Cryptology ePrint Archive: Report 2018/519

Fortified Universal Composability: Taking Advantage of Simple Secure Hardware Modules

Brandon Broadnax and Alexander Koch and Jeremias Mechler and Tobias Müller and Jörn Müller-Quade and Matthias Nagel

Abstract: Remote hacks are the most common threat in the Internet. We therefore initiate the study of incorporating very simple remotely unhackable hardware modules, such as air-gap switches and data diodes, into the field of multi-party computation. As a result, we are able to construct MPC protocols with very strong and composable security guarantees against remote hacks. Our application of remotely unhackable hardware modules is motivated by the fact that hardware modules with very limited functionality can be implemented securely as fixed-function circuits and verified for correctness. Such hardware modules can therefore not be hacked remotely.

Using only very few and very simple remotely unhackable hardware modules, we construct protocols where mounting remote attacks does not enable an adversary to learn or modify a party's inputs and outputs unless he hacks a party via the input port before it has received its (first) input (or gains control over all parties). Hence, our protocols protect against all remote attacks, except for hacks via the input port while a party is waiting for input. To achieve this level of security, the parties' inputs and outputs are authenticated, masked and shared in our protocols in such a way that an adversary is unable to learn or modify them when gaining control over a party via a remote hack. For simplicity we assume erasing parties in our constructions. This is, however, not necessary and we show that this assumption can be dropped.

The remotely unhackable hardware modules applied in this work are based on substantially weaker assumptions than the hardware tokens proposed by Katz at EUROCRYPT `07. In particular, they are not assumed to be physically tamper-proof, can thus not be passed to other (possibly malicious) parties, and are therefore not sufficient to circumvent the impossibility results in the Universal Composability (UC) framework. Therefore, our protocols still rely on additional, well-established setup assumptions.

Since the advantages provided by unhackable hardware modules, e.g. isolation properties, cannot be adequately captured in existing composable security frameworks, we have conceived a new security framework based on the UC framework. We call our framework Fortified UC.

Category / Keywords: cryptographic protocols / universal composability, secure hardware modules

Date: received 25 May 2018, last revised 26 Oct 2018

Contact author: brandon broadnax at kit edu

Available format(s): PDF | BibTeX Citation

Version: 20181026:141855 (All versions of this report)

Short URL: ia.cr/2018/519


[ Cryptology ePrint archive ]