Abstract
This paper presents the theoretical blueprint of a new secure token called the Externalized Microprocessor (X μ P). Unlike a smart-card, the X μ P contains no ROM at all.
While exporting all the device’s executable code to potentially untrustworthy terminals poses formidable security problems, the advantages of ROM-less secure tokens are numerous: chip masking time disappears, bug patching becomes a mere terminal update and hence does not imply any roll-out of cards in the field. Most importantly, code size ceases to be a limiting factor. This is particularly significant given the steady increase in on-board software complexity.
After describing the machine’s instruction-set we introduce a public-key oriented architecture design which relies on a new RSA screening scheme and features a relatively low communication overhead. We propose two protocols that execute and dynamically authenticate arbitrary programs, provide a strong security model for these protocols and prove their security under appropriate complexity assumptions.
Chapter PDF
Similar content being viewed by others
Keywords
References
Aho, A., Sethi, R., Ullman, J.: Compilers: Principles, Techniques, and Tools. Addison-Wesley, Reading (1986)
Biham, E., Shamir, A.: Differential Fault Analysis of Secret Key Cryptosystems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997)
Biehl, I., Meyer, B., Müller, V.: Differential Fault Attacks on Elliptic Curve Cryptosystems. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 131–146. Springer, Heidelberg (2000)
Bellare, M., Garay, J., Rabin, T.: Fast Batch Verification for Modular Exponentiation and Digital Signatures. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 236–250. Springer, Heidelberg (1998)
Bellare, M., Rogaway, P.: Random Oracles Are Practical: a Paradigm for Designing Efficient Protocols. In: Proceedings of the first CCS, pp. 62–73. ACM Press, New York (1993)
Chevallier-Mames, B., Naccache, D., Paillier, P., Pointcheval, D.: How to Disembed a Program?, IACR ePrint Archive, http://eprint.iacr.org (2004)
Chen, Z.: Java Card Technology for Smart Cards: Architecture and Programmer’s Guide. The Java Series. Addison-Wesley, Reading (2000)
Coron, J.-S.: On the exact security of full domain hash. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, p. 229. Springer, Heidelberg (2000)
Coron, J.-S., Naccache, D.: On the Security of RSA Screening. In: Proceedings of the Fifth CCS, pp. 197–203. ACM Press, New York (1998)
Knuth, D.E.: The Art of Computer Programming, 3rd edn. Seminumerical Algorithms, vol. 1, pp. 124–185. Addison-Wesley, Reading (1997)
Muchnick, S.: Advanced Compiler Design and Implementation. Morgan Kaufmann, San Francisco (1997)
Ramalingam, G.: Identifying Loops in Almost Linear Time. ACM Transactions on Programming Languages and Systems 21(2), 175–188 (1999)
Stata, R., Abadi, M.: A Type System for Java Bytecode Subroutines, SRC Research Report 158, June 11 (1998), http://www.research.digital.com/SRC/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chevallier-Mames, B., Naccache, D., Paillier, P., Pointcheval, D. (2004). How to Disembed a Program?. In: Joye, M., Quisquater, JJ. (eds) Cryptographic Hardware and Embedded Systems - CHES 2004. CHES 2004. Lecture Notes in Computer Science, vol 3156. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-28632-5_32
Download citation
DOI: https://doi.org/10.1007/978-3-540-28632-5_32
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22666-6
Online ISBN: 978-3-540-28632-5
eBook Packages: Springer Book Archive