verifiable asics trustworthy hardware with untrusted
play

Verifiable ASICs: trustworthy hardware with untrusted components - PowerPoint PPT Presentation

Aug 27, 2023 •309 likes •1.04k views

Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max Howald , Siddharth Garg , abhi shelat , and Michael Walfish Stanford University New York University The Cooper Union

  1. Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby ◦ ⋆ , Max Howald † ⋆ , Siddharth Garg ⋆ , abhi shelat ‡ , and Michael Walfish ⋆ ◦ Stanford University ⋆ New York University † The Cooper Union ‡ The University of Virginia May 25 th , 2016

  2. Untrusted manufacturers can craft hardware Trojans

  3. Untrusted manufacturers can craft hardware Trojans

  4. Untrusted manufacturers can craft hardware Trojans

  5. Untrusted manufacturers can craft hardware Trojans

  6. Untrusted manufacturers can craft hardware Trojans Trusted fabrication is not a panacea: ✗ Only 5 countries have cutting-edge fabs on-shore ✗ Building a new fab takes $$$$$$, years of R&D ✗ An old fab could mean 10 8 × performance hit accounting for speed, chip area, and energy Can we get trust more cheaply?

  7. Can we build Verifiable ASICs? Principal F → designs for P , V

  8. Can we build Verifiable ASICs? Principal F → designs Trusted Untrusted for P , V fab (slow) fab (fast) builds V builds P

  9. Can we build Verifiable ASICs? Principal F → designs Trusted Untrusted for P , V fab (slow) fab (fast) builds V builds P Integrator V P

  10. Can we build Verifiable ASICs? Principal F → designs Trusted Untrusted for P , V fab (slow) fab (fast) builds V builds P Integrator input V P output

  11. Can we build Verifiable ASICs? Principal F → designs Trusted Untrusted for P , V fab (slow) fab (fast) builds V builds P Integrator input x V y P output proof that y = F( x )

  12. Can we build Verifiable ASICs? input x V y P vs. F output proof that y = F( x ) • Makes sense if V + P are cheaper than trusted F

  13. Can we build Verifiable ASICs? input x V y P vs. F output proof that y = F( x ) • Makes sense if V + P are cheaper than trusted F • Reasons for hope: • running time of V < running time of F (asymptotically) • speed of cutting-edge fab might offset P ’s overheads

  14. Can we build Verifiable ASICs? input x V y P vs. F output proof that y = F( x ) • Makes sense if V + P are cheaper than trusted F • Reasons for hope: • running time of V < running time of F (asymptotically) • speed of cutting-edge fab might offset P ’s overheads • Challenges remain: • Hardware issues: energy, chip area • Need physically realizable circuit design • V needs to save work at plausible computation sizes

  15. Zebra: a hardware design that saves costs

  16. A qualified success Zebra: a hardware design that saves costs. . . . . . sometimes.

  17. Probabilistic proof systems, briefly input x V y P output proof that y = F( x ) F must be expressed as an arithmetic circuit (AC) generalized boolean circuit over F p ∨ → + ∧ → ×

  18. Probabilistic proof systems, briefly input x V y P output proof that y = F( x ) F must be expressed as an arithmetic circuit (AC) AC satisfiable ⇐ ⇒ F was executed correctly P convinces V that the AC is satisfiable

  19. Probabilistic proof systems, briefly input x V y P output proof that y = F( x ) Arguments [GGPR13, IPs SBVBPW13, PGHR13, BCTV14] [GKR08, CMT12, VSBW13] e.g., Muggles, CMT, Allspice e.g., Zaatar, Pinocchio, libsnark

  20. Probabilistic proof systems, briefly input x V y P output proof that y = F( x ) Arguments [GGPR13, IPs SBVBPW13, PGHR13, BCTV14] [GKR08, CMT12, VSBW13] e.g., Muggles, CMT, Allspice e.g., Zaatar, Pinocchio, libsnark – “Quasi–straight line” F + F with RAM, complex control flow – Lots of V - P communication + Little V - P communication

  21. Probabilistic proof systems, briefly input x V y P output proof that y = F( x ) Arguments [GGPR13, IPs SBVBPW13, PGHR13, BCTV14] [GKR08, CMT12, VSBW13] e.g., Muggles, CMT, Allspice e.g., Zaatar, Pinocchio, libsnark – “Quasi–straight line” F + F with RAM, complex control flow – Lots of V - P communication + Little V - P communication Unsuited to hardware ✗ implementation

  22. Probabilistic proof systems, briefly input x V y P output proof that y = F( x ) Arguments [GGPR13, IPs SBVBPW13, PGHR13, BCTV14] [GKR08, CMT12, VSBW13] e.g., Muggles, CMT, Allspice e.g., Zaatar, Pinocchio, libsnark – “Quasi–straight line” F + F with RAM, complex control flow – Lots of V - P communication + Little V - P communication Suited to hardware Unsuited to hardware ✓ ✗ implementation implementation

  23. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] F must be expressed as a layered arithmetic circuit. Note: this is an abstraction of F, not a physical circuit!

  24. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs

  25. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit

  26. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit

  27. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit

  28. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit, returns output y y

  29. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit, returns output y 3. V cross-examines P about the last layer

  30. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit, returns output y 3. V cross-examines P about the last layer, ends up with claim about second-last layer

  31. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit, returns output y 3. V cross-examines P about the last layer, ends up with claim about second-last layer 4. V iterates

  32. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit, returns output y 3. V cross-examines P about the last layer, ends up with claim about second-last layer 4. V iterates

  33. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit, returns output y 3. V cross-examines P about the last layer, ends up with claim about second-last layer 4. V iterates

  34. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit, returns output y 3. V cross-examines P about the last layer, ends up with claim about second-last layer 4. V iterates, ends up with claim about inputs

  35. Zebra builds on IPs of GKR [GKR08, CMT12, VSBW13] 1. V sends inputs 2. P evaluates circuit, returns output y 3. V cross-examines P about the last layer, ends up with claim about second-last layer 4. V iterates, ends up with claim about inputs 5. V checks consistency with the inputs V ’s work ≈ O (depth · log width), so it saves work when width ≫ depth

  36. Can we parallelize this interaction? Can V and P interact about all of F’s layers at once? No. V must ask questions in correct order or P can cheat!

  37. Can we parallelize this interaction? Can V and P interact about all of F’s layers at once? No. V must ask questions in correct order or P can cheat! But: Zebra uses pipelining to parallelize several Fs.

  38. Extracting parallelism through pipelining V questions P about F( x 1 )’s output layer. F( x 1 )

  39. Extracting parallelism through pipelining V questions P about F( x 1 )’s output layer. Simultaneously, P returns F( x 2 ). F( x 1 ) F( x 2 )

  40. Extracting parallelism through pipelining V questions P about F( x 1 )’s next layer F( x 1 )

  41. Extracting parallelism through pipelining V questions P about F( x 1 )’s next layer, and F( x 2 )’s output layer. F( x 1 ) F( x 2 )

  42. Extracting parallelism through pipelining V questions P about F( x 1 )’s next layer, and F( x 2 )’s output layer. Meanwhile, P returns F( x 3 ). F( x 1 ) F( x 2 ) F( x 3 )

  43. Extracting parallelism through pipelining This process continues until the pipeline is full. F( x 1 ) F( x 2 ) F( x 3 ) F( x 4 )

  44. Extracting parallelism through pipelining This process continues until the pipeline is full. F( x 1 ) F( x 2 ) F( x 3 ) F( x 4 ) F( x 5 )

  45. Extracting parallelism through pipelining F( x 1 ) This process continues F( x 2 ) until the pipeline is full. F( x 3 ) V and P can complete one proof in each time F( x 4 ) step. F( x 5 ) F( x 6 ) F( x 7 ) F( x 8 )

  46. Zebra’s design approach ✓ Extract parallelism e.g., pipelined proving

  47. Zebra’s design approach ✓ Extract parallelism e.g., pipelined proving ✓ Exploit locality: distribute data and control e.g., no RAM: data is kept close to places it is needed e.g., latency-insensitive design: distributed state machine avoids bottlenecks associated with central controller

  48. Zebra’s design approach ✓ Extract parallelism e.g., pipelined proving ✓ Exploit locality: distribute data and control e.g., no RAM: data is kept close to places it is needed e.g., latency-insensitive design: distributed state machine avoids bottlenecks associated with central controller ✓ Reduce, reuse, recycle e.g., computation: save energy by adding memoization to P e.g., hardware: save chip area by reusing the same circuits

  49. Architectural challenges Interaction between V and P requires a lot of bandwidth ✗ V and P on circuit board? Too much energy, circuit area Protocol requires input-independent precomputation [Allspice13]

Recommend

Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max

Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max

Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max Howald , Siddharth Garg , abhi shelat , and Michael Walfish Stanford University New York University The Cooper Union

1.26k views • 110 slides
Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max

Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max

Verifiable ASICs: trustworthy hardware with untrusted components Riad S. Wahby , Max Howald , Siddharth Garg , abhi shelat , and Michael Walfish Stanford University New York University The Cooper Union

1.17k views • 88 slides
Verifiable ASICs Aarhus Workshop on Secure Multiparty Computation 1 June 2016 Michael Walfish

Verifiable ASICs Aarhus Workshop on Secure Multiparty Computation 1 June 2016 Michael Walfish

Verifiable ASICs Aarhus Workshop on Secure Multiparty Computation 1 June 2016 Michael Walfish Dept. of Computer Science, Courant Institute, NYU This is joint work with: Riad S. Wahby (Stanford), Max Howald (Cooper Union and NYU), Siddharth

723 views • 44 slides
Secure Hardware HOW CAN WE PROTECT OUR HARDWARE ??? HOW CAN OUR HARDWARE PROTECT ITSELF ??? 1

Secure Hardware HOW CAN WE PROTECT OUR HARDWARE ??? HOW CAN OUR HARDWARE PROTECT ITSELF ??? 1

Secure Hardware HOW CAN WE PROTECT OUR HARDWARE ??? HOW CAN OUR HARDWARE PROTECT ITSELF ??? 1 OReilly 2 Trusted or Trustworthy? An object is trusted if and only if it operates as expected An object is trustworthy if and only if it is

707 views • 45 slides
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware F LORIAN T

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware F LORIAN T

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware F LORIAN T RAMR &amp; D AN B ONEH ICLR, New Orleans May 7 th 2019 2 Securely outsourcing ML inference with hardware isolation - Intel SGX input X -

554 views • 10 slides
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian

Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Florian Tramr (joint work with Dan Boneh) Intel, Santa Clara August 30 th 2018 Trusted execution of ML: 3 motivating scenarios 1. Outsourced ML Data

781 views • 21 slides
Hardware Enclaves &amp; In Intel SGX CS261 Hardware Enclaves HW abstractions for

Hardware Enclaves &amp; In Intel SGX CS261 Hardware Enclaves HW abstractions for

Hardware Enclaves &amp; In Intel SGX CS261 Hardware Enclaves HW abstractions for distributing trusted execution to untrusted platforms 2 Hardware Enclaves HW abstractions for distributing trusted execution to untrusted platforms

1.06k views • 18 slides
SegSlice: new primitives for trustworthy computing Sergey Bratus, PKI/Trust Lab, Dartmouth

SegSlice: new primitives for trustworthy computing Sergey Bratus, PKI/Trust Lab, Dartmouth

SegSlice: new primitives for trustworthy computing Sergey Bratus, PKI/Trust Lab, Dartmouth College Michael Locasto, George Mason U. Brian Schulte, George Mason U. A policy should prevent the system transitions to untrusted states from

621 views • 13 slides
VERIFIABLE DELAY FUNCTIONS Benjamin Wesolowski VERIFIABLE DELAY FUNCTIONS How to slow things

VERIFIABLE DELAY FUNCTIONS Benjamin Wesolowski VERIFIABLE DELAY FUNCTIONS How to slow things

Confrence de lancement de l'ANR Ciao, Fvrier 2020, Bordeaux, France VERIFIABLE DELAY FUNCTIONS Benjamin Wesolowski VERIFIABLE DELAY FUNCTIONS How to slow things down VERIFIABLE DELAY FUNCTIONS [Boneh, Bonneau, Bnz, Fisch 2018] A VDF is

616 views • 32 slides
Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras

Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras

Confinement (Running Untrusted Programs) Chester Rebeiro Indian Institute of Technology Madras Untrusted Programs Untrusted Application Entire Application untrusted Part of application untrusted Modules or library untrusted

797 views • 46 slides
When NOT to Use ASICs When NOT to Use ASICs Rick Van Berg HEPIC2013 When NOT to Use ASICs When

When NOT to Use ASICs When NOT to Use ASICs Rick Van Berg HEPIC2013 When NOT to Use ASICs When

When NOT to Use ASICs When NOT to Use ASICs Rick Van Berg HEPIC2013 When NOT to Use ASICs When NOT to Use ASICs Rick Van Berg HEPIC2013 When not to Put Effort Into ASICs When not to Put Effort Into ASICs Rick Van Berg HEPIC2013 Hieronymus Bosch

352 views • 14 slides
Jitk: A trustworthy in-kernel interpreter infrastructure Xi Wang, David Lazar, Nickolai Zeldovich,

Jitk: A trustworthy in-kernel interpreter infrastructure Xi Wang, David Lazar, Nickolai Zeldovich,

Jitk: A trustworthy in-kernel interpreter infrastructure Xi Wang, David Lazar, Nickolai Zeldovich, Adam Chlipala, Zachary Tatlock MIT and University of Washington Modern OSes run untrusted user code in kernel In-kernel interpreters

1k views • 30 slides
Verifiable Random Functions and Verifiable Delay Functions Caleb Smith University of

Verifiable Random Functions and Verifiable Delay Functions Caleb Smith University of

Verifiable Random Functions and Verifiable Delay Functions Caleb Smith University of Virginia Why do these matter? Alternative consensus protocols Applications to public randomness generation Leader election Bitcoin Proof of Work

355 views • 19 slides
ECON ASICs Gregory Deptuch, Zoltan Gecse, Jim Hirschauer, Sandeep Miryala, Paul Rubinov ASICs

ECON ASICs Gregory Deptuch, Zoltan Gecse, Jim Hirschauer, Sandeep Miryala, Paul Rubinov ASICs

ECON ASICs Gregory Deptuch, Zoltan Gecse, Jim Hirschauer, Sandeep Miryala, Paul Rubinov ASICs PMG 10 May 2019 Reminders Two Endcap Concentrator (ECON) ASICs on independent data paths: ECON-TRG : select and compress interesting data for

273 views • 10 slides
ECON ASICs Jim Hirschauer, Ralph Wickwire ASICs PMG 11 Nov 2019 DOE CD-1 IPR and CERN P2UG

ECON ASICs Jim Hirschauer, Ralph Wickwire ASICs PMG 11 Nov 2019 DOE CD-1 IPR and CERN P2UG

ECON ASICs Jim Hirschauer, Ralph Wickwire ASICs PMG 11 Nov 2019 DOE CD-1 IPR and CERN P2UG CD-1 / IPR went well on Oct 22-24. Reviewers clearly concerned about ECON: The ECON ASIC is a critical component for which the US has sole

376 views • 14 slides
Verifiable Cloud Outsourcing for Network Func9ons (+

Verifiable Cloud Outsourcing for Network Func9ons (+

Verifiable Cloud Outsourcing for Network Func9ons (+ Verifiable Resource Accoun9ng for Cloud Services) Vyas Sekar vNFO joint with Seyed Fayazbakhsh,

434 views • 28 slides
TCIPG TECHNICAL CLUSTERS AND THREADS Trustworthy Trustworthy Technologies for Wide Technologies

TCIPG TECHNICAL CLUSTERS AND THREADS Trustworthy Trustworthy Technologies for Wide Technologies

TRUSTWORTHY CYBER INFRASTRUCTURE FOR THE POWER GRID | TCIPG.OR G TCIPG TECHNICAL CLUSTERS AND THREADS Trustworthy Trustworthy Technologies for Wide Technologies for Local Responding To and Trust Assessment Area Monitoring and Area

291 views • 8 slides
Hardware Enclave Attacks CS261 Threat Model of Hardware Enclaves Intel Attestation Process

Hardware Enclave Attacks CS261 Threat Model of Hardware Enclaves Intel Attestation Process

Hardware Enclave Attacks CS261 Threat Model of Hardware Enclaves Intel Attestation Process Service Untrusted (IAS) Enclave Enclave Code Trusted Process Process Enclave Other Data Enclave OS and/or Hypervisor Off-chip devices 2

531 views • 24 slides
Get to ASICs Faster Get to ASICs Faster A Novel Mixed Signal Design Methodology Dr Greg

Get to ASICs Faster Get to ASICs Faster A Novel Mixed Signal Design Methodology Dr Greg

February 24-26, 2009 Get to ASICs Faster Get to ASICs Faster A Novel Mixed Signal Design Methodology Dr Greg Tumbush: Tumbush Enterprises Dr. Greg Tumbush: Tumbush Enterprises ON Semiconductor: Gareth Weale, Dustin Griesdorf, , , Alaa

447 views • 20 slides
Generating Verifiable Java Code from Verified PVS Specifications NFM2012 Generating Verifiable

Generating Verifiable Java Code from Verified PVS Specifications NFM2012 Generating Verifiable

Leonard Lensink, Sjaak Smetsers and Marko van Eekelen Generating Verifiable Java Code from Verified PVS Specifications NFM2012 Generating Verifiable Java Code from Verified PVS Specifications Overview Motivation Code generation

544 views • 26 slides
Post-Quantum EPID Signatures from Symmetric Primitives Dan Boneh Saba Eskandarian Ben Fisch

Post-Quantum EPID Signatures from Symmetric Primitives Dan Boneh Saba Eskandarian Ben Fisch

Post-Quantum EPID Signatures from Symmetric Primitives Dan Boneh Saba Eskandarian Ben Fisch Hardware Enclaves A trusted component in an untrusted system Protected memory isolates enclave from compromised OS Untrusted System Enclave

505 views • 34 slides
Trustworthy Technologies for Local Area Management, Monitoring, and Control Tom Overbye Number

Trustworthy Technologies for Local Area Management, Monitoring, and Control Tom Overbye Number

Trustworthy Technologies for Local Area Management, Monitoring, and Control Tom Overbye Number of Activities: 5 2012 Industry Workshop October 30, 2012 | 1 TCIPG Technical Clusters and Threads Trustworthy Technologies Trustworthy

419 views • 10 slides
Delegation with (nearly) optimal time/space overhead Justin Holmgren Ron Rothblum MIT MIT

Delegation with (nearly) optimal time/space overhead Justin Holmgren Ron Rothblum MIT MIT

Delegation with (nearly) optimal time/space overhead Justin Holmgren Ron Rothblum MIT MIT Verifiable Computation Verifiable Computation Verifiable Computation M(x)=? M(x) = y Verifiable Computation M(x)=? , challenge , proof

1.73k views • 119 slides
Trustworthy Computing * Reverse engineers agree on that! Trustworthy Computing Trustworthy

Trustworthy Computing * Reverse engineers agree on that! Trustworthy Computing Trustworthy

Trustworthy Computing * Reverse engineers agree on that! Trustworthy Computing Trustworthy Computing Trustworthy Computing Trustworthy Computing Trustworthy Computing Trustworthy Computing *

753 views • 63 slides

More recommend