Verifiable ASICs

Riad S. Wahby, Max Howald, Siddharth Garg, Abhi Shelat, Michael Walfish

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

A manufacturer of custom hardware (ASICs) can undermine the intended execution of that hardware, high-assurance execution thus requires controlling the manufacturing chain. However, a trusted platform might be orders of magnitude worse in performance or price than an advanced, untrusted platform. This paper initiates exploration of an alternative: using verifiable computation (VC), an untrusted ASIC computes proofs of correct execution, which are verified by a trusted processor or ASIC. In contrast to the usual VC setup, here the prover and verifier together must impose less overhead than the alternative of executing directly on the trusted platform. We instantiate this approach by designing and implementing physically realizable, area-efficient, high throughput ASICs (for a prover and verifier), in fully synthesizable Verilog. The system, called Zebra, is based on the CMT and Allspice interactive proof protocols, and required new observations about CMT, careful hardware design, and attention to architectural challenges. For a class of real computations, Zebra meets or exceeds the performance of executing directly on the trusted platform.

Original languageEnglish (US)
Title of host publicationProceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages759-778
Number of pages20
ISBN (Electronic)9781509008247
DOIs
StatePublished - Aug 16 2016
Event2016 IEEE Symposium on Security and Privacy, SP 2016 - San Jose, United States
Duration: May 23 2016May 25 2016

Other

Other2016 IEEE Symposium on Security and Privacy, SP 2016
CountryUnited States
CitySan Jose
Period5/23/165/25/16

Fingerprint

Application specific integrated circuits
Hardware
Computer hardware description languages
Throughput
Network protocols

ASJC Scopus subject areas

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications
  • Software

Cite this

Wahby, R. S., Howald, M., Garg, S., Shelat, A., & Walfish, M. (2016). Verifiable ASICs. In Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016 (pp. 759-778). [7546534] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/SP.2016.51

Verifiable ASICs. / Wahby, Riad S.; Howald, Max; Garg, Siddharth; Shelat, Abhi; Walfish, Michael.

Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016. Institute of Electrical and Electronics Engineers Inc., 2016. p. 759-778 7546534.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Wahby, RS, Howald, M, Garg, S, Shelat, A & Walfish, M 2016, Verifiable ASICs. in Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016., 7546534, Institute of Electrical and Electronics Engineers Inc., pp. 759-778, 2016 IEEE Symposium on Security and Privacy, SP 2016, San Jose, United States, 5/23/16. https://doi.org/10.1109/SP.2016.51
Wahby RS, Howald M, Garg S, Shelat A, Walfish M. Verifiable ASICs. In Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016. Institute of Electrical and Electronics Engineers Inc. 2016. p. 759-778. 7546534 https://doi.org/10.1109/SP.2016.51
Wahby, Riad S. ; Howald, Max ; Garg, Siddharth ; Shelat, Abhi ; Walfish, Michael. / Verifiable ASICs. Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016. Institute of Electrical and Electronics Engineers Inc., 2016. pp. 759-778
@inproceedings{29faa54f6c854213b19e949ab79bb009,
title = "Verifiable ASICs",
abstract = "A manufacturer of custom hardware (ASICs) can undermine the intended execution of that hardware, high-assurance execution thus requires controlling the manufacturing chain. However, a trusted platform might be orders of magnitude worse in performance or price than an advanced, untrusted platform. This paper initiates exploration of an alternative: using verifiable computation (VC), an untrusted ASIC computes proofs of correct execution, which are verified by a trusted processor or ASIC. In contrast to the usual VC setup, here the prover and verifier together must impose less overhead than the alternative of executing directly on the trusted platform. We instantiate this approach by designing and implementing physically realizable, area-efficient, high throughput ASICs (for a prover and verifier), in fully synthesizable Verilog. The system, called Zebra, is based on the CMT and Allspice interactive proof protocols, and required new observations about CMT, careful hardware design, and attention to architectural challenges. For a class of real computations, Zebra meets or exceeds the performance of executing directly on the trusted platform.",
author = "Wahby, {Riad S.} and Max Howald and Siddharth Garg and Abhi Shelat and Michael Walfish",
year = "2016",
month = "8",
day = "16",
doi = "10.1109/SP.2016.51",
language = "English (US)",
pages = "759--778",
booktitle = "Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
address = "United States",

}

TY - GEN

T1 - Verifiable ASICs

AU - Wahby, Riad S.

AU - Howald, Max

AU - Garg, Siddharth

AU - Shelat, Abhi

AU - Walfish, Michael

PY - 2016/8/16

Y1 - 2016/8/16

N2 - A manufacturer of custom hardware (ASICs) can undermine the intended execution of that hardware, high-assurance execution thus requires controlling the manufacturing chain. However, a trusted platform might be orders of magnitude worse in performance or price than an advanced, untrusted platform. This paper initiates exploration of an alternative: using verifiable computation (VC), an untrusted ASIC computes proofs of correct execution, which are verified by a trusted processor or ASIC. In contrast to the usual VC setup, here the prover and verifier together must impose less overhead than the alternative of executing directly on the trusted platform. We instantiate this approach by designing and implementing physically realizable, area-efficient, high throughput ASICs (for a prover and verifier), in fully synthesizable Verilog. The system, called Zebra, is based on the CMT and Allspice interactive proof protocols, and required new observations about CMT, careful hardware design, and attention to architectural challenges. For a class of real computations, Zebra meets or exceeds the performance of executing directly on the trusted platform.

AB - A manufacturer of custom hardware (ASICs) can undermine the intended execution of that hardware, high-assurance execution thus requires controlling the manufacturing chain. However, a trusted platform might be orders of magnitude worse in performance or price than an advanced, untrusted platform. This paper initiates exploration of an alternative: using verifiable computation (VC), an untrusted ASIC computes proofs of correct execution, which are verified by a trusted processor or ASIC. In contrast to the usual VC setup, here the prover and verifier together must impose less overhead than the alternative of executing directly on the trusted platform. We instantiate this approach by designing and implementing physically realizable, area-efficient, high throughput ASICs (for a prover and verifier), in fully synthesizable Verilog. The system, called Zebra, is based on the CMT and Allspice interactive proof protocols, and required new observations about CMT, careful hardware design, and attention to architectural challenges. For a class of real computations, Zebra meets or exceeds the performance of executing directly on the trusted platform.

UR - http://www.scopus.com/inward/record.url?scp=84987665807&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84987665807&partnerID=8YFLogxK

U2 - 10.1109/SP.2016.51

DO - 10.1109/SP.2016.51

M3 - Conference contribution

AN - SCOPUS:84987665807

SP - 759

EP - 778

BT - Proceedings - 2016 IEEE Symposium on Security and Privacy, SP 2016

PB - Institute of Electrical and Electronics Engineers Inc.

ER -