# Trusted Computing Amidst Untrustworthy Intermediaries - PowerPoint PPT Presentation

Trusted Computing Amidst Untrustworthy Intermediaries

1 / 24

## Trusted Computing Amidst Untrustworthy Intermediaries

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
##### Presentation Transcript

1. Trusted Computing Amidst Untrustworthy Intermediaries Mike Langston Department of Computer Science University of Tennessee currently on leave to Computer Science and Mathematics Division Oak Ridge National Laboratory USA

2. Overview Highly Parallel Scalable Network Variable Topology Internet Like But Untrusted! Programs Data

3. Possible Solutions • Accept faulty results. Uh, no thanks. • Authenticate/verify by central authority. Unrealistic, does not scale. • Exploit complexity and checkability. Problems in NP can be hard to solve -- but they are always easy to check! No need for centralized control, ownership, or verification.

4. A Little Complexity Theory The Classic View: “easy” P … … NP Σ P PSPACE 2

5. A Little Complexity Theory • The Classic View: “easy” NP-complete P … … NP Σ P PSPACE 2 “hard”

6. A Little Complexity Theory • The Classic View: “fuggettaboutit” “easy” P … … NP Σ P PSPACE 2 “hard”

7. Parameter Sensitivity: Instance(n,k) • Suppose our problem is, say, NP-complete. • Consider an algorithm with a time bound such as O(2k+n). • And now one with a time bound more like O(2k+n).

8. Parameter Sensitivity: Instance(n,k) • Suppose our problem is, say, NP-complete. • Consider an algorithm with a time bound such as O(2k+n). • And now one with a time bound more like O(2k+n). • Both are exponential in parameter value(s).

9. Parameter Sensitivity: Instance(n,k) • Suppose our problem is, say, NP-complete. • Consider an algorithm with a time bound such as O(2k+n). • And now one with a time bound more like O(2k+n). • Both are exponential in parameter value(s). • But what happens when k is fixed?

10. Parameter Sensitivity: Instance(n,k) • Suppose our problem is, say, NP-complete. • Consider an algorithm with a time bound such as O(2k+n). • And now one with a time bound more like O(2k+n). • Both are exponential in parameter value(s). • But what happens when k is fixed? • Fixed Parameter Tractability: confines superpolynomial behavior to the parameter.

11. Complexity Theory, Revised Hence, the Parameterized View: “solvable (even if NP-complete)” … … W[2] XP W[1] FPT

12. Complexity Theory, Revised The Parameterized View: “solvable (even if NP-hard!)” … … W[2] XP W[1] FPT “heuristics only”

13. Complexity Theory, Revised The Parameterized View: “I said fuggettaboutit!” “solvable (even if NP-hard!)” … … W[2] XP W[1] FPT “heuristics only”

14. Target Problems • Not membership in P (assuming P≠NP) • hard to compute

15. Target Problems • Not membership in P (assuming P≠NP) • hard to compute • Membership in NP • easy to check

16. NP-complete FPT Target Problems • Not membership in P (assuming P≠NP) • hard to compute • Membership in NP • easy to check • Fixed Parameter Tractable • use kernelization and branching

17. Kernelization • Consider Clique and Vertex Cover • High Degree Rule(s) • Low Degree Rule(s) • LP, Crown Reductions • kernel of linear size, and extreme density • the “hard part” of the problem instance

18. Branching • Let’s stay with Clique and Vertex Cover • Bounded tree search • Depth at most k • With this technique, we can now solve vertex cover in O(1.28k+n) time • Easily parallelizable • No processor sees another’s work, nor the original graph

19. Branching as A Form of Cyber Security Data decomposition Answer check (NP certificate) . Untrusted intermediaries cannot deduce data Nor can they spoof answers . . . . . .

20. Overall Appeal • Verifiability • easy to check answers: a faulty or malicious processor cannot invalidate or subvert computations

21. Overall Appeal • Verifiability • easy to check answers: a faulty or malicious processor cannot invalidate or subvert computations • Security • damage from intrusion contained: strong concealment of the total problem is a natural part of this method

22. Overall Appeal • Verifiability • easy to check answers: a faulty or malicious processor cannot invalidate or subvert computations • Security • damage from intrusion contained: strong concealment of the total problem is a natural part of this method • Scalability • branching translates into partitioning: no a priori bounds on the degree of parallelism

23. Overall Appeal • Verifiability • easy to check answers: a faulty or malicious processor cannot invalidate or subvert computations • Security • damage from intrusion contained: strong concealment of the total problem is a natural part of this method • Scalability • branching translates into partitioning: no a priori bounds on the degree of parallelism • Robustness • subtrees are compartmentalized: processes can be reassigned at will

24. Research Thrusts • Range of amenable problems? • FPT • non FPT • Ubiquity of untrustworthy processors? • grid computing • unbrokered resource sharing • Relationship to traditional forms of security? • internet-style lightweight security • no heavyweight authentication needed