1 / 12

TRUSTED FLOW: Why, How and Where???

TRUSTED FLOW: Why, How and Where???. Moti Yung Columbia University. Adi Shamir’s Turing Award Lecture 2002. No absolute Security in Systems Half the number of problems for double price Future Predictions

kagami
Download Presentation

TRUSTED FLOW: Why, How and Where???

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. TRUSTED FLOW: Why, How and Where??? Moti Yung Columbia University

  2. Adi Shamir’s Turing Award Lecture 2002 • No absolute Security in Systems • Half the number of problems for double price • Future Predictions • Vigorous crypto research will continue but only the very simple results will be implemented • Non-crypto security will continue to be a mess

  3. Crypto is good at • Securing transmissions • Securing data at rest • Integrity of messages and entities • Strong when secure storage for keys is assumed • Without secure strong keys (and true randomness) crypto is weakened • Thus: message confidentiality, integrity, user authentication/ signatures and protocols based on combined confidentiality and integrity have been achieved (eliminating many of the “man in the middle” attacks)

  4. Crypto does not solve everything (also said by Shamir 2002) • Many of the systems issues “around crypto” are not solved • The ideal situation is: use a computer that is never tampered with and always runs the same program and is never connected to the network! But, the reality is that this is not the case [No computer in a trusted box situation]– so we need on-line assurance. [Trusted Computing Platform- an attempt to take part of the computer to be disconnected from its user].

  5. Trusted Flow- what? • Trusted Flow’s Goal: reduce the mess involved in assuring the remote unit is executing the “right” software (NOT the “man in the middle” but “the software/ platform at the other end”). • Remote trust: ideal situation– we know that the other end executes the “right things”: handles the content properly as required in DRM or access the network at a given rate as allowed, etc. • Remote trust have various applications: access control, access rights and pattern.

  6. How we assure remote trust • Get rid of semantics and use “syntactic methods” such as cryptographic methods. Mark the feedback with “cryptographic tags” that are unpredictable unless a certain action was taken. • Bind the action that produces the tags with “executing correctly in a trusted fashion” • The tags on the signals assure that the remote device follows the rules (is trusted). • How: idea bind the tag generation with execution by trusted software. • BUT: there are no ways to assure this unless we have computer in a trusted box situation!! • ARE WE IN A GORDIAN KNOT CASE???

  7. Assurance • We may have some small program portions on a smart card together with the tag generation… • Generally, without dedicated hardware, we will need to put the trusted software together with tag generation: Tool– software obfuscation. • Ideal Obfuscation is a great tool: e.g. can turn symmetric key cryptography into a public-key cryptography.

  8. Obfuscation • Generally: it is a hard problem. • In an interactive case as in trusted flow we may be able to strengthen it • Practice of obfuscation is hard (an art and not a science). • Recently [crypto 01]: theorem: general obfuscation is impossible. There are functions that are not obfuscatable. • Does it kill obfuscation?

  9. Obfuscation • Did the Incompleteness Theorem kill mathematics? Did Turing un-decidability of the halting problem kill computer science? (we can never tell if a program will stop). • This meant that “general schemes” are gone, but localized theory is still rich in structure. • Obfuscation is hard and requires specialized treatment of many cases and a lot of understanding is missing. It means that the “science” of obfuscation is a hard task • In fact [Eurocrypt 04] there are functions that are provably obfuscatable (using crypto). • Both “positive” and “negative” functions are not interesting !!!

  10. Do we understand remote trust assurance • No: • There will be many new applications of something like trusted flow • There may also be issues that it cannot deal with properly or single-handedly • However: we need to develop mechanisms to connect “trust in software” to assure the proper environment. Thus: we need to further build t.f. and strengthen it and think about possible alternatives under the “needed remote trust” assumption.

  11. Remote Trust Applications • Access to information is done properly (DRM) • Access to the network is done correctly (media access control) • Access to the message sent is done correctly (generated in a trusted environment, e.g. a virus protected case)– assuring computing path • Assuring the right component – adding integrity functions, no cloning, friend-or-foe software component • Etc. etc.

  12. Conclusions (??) • We need remote trust to assure the right environment and the correct software and platform • No one (except Trusted computing platform in some narrow sense) work on this seriously, but many ASSUME such environments. • Do we do it with trusted flow? Alternatives? Add-on’s to T.F.? Strengthening? Weak point? • This needs to be seen and realized……a lot of conceptualization is still required, and a lot more experimentation……………… • Questions? Remarks? Criticism?

More Related