Cryptology ePrint Archive: Report 2015/1243
Riad S. Wahby and Max Howald and Siddharth Garg and abhi shelat and Michael Walfish
Abstract: A manufacturer of custom hardware (ASICs) can undermine the intended execution of that hardware; high-assurance execution thus requires controlling the manufacturing chain.
However, a trusted platform might be orders of magnitude worse in performance or price than an advanced, untrusted platform.
This paper initiates exploration of an alternative: using verifiable computation (VC), an untrusted ASIC computes proofs of correct execution, which are verified by a trusted processor or ASIC.
In contrast to the usual VC setup, here the prover and verifier together must impose less overhead than the alternative of executing directly on the trusted platform.
We instantiate this approach by designing and implementing physically realizable, area-efficient, high throughput ASICs (for a prover and verifier), in fully synthesizable Verilog.
The system, called Zebra, is based on the CMT and Allspice interactive proof protocols, and required new observations about CMT, careful hardware design, and attention to architectural challenges.
For a class of real computations, Zebra meets or exceeds the performance of executing directly on the trusted platform.
Category / Keywords: implementation / trustworthy hardware, verifiable computation
Original Publication (in the same form): IEEE Security & Privacy 2016
Date: received 30 Dec 2015, last revised 29 May 2016
Contact author: rsw at cs stanford edu
Available format(s): PDF | BibTeX Citation
Note: An extended version of this paper is forthcoming.
Version: 20160529:145706 (All versions of this report)
Short URL: ia.cr/2015/1243
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]