木马硬件","authors":"Olivier Bronchain, Louis Dassy, Sebastian Faust, François-Xavier Standaert","doi":"10.1145/3266444.3266447","DOIUrl":null,"url":null,"abstract":"At CCS 2016, Dziembowski et al. proved the security of a generic compiler able to transform any circuit into a Trojan-resilient one based on a (necessary) number of trusted gates. Informally, it exploits techniques from the Multi-Party Computation (MPC) literature in order to exponentially reduce the probability of a successful Trojan attack. As a result, its concrete relevance depends on ( i ) the possibility to reach good performances with affordable hardware, and ( ii ) the actual number of trusted gates the solution requires. In this paper, we assess the practicality of the CCS 2016 Trojan-resilient compiler based on a block cipher case study, and optimize its performances in different directions. From the algorithmic viewpoint, we use a recent MPC protocol by Araki et al. (CCS 2016) in order to increase the throughput of our implementations, and we investigate various block ciphers and S-box representations to reduce their communication complexity. From a design viewpoint, we develop an architecture that balances the computation and communication cost of our Trojan-resilient circuits. From an implementation viewpoint, we describe a prototype hardware combining several commercial FPGAs on a dedicated printed circuit board. Thanks to these advances, we exhibit realistic performances for a Trojan-resilient circuit purposed for high-security applications, and confirm that the amount of trusted gates required by the CCS 2016 compiler is well minimized.","PeriodicalId":104371,"journal":{"name":"Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security","volume":"25 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-01-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Implementing Trojan-Resilient Hardware from (Mostly) Untrusted Components Designed by Colluding Manufacturers\",\"authors\":\"Olivier Bronchain, Louis Dassy, Sebastian Faust, François-Xavier Standaert\",\"doi\":\"10.1145/3266444.3266447\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"At CCS 2016, Dziembowski et al. proved the security of a generic compiler able to transform any circuit into a Trojan-resilient one based on a (necessary) number of trusted gates. Informally, it exploits techniques from the Multi-Party Computation (MPC) literature in order to exponentially reduce the probability of a successful Trojan attack. As a result, its concrete relevance depends on ( i ) the possibility to reach good performances with affordable hardware, and ( ii ) the actual number of trusted gates the solution requires. In this paper, we assess the practicality of the CCS 2016 Trojan-resilient compiler based on a block cipher case study, and optimize its performances in different directions. From the algorithmic viewpoint, we use a recent MPC protocol by Araki et al. (CCS 2016) in order to increase the throughput of our implementations, and we investigate various block ciphers and S-box representations to reduce their communication complexity. From a design viewpoint, we develop an architecture that balances the computation and communication cost of our Trojan-resilient circuits. From an implementation viewpoint, we describe a prototype hardware combining several commercial FPGAs on a dedicated printed circuit board. Thanks to these advances, we exhibit realistic performances for a Trojan-resilient circuit purposed for high-security applications, and confirm that the amount of trusted gates required by the CCS 2016 compiler is well minimized.\",\"PeriodicalId\":104371,\"journal\":{\"name\":\"Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security\",\"volume\":\"25 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-01-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3266444.3266447\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3266444.3266447","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Implementing Trojan-Resilient Hardware from (Mostly) Untrusted Components Designed by Colluding Manufacturers
At CCS 2016, Dziembowski et al. proved the security of a generic compiler able to transform any circuit into a Trojan-resilient one based on a (necessary) number of trusted gates. Informally, it exploits techniques from the Multi-Party Computation (MPC) literature in order to exponentially reduce the probability of a successful Trojan attack. As a result, its concrete relevance depends on ( i ) the possibility to reach good performances with affordable hardware, and ( ii ) the actual number of trusted gates the solution requires. In this paper, we assess the practicality of the CCS 2016 Trojan-resilient compiler based on a block cipher case study, and optimize its performances in different directions. From the algorithmic viewpoint, we use a recent MPC protocol by Araki et al. (CCS 2016) in order to increase the throughput of our implementations, and we investigate various block ciphers and S-box representations to reduce their communication complexity. From a design viewpoint, we develop an architecture that balances the computation and communication cost of our Trojan-resilient circuits. From an implementation viewpoint, we describe a prototype hardware combining several commercial FPGAs on a dedicated printed circuit board. Thanks to these advances, we exhibit realistic performances for a Trojan-resilient circuit purposed for high-security applications, and confirm that the amount of trusted gates required by the CCS 2016 compiler is well minimized.