11.7 System Level Security

Time	Label	Presentation Title Authors
14:00	11.7.1	AMSA: ADAPTIVE MERKLE SIGNATURE ARCHITECTURE Speaker: Emanuel Regnath, TU Munich, DE Authors: Emanuel Regnath and Sebastian Steinhorst, TU Munich, DE Abstract Hash-based signatures (HBS) are promising candidates for quantum-secure signatures on embedded IoT devices because they only use fast integer math, are well understood, produce small public keys, and offer many design parameters. However, HBS can only sign a limited amount of messages and produce - similar to most post-quantum schemes - large signatures of several kilo bytes. In this paper, we explore possibilities to reduce the size of the signatures by 1. improving the Winternitz One-Time Signature with a more efficient encoding and 2. offloading auxiliary data to a gateway. We show that for similar security and performance, our approach produces 2.6 % smaller signatures in general and up to 17.3 % smaller signatures for the sender compared to the related approaches LMS and XMSS. Furthermore, our open-source implementation allows a wider set of parameters that allows to tailor the scheme to the available resources of an embedded device, which is an important factor to overcome the security challenges in IoT. Download Paper (PDF; Only available from the DATE venue WiFi)
14:30	11.7.2	DISSECT: DYNAMIC SKEW-AND-SPLIT TREE FOR MEMORY AUTHENTICATION Speaker: Lam Siew-Kei, Nanyang Technological University, SG Authors: Saru Vig¹, Rohan Juneja² and Siew Kei Lam¹ ¹Nanyang Technological University, SG; ²Qualcomm, IN Abstract Memory integrity trees are widely-used to protect external memories in embedded systems against replay, splicing and spoofing attacks. However, existing methods often result in high-performance overhead that is proportional to the height of the tree. Reducing the height of the integrity tree by increasing its arity, however, leads to frequent overflowing of the counters that are used for encryption in the tree. We will show that increasing the tree arity of a widely-used integrity tree from 2 to 8 can result in over 200% increase in memory authentication overhead for some benchmark applications, despite the reduction in tree height. In this paper, we propose DISSECT, a memory authentication framework which utilizes a dynamic memory integrity tree that can adapt to the memory access patterns of the application by progressively adjusting the tree height and arity in order to significantly reduce performance overhead. This is achieved by 1) initializing an integrity tree structure with the largest arity possible considering the performance impact due to counter overflow, 2) dynamically skewing the tree such that the more frequently accessed memory locations are positioned closer to the tree root (overcomes the tree height problem), and 3) dynamically splitting the tree at nodes with counters that are about to overflow (overcomes the counter overflow problem). Experimental results undertaken using Multi2Sim on benchmarks from SPEC-CPU2006, SPLASH-2, and PARSEC demonstrate the performance benefits of our proposed memory integrity tree. Download Paper (PDF; Only available from the DATE venue WiFi)
15:00	11.7.3	DESIGN-FLOW METHODOLOGY FOR SECURE GROUP ANONYMOUS AUTHENTICATION Speaker: Rashmi Agrawal, Boston University, US Authors: Rashmi Agrawal¹, Lake Bu², Eliakin del Rosario¹ and Michel Kinsy¹ ¹Boston University, US; ²Draper Lab, US Abstract In heterogeneous distributed systems, the computing devices and software components often come from different providers and have different security, trust, and privacy levels. In many of the systems, the need frequently arises to (i) control the access to services and resources granted to the individual devices or components in a context-aware manner, and (ii) establish and enforce data sharing policies that preserve the privacy of the critical information on end-users. In essence, the need is to simultaneously authenticate and anonymize an entity or device, two seemingly contradictory goals. The design challenge is further complicated by potential security problems such as man-in-the-middle attacks, hijacked devices, and counterfeits. In this work, we present a system design flow for a trustworthy group anonymous authentication protocol (GAAP), which not only fulfills the desired functionality for authentication and privacy, but also provides strong security guarantees. Download Paper (PDF; Only available from the DATE venue WiFi)
15:30	IP5-12, 708	BLOCKCHAIN TECHNOLOGY ENABLED PAY PER USE LICENSING APPROACH FOR HARDWARE IPS Speaker: Krishnendu Guha, University of Calcutta, IN Authors: Krishnendu Guha, Debasri Saha and Amlan Chakrabarti, University of Calcutta, IN Abstract The present era is witnessing a reuse of hardware IPs to reduce cost. As trustworthiness is an essential factor, designers prefer to use hardware IPs which performed effectively in the past, but at the same time, are still active and did not age. In such scenarios, pay per use licensing schemes suit best for both producers and users. Existing pay per use licensing mechanisms consider a centralized third party, which may not be trustworthy. Hence, we seek refuge to blockchain technology to eradicate such third parties and facilitate a transparent and automated pay per use licensing mechanism. A blockchain is a distributed public ledger whose records are added based on peer review and majority consensus of its participants, that cannot be tampered or modified later. Smart contracts are deployed to facilitate the mechanism. Even dynamic pricing of the hardware IPs based on the factors of trustworthiness and aging have been focused in this work, which are not associated in existing literature. Security analysis of the proposed mechanism has been provided. Performance evaluation is carried based on the gas usage of Ethereum Solidity test environment, along with cost analysis based on lifetime and related user ratings. Download Paper (PDF; Only available from the DATE venue WiFi)
15:30		End of session

Time

Label

Presentation Title
Authors

14:00

11.7.1

AMSA: ADAPTIVE MERKLE SIGNATURE ARCHITECTURE
Speaker:
Emanuel Regnath, TU Munich, DE
Authors:
Emanuel Regnath and Sebastian Steinhorst, TU Munich, DE
Abstract
Hash-based signatures (HBS) are promising candidates for quantum-secure signatures on embedded IoT devices because they only use fast integer math, are well understood, produce small public keys, and offer many design parameters. However, HBS can only sign a limited amount of messages and produce - similar to most post-quantum schemes - large signatures of several kilo bytes. In this paper, we explore possibilities to reduce the size of the signatures by 1. improving the Winternitz One-Time Signature with a more efficient encoding and 2. offloading auxiliary data to a gateway. We show that for similar security and performance, our approach produces 2.6 % smaller signatures in general and up to 17.3 % smaller signatures for the sender compared to the related approaches LMS and XMSS. Furthermore, our open-source implementation allows a wider set of parameters that allows to tailor the scheme to the available resources of an embedded device, which is an important factor to overcome the security challenges in IoT.
Download Paper (PDF; Only available from the DATE venue WiFi)

14:30

11.7.2

DISSECT: DYNAMIC SKEW-AND-SPLIT TREE FOR MEMORY AUTHENTICATION
Speaker:
Lam Siew-Kei, Nanyang Technological University, SG
Authors:
Saru Vig¹, Rohan Juneja² and Siew Kei Lam¹
¹Nanyang Technological University, SG; ²Qualcomm, IN
Abstract
Memory integrity trees are widely-used to protect external memories in embedded systems against replay, splicing and spoofing attacks. However, existing methods often result in high-performance overhead that is proportional to the height of the tree. Reducing the height of the integrity tree by increasing its arity, however, leads to frequent overflowing of the counters that are used for encryption in the tree. We will show that increasing the tree arity of a widely-used integrity tree from 2 to 8 can result in over 200% increase in memory authentication overhead for some benchmark applications, despite the reduction in tree height. In this paper, we propose DISSECT, a memory authentication framework which utilizes a dynamic memory integrity tree that can adapt to the memory access patterns of the application by progressively adjusting the tree height and arity in order to significantly reduce performance overhead. This is achieved by 1) initializing an integrity tree structure with the largest arity possible considering the performance impact due to counter overflow, 2) dynamically skewing the tree such that the more frequently accessed memory locations are positioned closer to the tree root (overcomes the tree height problem), and 3) dynamically splitting the tree at nodes with counters that are about to overflow (overcomes the counter overflow problem). Experimental results undertaken using Multi2Sim on benchmarks from SPEC-CPU2006, SPLASH-2, and PARSEC demonstrate the performance benefits of our proposed memory integrity tree.
Download Paper (PDF; Only available from the DATE venue WiFi)

15:00

11.7.3

DESIGN-FLOW METHODOLOGY FOR SECURE GROUP ANONYMOUS AUTHENTICATION
Speaker:
Rashmi Agrawal, Boston University, US
Authors:
Rashmi Agrawal¹, Lake Bu², Eliakin del Rosario¹ and Michel Kinsy¹
¹Boston University, US; ²Draper Lab, US
Abstract
In heterogeneous distributed systems, the computing devices and software components often come from different providers and have different security, trust, and privacy levels. In many of the systems, the need frequently arises to (i) control the access to services and resources granted to the individual devices or components in a context-aware manner, and (ii) establish and enforce data sharing policies that preserve the privacy of the critical information on end-users. In essence, the need is to simultaneously authenticate and anonymize an entity or device, two seemingly contradictory goals. The design challenge is further complicated by potential security problems such as man-in-the-middle attacks, hijacked devices, and counterfeits. In this work, we present a system design flow for a trustworthy group anonymous authentication protocol (GAAP), which not only fulfills the desired functionality for authentication and privacy, but also provides strong security guarantees.
Download Paper (PDF; Only available from the DATE venue WiFi)

15:30

IP5-12, 708

BLOCKCHAIN TECHNOLOGY ENABLED PAY PER USE LICENSING APPROACH FOR HARDWARE IPS
Speaker:
Krishnendu Guha, University of Calcutta, IN
Authors:
Krishnendu Guha, Debasri Saha and Amlan Chakrabarti, University of Calcutta, IN
Abstract
The present era is witnessing a reuse of hardware IPs to reduce cost. As trustworthiness is an essential factor, designers prefer to use hardware IPs which performed effectively in the past, but at the same time, are still active and did not age. In such scenarios, pay per use licensing schemes suit best for both producers and users. Existing pay per use licensing mechanisms consider a centralized third party, which may not be trustworthy. Hence, we seek refuge to blockchain technology to eradicate such third parties and facilitate a transparent and automated pay per use licensing mechanism. A blockchain is a distributed public ledger whose records are added based on peer review and majority consensus of its participants, that cannot be tampered or modified later. Smart contracts are deployed to facilitate the mechanism. Even dynamic pricing of the hardware IPs based on the factors of trustworthiness and aging have been focused in this work, which are not associated in existing literature. Security analysis of the proposed mechanism has been provided. Performance evaluation is carried based on the gas usage of Ethereum Solidity test environment, along with cost analysis based on lifetime and related user ratings.
Download Paper (PDF; Only available from the DATE venue WiFi)

15:30

End of session