Wednesday, August 24, 2016

Security and trust measures at hardware level

In recent years, the production and assembly of integrated circuits industry has grown a lot. Consequently, the number of intermediaries is now far of the control that all chips need to ensure their smooth functioning in the final product.

This is also known by cryber crime industry. It has left its mark on this chain, leaving back doors or design flaws, in order to let cyber criminals to show the security in end devices.

In this scenario it is important to call attention to an interesting proposal of Siddharth Garg, an assistant professor of electrical and computer engineering at the NYU Tandon School of Engineering. Siddharth defends the implementation of a chip with an embedded module that proves that its calculations are correct and an external module that validates the first module's proofs.
Under the system proposed, if a malware is affecting negatively the smooth running of the chip, the system may notice it and could release a patch that would be downloaded on all devices affected.
The technology has been called "verifiable computing" (VC) and it has also a point in its favour: changes in the manufacturing chain are not needed.

"Employing an external verification unit made by a trusted fabricator means that I can go to an untrusted foundry to produce a chip that has not only the circuitry-performing computations, but also a module that presents proof of correctness".
The prototype has been designed thanks to National Science Foundation, that has donated $3 million and we hope that quickly reach the stage of having it in our devices.

In addition to this study about verifiable ASICs in the last seven days we can also highlight the results of the research about the vulnerabilities in base transceiver stations by Zimperium and the defeating face liveness detection by building virtual models from public photos runned by some researchers from the University of North Carolina.

0 comments:

Post a Comment