SESSION 10-4 Establishing Software Root of Trust Unconditionally
Root-of-Trust (RoT) establishment ensures either that the state of an untrusted system contains all and only content chosen by a trusted local verifier and the system code begins execution in that state, or that the verifier discovers the existence of unaccounted for content. This ensures program booting into system states that are free of persistent malware. An adversary can no longer retain undetected control of one's local system.
We establish RoT {em unconditionally}; i.e., without secrets, trusted hardware modules and instructions, or bounds on the adversary's computational power. The specification of a system's chipset and device controllers, and an external source of true random numbers, such as a commercially available quantum RNG, is all that is needed. Our system specifications are those of a concrete Word Random Access Machine (cWRAM) model -- the closest computation model to a real system with a large instruction set.
We define the requirements for RoT establishment and explain their differences from past attestation protocols. Then we introduce a RoT establishment protocol based on a new computation primitive with concrete (non-asymptotic) optimal space-time bounds in adversarial evaluation on the cWRAM. The new primitive is a randomized polynomial, which has $k$-independent uniform coefficients in a prime order field. Its collision properties are stronger than those of a $k$-independent (almost) universal hash function in cWRAM evaluations, and are sufficient to prove existence of malware-free states before RoT is established. Preliminary measurements show that randomized-polynomial performance is practical on commodity hardware even for very large $k$.
To prove the concrete optimality of randomized polynomials, we present a result of independent complexity interest: a Horner-rule program is uniquely optimal whenever the cWRAM execution space and time are simultaneously minimized.
PAPER
https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_10-4_Gligor_paper.pdf
SLIDES
https://www.ndss-symposium.org/wp-content/uploads/ndss2019_10-4_Gligor_slides.pdf
AUTHORS
irgil D. Gligor (Carnegie Mellon University)
Maverick S. L. Woo (Carnegie Mellon University)
Network and Distributed System Security (NDSS) Symposium 2019, 24-27 February 2019, Catamaran Resort Hotel & Spa in San Diego, California.
https://www.ndss-symposium.org/ndss-program/ndss-symposium-2019-program/
ABOUT NDSS
The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.
https://www.ndss-symposium.org/
#NDSS #NDSS19 #NDSS2019 #InternetSecurity