Formal Methods for Smartcard Security

Barthe, Gilles; Dufay, Guillaume

doi:10.1007/11554578_5

Cited by 4 publications

(2 citation statements)

References 83 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the following, we describe our new corruption model in more detail. 5 Let P be the set of main parties of a protocol π. At the first activation, the adversary A may only send a physical-attack instruction that enables him to gain control over parties regardless of the protocol architecture.…”

Section: Corruption Modelmentioning

confidence: 99%

“…In order to protect from remotely exploitable vulnerabilities, we suggest to use formal verification wherever possible. There exists a vast body in the literature that is applicable to the implementations we discuss below, like smart cards ( [2,5]), cryptographic implementations in the IoT world [45], FPGAs and ASICs [9,20] or microkernels [26,31]. Due to the very low complexity of the cryptographic core, formal verification is applicable in practice for our modules.…”

Section: Implementations Of Remotely Unhackable Hardware Modulesmentioning

confidence: 99%

See 1 more Smart Citation

Fortified Multi-Party Computation: Taking Advantage of Simple Secure Hardware Modules

Broadnax¹,

Koch

Mechler

et al. 2021

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

In practice, there are numerous settings where mutually distrusting parties need to perform distributed computations on their private inputs. For instance, participants in a first-price sealed-bid online auction do not want their bids to be disclosed. This problem can be addressed using secure multi-party computation (MPC), where parties can evaluate a publicly known function on their private inputs by executing a specific protocol that only reveals the correct output, but nothing else about the private inputs. Such distributed computations performed over the Internet are susceptible to remote hacks that may take place during the computation. As a consequence, sensitive data such as private bids may leak. All existing MPC protocols do not provide any protection against the consequences of such remote hacks. We present the first MPC protocols that protect the remotely hacked parties’ inputs and outputs from leaking. More specifically, unless the remote hack takes place before the party received its input or all parties are corrupted, a hacker is unable to learn the parties’ inputs and outputs, and is also unable to modify them. We achieve these strong (privacy) guarantees by utilizing the fact that in practice parties may not be susceptible to remote attacks at every point in time, but only while they are online, i.e. able to receive messages. To this end, we model communication via explicit channels. In particular, we introduce channels with an airgap switch (disconnect-able by the party in control of the switch), and unidirectional data diodes. These channels and their isolation properties, together with very few, similarly simple and plausibly remotely unhackable hardware modules serve as the main ingredient for attaining such strong security guarantees. In order to formalize these strong guarantees, we propose the UC with Fortified Security (UC#) framework, a variant of the Universal Composability (UC) framework.

show abstract

Section: Corruption Modelmentioning

confidence: 99%