cccp secure remote storage for computational rfids
play

CCCP: Secure Remote Storage for Computational RFIDs M. Salajegheh, - PowerPoint PPT Presentation

Apr 09, 2023 •40 likes •750 views

CCCP: Secure Remote Storage for Computational RFIDs M. Salajegheh, S. Clark , B. Ransford, K. Fu (UMass Amherst) A. Juels (RSA) The Security Division of EMC NSF-627529 Shane Clark, USENIX Security 09 Tuesday, August 18, 2009 RFID tags

  1. CCCP: Secure Remote Storage for Computational RFIDs M. Salajegheh, S. Clark , B. Ransford, K. Fu (UMass Amherst) A. Juels (RSA) The Security Division of EMC NSF-627529 Shane Clark, USENIX Security ’09 Tuesday, August 18, 2009

  2. RFID tags Shane Clark, USENIX Security ’09 2 Tuesday, August 18, 2009

  3. RFID tags Shane Clark, USENIX Security ’09 2 Tuesday, August 18, 2009

  4. RFID tags Shane Clark, USENIX Security ’09 2 Tuesday, August 18, 2009

  5. RFID tags Shane Clark, USENIX Security ’09 2 Tuesday, August 18, 2009

  6. Computational RFID tags Shane Clark, USENIX Security ’09 2 Tuesday, August 18, 2009

  7. CRFIDs • Batteryless • Powered by harvested energy • Interact with RFID readers • Programmable WISP 1.0 Shane Clark, USENIX Security ’09 3 Tuesday, August 18, 2009

  8. CRFIDs • Tiny energy reservoir • Frequent power loss • Limited use of local storage WISP 1.0 Shane Clark, USENIX Security ’09 3 Tuesday, August 18, 2009

  9. Local Storage... at a Price Energy Consumption ( � J) • Energy intensive writes 128 Bytes Read 0.64 Write 56.97 Shane Clark, USENIX Security ’09 4 Tuesday, August 18, 2009

  10. Local Storage... at a Price Energy Consumption ( � J) Energy Consumption ( � J) • Energy intensive writes 128 Bytes Read Read 0.64 0.64 • Erase-before-write Write Write 56.97 56.97 Erase 46.81 Shane Clark, USENIX Security ’09 4 Tuesday, August 18, 2009

  11. Local Storage... at a Price Energy Consumption ( � J) Energy Consumption ( � J) • Energy intensive writes 128 Bytes Read Read 0.64 0.64 • Erase-before-write Write Write 56.97 56.97 • Small nonvolatile memory Erase 46.81 • WISP 4.0: 32 KB flash Shane Clark, USENIX Security ’09 4 Tuesday, August 18, 2009

  12. Inexpensive Radio CPU Flash Radio Mote [Hydrowatch] Shane Clark, USENIX Security ’09 5 Tuesday, August 18, 2009

  13. Inexpensive Radio CPU Radio CPU Flash Radio Flash Mote CRFID [Hydrowatch] Shane Clark, USENIX Security ’09 5 Tuesday, August 18, 2009

  14. Outsource Storage? Shane Clark, USENIX Security ’09 6 Tuesday, August 18, 2009

  15. Outsource Storage? Receive Send Shane Clark, USENIX Security ’09 6 Tuesday, August 18, 2009

  16. Outsource Storage? Problem: a reader is not necessarily trustworthy Shane Clark, USENIX Security ’09 6 Tuesday, August 18, 2009

  17. Outsource Storage? Junk Read Problem: a reader is not necessarily trustworthy Shane Clark, USENIX Security ’09 6 Tuesday, August 18, 2009

  18. Cryptographic Computational Continuation Passing Shane Clark, USENIX Security ’09 7 Tuesday, August 18, 2009

  19. Cryptographic Computational Continuation Passing ENC MAC Shane Clark, USENIX Security ’09 7 Tuesday, August 18, 2009

  20. Cryptographic Computational Continuation Passing DEC MAC ENC MAC Shane Clark, USENIX Security ’09 7 Tuesday, August 18, 2009

  21. Goal: Computational Progress • Change of computational state toward a goal � Example: completion of a loop • Eliminate Sisyphean tasks Shane Clark, USENIX Security ’09 8 Tuesday, August 18, 2009

  22. Sisyphean Tasks • Some workloads may never complete given typical energy availability • Manually splitting tasks is not necessarily easy or effective Shane Clark, USENIX Security ’09 9 Tuesday, August 18, 2009

  23. Mementos [Ransford ’08] Shane Clark, USENIX Security ’09 10 Tuesday, August 18, 2009

  24. Mementos [Ransford ’08] Task = { } T1 T2 T3 T4 Shane Clark, USENIX Security ’09 10 Tuesday, August 18, 2009

  25. Mementos [Ransford ’08] Task = { } T1 T2 T3 T4 Energy = Shane Clark, USENIX Security ’09 10 Tuesday, August 18, 2009

  26. Mementos [Ransford ’08] Task = { } T1 T2 T3 T4 Energy = • Checkpoint state (locally) as energy wanes • Spread computations over multiple lifecycles Shane Clark, USENIX Security ’09 10 Tuesday, August 18, 2009

  27. Mementos [Ransford ’08] Task = { } T1 T2 T3 T4 Energy = • Checkpoint state (locally) as energy wanes • Spread computations over multiple lifecycles { } T1 T2 T3 T4 Checkpoint Retrieve Shane Clark, USENIX Security ’09 10 Tuesday, August 18, 2009

  28. Mementos [Ransford ’08] Task = { } T1 T2 T3 T4 Energy = • Checkpoint state (locally) as energy wanes • Spread computations over multiple lifecycles { } T1 T2 T3 T4 Checkpoint Retrieve • Problem: flash write takes precious energy. Shane Clark, USENIX Security ’09 10 Tuesday, August 18, 2009

  29. Security Goals • Confidentiality • Integrity • Authentication • Data Freshness • Availability Shane Clark, USENIX Security ’09 11 Tuesday, August 18, 2009

  30. Security Goals • Confidentiality • Integrity • Authentication • Data Freshness • Availability Shane Clark, USENIX Security ’09 11 Tuesday, August 18, 2009

  31. Security Goals Reboots every few seconds • Confidentiality T i n y c a p a c i t o r • Integrity No battery Small RAM • Authentication • Data Freshness Expensive flash • Availability Shane Clark, USENIX Security ’09 11 Tuesday, August 18, 2009

  32. Security Primitives • Stream cipher for confidentiality • UMAC for integrity/authentication [Black ’99] • Low cost in terms of energy Shane Clark, USENIX Security ’09 12 Tuesday, August 18, 2009

  33. Security Primitives • Stream cipher for confidentiality • UMAC for integrity/authentication [Black ’99] • Low cost in terms of energy • Challenge: Maintaining the keystreams Shane Clark, USENIX Security ’09 12 Tuesday, August 18, 2009

  34. Precomputation? • Keystreams are required by the cipher and the MAC • Cannot reuse keystream bits • Not enough energy to compute on the fly Shane Clark, USENIX Security ’09 13 Tuesday, August 18, 2009

  35. Good Power Seasons • Times when the CRFID is idle • CRFID is awake and has no computation left to complete. • CRFID finds a reader that does not understand CCCP. • Plentiful energy � time to produce keystream bits Shane Clark, USENIX Security ’09 14 Tuesday, August 18, 2009

  36. Data Freshness • Some state must be in trusted storage • Nonvolatile memory is too expensive to use frequently • How can we use it frugally? Shane Clark, USENIX Security ’09 15 Tuesday, August 18, 2009

  37. Hole Punching Shane Clark, USENIX Security ’09 16 Tuesday, August 18, 2009

  38. Hole Punching 00000111 2 (=7 10 ) (a) Binary Counter Shane Clark, USENIX Security ’09 16 Tuesday, August 18, 2009

  39. Hole Punching 00000111 2 (=7 10 ) 00001000 2 (=8 10 ) (a) Binary Counter Shane Clark, USENIX Security ’09 16 Tuesday, August 18, 2009

  40. Hole Punching 00000111 2 (=7 10 ) 11111111 2 (erase) 00001000 2 (=8 10 ) 00001000 2 (=8 10 ) (a) Binary Counter Shane Clark, USENIX Security ’09 16 Tuesday, August 18, 2009

  41. Hole Punching 00000111 2 (=7 10 ) 11110000000 1 (=7 10 ) 11111111 2 (erase) 00001000 2 (=8 10 ) 00001000 2 (=8 10 ) (b) Unary Counter (a) Binary Counter (complemented) Shane Clark, USENIX Security ’09 16 Tuesday, August 18, 2009

  42. Hole Punching 00000111 2 (=7 10 ) 11110000000 1 (=7 10 ) 11111111 2 (erase) 11100000000 1 (=8 10 ) 00001000 2 (=8 10 ) 00001000 2 (=8 10 ) (b) Unary Counter (a) Binary Counter (complemented) Shane Clark, USENIX Security ’09 16 Tuesday, August 18, 2009

  43. Protocol Reader e t a t s CRFID Shane Clark, USENIX Security ’09 17 Tuesday, August 18, 2009

  44. Protocol Reader e t a t s CRFID Non-autonomous communication Shane Clark, USENIX Security ’09 17 Tuesday, August 18, 2009

  45. Store Procedure Reader CRFID Shane Clark, USENIX Security ’09 18 Tuesday, August 18, 2009

  46. Store Procedure Reader Query CRFID Shane Clark, USENIX Security ’09 18 Tuesday, August 18, 2009

  47. Store Procedure Reader Query CRFID Tasks 1..k Shane Clark, USENIX Security ’09 18 Tuesday, August 18, 2009

  48. Store Procedure Reader Need to store Query CRFID Tasks 1..k Shane Clark, USENIX Security ’09 18 Tuesday, August 18, 2009

  49. Store Procedure Reader Chunk size Need to store Query CRFID Tasks 1..k Shane Clark, USENIX Security ’09 18 Tuesday, August 18, 2009

  50. Store Procedure Reader Chunk size Need to store Query CRFID Tasks 1..k 1. Enc 2. MAC 3. Hole punch Shane Clark, USENIX Security ’09 18 Tuesday, August 18, 2009

  51. Store Procedure Reader Ciphertext+MAC Chunk size Need to store Query CRFID Tasks 1..k 1. Enc 2. MAC 3. Hole punch Shane Clark, USENIX Security ’09 18 Tuesday, August 18, 2009

  52. Store Procedure Store Reader Ciphertext+MAC Chunk size Need to store Query CRFID Tasks 1..k 1. Enc 2. MAC 3. Hole punch Shane Clark, USENIX Security ’09 18 Tuesday, August 18, 2009

  53. Retrieve Procedure Reader CRFID Shane Clark, USENIX Security ’09 19 Tuesday, August 18, 2009

  54. Retrieve Procedure Retrieve Reader CRFID Shane Clark, USENIX Security ’09 19 Tuesday, August 18, 2009

  55. Retrieve Procedure Retrieve Reader Ciphertext+MAC CRFID Shane Clark, USENIX Security ’09 19 Tuesday, August 18, 2009

  56. Retrieve Procedure Retrieve Reader Ciphertext+MAC CRFID 1. Verify 2. Dec Shane Clark, USENIX Security ’09 19 Tuesday, August 18, 2009

Recommend

Getting Things Done on Computational RFIDs with Energy-Aware Checkpointing and

Getting Things Done on Computational RFIDs with Energy-Aware Checkpointing and

HotPower 08 Getting Things Done on Computational RFIDs with Energy-Aware Checkpointing and Voltage-Aware Scheduling Benjamin Ransford , Shane Clark, Mastooreh Salajegheh, Kevin Fu Department of Computer Science University of

555 views • 36 slides
PROJECT PRESENTATION 5G-COMPLETE A unified network, Computational and stOrage resource Management

PROJECT PRESENTATION 5G-COMPLETE A unified network, Computational and stOrage resource Management

PROJECT PRESENTATION 5G-COMPLETE A unified network, Computational and stOrage resource Management framework targeting end-to-end Performance optimization for secure 5G muLti-tEchnology and multi-Tenancy Environments Short Presentation of

407 views • 5 slides
Building Secure Decentralized Applications the DECENT Way Haofan Zheng Xiaowei Chu University

Building Secure Decentralized Applications the DECENT Way Haofan Zheng Xiaowei Chu University

Building Secure Decentralized Applications the DECENT Way Haofan Zheng Xiaowei Chu University of California, Santa Cruz Owen Arden Remote Attestation A process for the enclave to gain the trust of a remote service, so that the remote

212 views • 18 slides
Fast & Secure LTE Connectivity Solutions Fast & Secure LTE Connectivity Solutions Remote

Fast & Secure LTE Connectivity Solutions Fast & Secure LTE Connectivity Solutions Remote

April 29 th Webinar April 29 th Webinar Fast & Secure LTE Connectivity Solutions Fast & Secure LTE Connectivity Solutions Remote Ready, Productively Working From Home Remote Ready, Productively Working From Home Bryan Buckley Director

646 views • 28 slides
Secure Coprocessor What is Secure coprocessor: Robust. (A system that is not easily or is

Secure Coprocessor What is Secure coprocessor: Robust. (A system that is not easily or is

Secure Coprocessor What is Secure coprocessor: Robust. (A system that is not easily or is not wholly affected by a bug in one aspect of it. ) General-purpose computational environments. Secure temper responsive physical package.

366 views • 14 slides
Expectations on Remote Data Supporting the Prometheus Remote Storage API Alfred Landrum Engineer

Expectations on Remote Data Supporting the Prometheus Remote Storage API Alfred Landrum Engineer

Expectations on Remote Data Supporting the Prometheus Remote Storage API Alfred Landrum Engineer @ Sysdig Twitter: @alfred-landrum Github: alfred-landrum Sysdig Backend Sysdig Dashboards/Alerts/Topology Host/Node based Agents Sysdig Data

544 views • 51 slides
Secure remote management with virtualization Daniel P. Berrang <berrange@redhat.com>

Secure remote management with virtualization Daniel P. Berrang <berrange@redhat.com>

Secure remote management with virtualization Daniel P. Berrang <berrange@redhat.com> libvirt: Background API for management of hypervisors Community (Red Hat, Fujitsu, Bull) Isolates apps from HV specific APIs Driver

608 views • 11 slides
NDS2 Secure storage, sharing and publishing of data in the NDS Maciej Brzeniak,

NDS2 Secure storage, sharing and publishing of data in the NDS Maciej Brzeniak,

NDS2 Secure storage, sharing and publishing of data in the NDS Maciej Brzeniak, Supercomputing Dept. of PSNC, www.psnc.pl TF-Storage meeting @Dubrovnik, Sep., 26-27th 2012 Project funded by: NCBiR for 2011-2013 under KMD2 project (no.

769 views • 21 slides
Modeling Analytics for Computational Storage Veronica Lagrange, Harry Li, Anahita Shayesteh

Modeling Analytics for Computational Storage Veronica Lagrange, Harry Li, Anahita Shayesteh

Modeling Analytics for Computational Storage Veronica Lagrange, Harry Li, Anahita Shayesteh Memory Solutions Lab 07 April 2020 Version 1.2 Samsung Semiconductor, Inc. ICPE 2020 Agenda Modeling Analytics for Computational Storage

848 views • 21 slides
Secure Communica-on Protocols Today SSL/TLS Protec-on for web browsing / transac-ons

Secure Communica-on Protocols Today SSL/TLS Protec-on for web browsing / transac-ons

Secure Communica-on Protocols Today SSL/TLS Protec-on for web browsing / transac-ons SSH Secure shell (remote login) IPSec IP Security suite, originally for use with IPv6 SSL/TLS Secure Sockets Layer / Transport Layer

322 views • 18 slides
PERFORMANCE ANALYSIS OF CONTAINERIZED APPLICATIONS ON LOCAL AND REMOTE STORAGE Qiumin Xu 1 , Manu

PERFORMANCE ANALYSIS OF CONTAINERIZED APPLICATIONS ON LOCAL AND REMOTE STORAGE Qiumin Xu 1 , Manu

PERFORMANCE ANALYSIS OF CONTAINERIZED APPLICATIONS ON LOCAL AND REMOTE STORAGE Qiumin Xu 1 , Manu Awasthi 2 , Krishna T. Malladi 3 , Janki Bhimani 4 , Jingpei Yang 3 , Murali Annavaram 1 1 USC, 2 IIT Gandhinagar 3 Samsung 4 Northeastern 1 Docker

590 views • 29 slides
CASD-TeraLab Secure Remote Access to Confidential Big Data Alexandre Marty [

CASD-TeraLab Secure Remote Access to Confidential Big Data Alexandre Marty [

1 CASD-TeraLab Secure Remote Access to Confidential Big Data Alexandre Marty [ alexandre.marty@casd.eu ] Outline 2 CASD-TeraLab Use Cases Live Demo The Secure Data Access Centre 3 Data Insertions/extractions are A group of

594 views • 8 slides
Obtaining Provably Secure Services from Formally Verified Remote Attestation Gene Tsudik 1 Joint

Obtaining Provably Secure Services from Formally Verified Remote Attestation Gene Tsudik 1 Joint

Obtaining Provably Secure Services from Formally Verified Remote Attestation Gene Tsudik 1 Joint work with: Ivan De Oliveira Nunes 1 , Karim Eldefrawy 2 , Norrathep Rattanavipanon 1 University of California Irvine 1 , SRI International 2 1 In

847 views • 48 slides
The Nomadic Network Providing Secure, Scalable and Manageable Roaming, Remote and Wireless Data

The Nomadic Network Providing Secure, Scalable and Manageable Roaming, Remote and Wireless Data

The Nomadic Network Providing Secure, Scalable and Manageable Roaming, Remote and Wireless Data Services Josh Howlett & Nick Skelton Information Services, University of Bristol TNC 2003 Background 1999-2000: new technologies

1.22k views • 52 slides
Secure Distributed Computation and Storage Jed Liu Michael D. George K. Vikram Xin Qi Lucas

Secure Distributed Computation and Storage Jed Liu Michael D. George K. Vikram Xin Qi Lucas

A Platform for Secure Distributed Computation and Storage Jed Liu Michael D. George K. Vikram Xin Qi Lucas Waye Andrew C. Myers Department of Computer Science Cornell University 22 nd ACM SIGOPS Symposium on Operating Systems Principles 14

650 views • 38 slides
Demystifying Blockchains: Decentralized, Secure and Fault-tolerant Storage Amr El Abbadi

Demystifying Blockchains: Decentralized, Secure and Fault-tolerant Storage Amr El Abbadi

Demystifying Blockchains: Decentralized, Secure and Fault-tolerant Storage Amr El Abbadi University of California, Santa Barbara In Collaboration with: Mohammad Amiri, Sujaya Maiyya, Victor Zakhary, and Divyakant Agrawal. Brown 2019 1

458 views • 41 slides
Plutus: scalable secure file sharing on untrusted storage Mahesh Kallahalla HP Labs Joint work

Plutus: scalable secure file sharing on untrusted storage Mahesh Kallahalla HP Labs Joint work

Plutus: scalable secure file sharing on untrusted storage Mahesh Kallahalla HP Labs Joint work with Erik Riedel (Seagate Research), Ram Swaminathan (HP Labs), Qian Wang (Penn State), Kevin Fu (MIT) March 31 2003 Why care about storage

399 views • 27 slides
Cryptographic proofs for remote storage: models and construction Julien Lavauzelle 1 , Franoise

Cryptographic proofs for remote storage: models and construction Julien Lavauzelle 1 , Franoise

Cryptographic proofs for remote storage: models and construction Julien Lavauzelle 1 , Franoise Levy-dit-Vehel 1,2 1 LIX & INRIA Saclay, Universit Paris-Saclay 2 ENSTA ParisTech Journes codage & cryptographie 2018, Aussois, France

842 views • 55 slides
Kurma: Secure Geo-distributed Multi-cloud Storage Gateways Ming Chen and Erez Zadok Stony Brook

Kurma: Secure Geo-distributed Multi-cloud Storage Gateways Ming Chen and Erez Zadok Stony Brook

Kurma: Secure Geo-distributed Multi-cloud Storage Gateways Ming Chen and Erez Zadok Stony Brook University File Systems and Storage Lab (FSL) Cloud Storage Gateways l Benefits of cloud gateways Public NAS u Combine advantages of both Cloud

650 views • 51 slides
Towards Blockchain-based Auditable Storage & Secure Sharing of IoT Data Hossein Shafagh ,

Towards Blockchain-based Auditable Storage & Secure Sharing of IoT Data Hossein Shafagh ,

Towards Blockchain-based Auditable Storage & Secure Sharing of IoT Data Hossein Shafagh , Lukas Burkhalter, Anwar Hithnawi, Simon Duquennoy Summer School on Real-world Crypto and privacy, June 2017 Trust in the Internet How things started

384 views • 10 slides
ssh and scp Eric McCreath ssh "ssh (SSH client) is a program for logging into a remote

ssh and scp Eric McCreath ssh "ssh (SSH client) is a program for logging into a remote

ssh and scp Eric McCreath ssh "ssh (SSH client) is a program for logging into a remote machine and for executing commands on a remote machine. It is intended to replace rlogin and rsh, and provide secure encrypted communications between

664 views • 14 slides
Clemmys Towards Secure Remote Execution in FaaS Bohdan Trach , Oleksii Oleksenko, Franz Gregor,

Clemmys Towards Secure Remote Execution in FaaS Bohdan Trach , Oleksii Oleksenko, Franz Gregor,

Clemmys Towards Secure Remote Execution in FaaS Bohdan Trach , Oleksii Oleksenko, Franz Gregor, Pramod Bhatotia, Christof Fetzer ACM SYSTOR 2019 FaaS Paradigm of Cloud Computing Function Runtime Guest OS Function Hypervisor Host OS FaaS

1.34k views • 98 slides
Secure storage in the cloud using property preserving encryption Kenny Paterson Information

Secure storage in the cloud using property preserving encryption Kenny Paterson Information

Secure storage in the cloud using property preserving encryption Kenny Paterson Information Security Group Overview 1. Application scenarios. 2. Deterministic encryption and search. 3. OPE/ORE and range queries. 4. Analysing access pattern

877 views • 48 slides
Security on cloud storage and IaaS at Taiwan-Japan Workshop 2012/Nov/27

Security on cloud storage and IaaS at Taiwan-Japan Workshop 2012/Nov/27

Resea earch I Institut ute e for or Se Secure Sy Systems Security on cloud storage and IaaS at Taiwan-Japan Workshop 2012/Nov/27 http://www.jst.go.jp/sicp/ws2012_nsc.html Kuniyasu Suzaki Research Institute for Secure Systems (RISEC)

350 views • 22 slides

More recommend