•   When: Friday, November 08, 2024 from 11:00 AM to 12:00 PM
•   Speakers: Professor Thomas Shrimpton
•   Location: Johnson Center, Room 337-G
•   Export to iCal

Abstract:

With rare exceptions, integrated-circuit design houses do not own and operate their own foundries.  As a result, they must ship their circuit-design IP to external foundries for fabrication into sellable chips.  But what if the IP author does not explicitly trust the foundry?  IP theft and all that it enables —production of unauthorized or counterfeit chips, out-of-spec chips, embedding of hardware trojans— represents a multi-billion dollar problem for IC houses, in practice.  As a result, the hardware security community has spent more than a decade trying to create mechanisms that transform the original circuit-design into something that is (1) “close enough” to the original, so that the chip can be restored by the IP author (via simple, black-box operations) to the intended functionality; yet, (2)  “far enough” from the original design that it prevents easy recovery of the intended functionality.  These research efforts have had very limited success.  In fact, essentially all of the proposed mechanisms have been broken, sometimes before the mechanism was officially published.  We believe that this is, in large part, due to the lack of guiding foundations for the area.

In this talk, we’ll introduce the design-hiding problem and give it a provable-security treatment: we’ll define the design-hiding scheme abstraction (i.e., what is the thing that the hardware folks aimed to realize), and provide a proper notion of security against reverse-engineering attacks (i.e., what a secure realization should guarantee).  With these in hand, we’ll describe a conceptually simple way to prevent reverse-engineering attacks… but only for the very restricted special case that the hardware community has been chasing, under specific assumptions about what the foundry “knows”, and for foundries that are honest-but-curious.  Moreover, we’ll see that our simple and provably secure, scheme isn’t really a good fit for standard circuit-design workflows.  In short: the real benefit of solving the long-standing problem was, arguably, to highlight just how much distance there is between the first provably secure solution, and what would actually be of use in practice.  We’ll explore this, and try to give some intuition for the challenges that future work will face.

Bio:

Tom Shrimpton is a professor in the Department of Computer and Information Science and Engineering at the University of Florida.  He joined UF in 2015 as part of the state-funded "Rising to Preeminence" initiative.  Professor Shrimpton's research is in cryptography, with an emphasis on theoretical foundations for cryptographic practice, and applying cryptography to build secure systems.  For more than 20 years, his work has been featured in top conferences and journals, covering a variety of topics including: symmetric-key cryptographic primitives, cryptographic protocols, analysis of cryptographic standards and software libraries, secure data structures, security for the IC supply chain, and technologies for censorship circumvention.  He was the recipient of a National Science Foundation (NSF) CAREER award, and his research has been supported by numerous NSF and DARPA grants, and generous industrial gifts.