Paper 2025/761
TERRA : Trojan-Resilient Reverse-Firewall for Cryptographic Applications
Abstract
Reverse firewalls (RFs), introduced by Mironov and Stephens Davidowitz at Eurocrypt 2015, provide a defence mechanism for cryptographic protocols against subversion attacks. In a subversion setting, an adversary compromises the machines of honest parties, enabling the leakage of their secrets through the protocol transcript. Previous research in this area has established robust guarantees, including resistance against data exfiltration for an RF. In this work, we present a new perspective focused on the implementation specifics of RFs. The inherently untrusted nature of RFs exposes their real-world implementations to the risk of Trojan insertion — an especially pressing issue in today’s outsourced supply chain ecosystem. We argue how Trojan-affected RF implementations can compromise their core exfiltration resistance property, leading to a complete breakdown of the RF’s security guarantees. Building on this perspective, we propose an enhanced definition for ``Trojan-resilient Reverse Firewalls'' (Tr-RF), incorporating an additional Trojan resilience property. We then present concrete instantiations of Tr-RFs for Coin Tossing (CT) and Oblivious Transfer (OT) protocols, utilizing techniques from Private Circuit III (CCS'16) to convert legacy RFs into Tr-RFs. We also give simulation-based proofs to claim the enhanced security guarantees of our Tr-RF instantiations. Additionally, we offer concrete implementations of our Tr-RF based CT and OT protocols utilizing the Open-Portable Trusted Execution Environment (OP-TEE). Through OP-TEE, we practically realize assumptions made in Private Circuit III that are critical to ensuring Tr-RF security, bridging the gap between theoretical models and real-world applications. To the best of our knowledge, this provides the first practical implementation of reverse firewalls for any cryptographic functionality. Our work emphasizes the importance of evaluating protocol specifications within implementation-specific contexts.
Metadata
- Available format(s)
-
PDF
- Category
- Cryptographic protocols
- Publication info
- Preprint.
- Keywords
- Reverse FirewallTrojan-ResilientSplit Manufacturing
- Contact author(s)
-
cchaudhary278 @ gmail com
neelam nimish @ gmail com
suvradip1111 @ gmail com
satrajit @ cse iitkgp ac in
debdeep mukhopadhyay @ gmail com - History
- 2025-04-30: revised
- 2025-04-29: received
- See all versions
- Short URL
- https://ia.cr/2025/761
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2025/761, author = {Chandan Kumar and Nimish Mishra and Suvradip Chakraborty and Satrajit Ghosh and Debdeep Mukhopadhyay}, title = {{TERRA} : Trojan-Resilient Reverse-Firewall for Cryptographic Applications}, howpublished = {Cryptology {ePrint} Archive, Paper 2025/761}, year = {2025}, url = {https://eprint.iacr.org/2025/761} }