Skip to main content
SpringerLink
Log in

A New Security Proof of Practical Cryptographic Devices Based on Hardware, Software and Protocols

  • Conference paper
Information Security Practice and Experience (ISPEC 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6672))

  • 1048 Accesses

Abstract

Nowadays, cryptographic devices are widely used, so how to assess the security of them becomes a pivotal issue. There are two conventional ways to do this, by analyzing the underlying cryptographic protocols or by estimating if the devices meet standards such as FIPS 140-2 or Common Criteria Standard Documents. However, neither of them provides a comprehensive view of the security of the devices.

In this paper, we first propose a bottom-up method to prove the UC (Universally Composable) security of the cryptographic devices composed by hardware, software and protocols, and give a general security framework of them. Base on the framework, we present a method that describes the local physical security of cryptographic SoC hardware as UC security. Then we establish the equivalence of software codes and the real-world models in the condition of “Exactly Realize”, which illustrate the UC security of software. Besides, we propose methods to construct UC secure cryptographic modules from UC secure cryptographic SoC and a further method to construct UC secure cryptographic devices. Furthermore, based on the idea of bottom-up, we can develop new UC secure cryptographic devices which are more powerful by the combination of the existed UC secure cryptographic devices.

Supported by the National Natural Science Foundation of China (NSFC Grant No.61072047), Innovation Scientists and Technicians Troop Construction Projects of Zhengzhou City (096SYJH21099), and the Open Project Program of Key Lab of Cryptologic Technology and Information Security (Shandong University), Ministry of Education, China.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Beijing Huaqi Information Digital Technology Company: Introduction of Aigo USB Flash Disk L8267 Secure Version (2010), http://www.aigo.com/

  2. Bell, D.E., La Padula L.J.: Secure computer system: A Mathematical Model. Hanscom AFB, Bedford, MA, Rep. ESD-TR-73-278, vol. 2, ESD/AFSC (1973)

    Google Scholar 

  3. Biba, K.J.: Integrity Considerations for Secure Computer Systems. ESD-TR-76-372, ESD/AFSC, Hanscom AFB, Bedford, MA (1977)

    Google Scholar 

  4. Burrow, M., Abadi, M., Needham, R.: A Logic of Authentication. Proceedings of the Royal Society of London, Series A, Mathematical and Physical Sciences 426(1871), 233–271 (1989)

    Article  MathSciNet  MATH  Google Scholar 

  5. Canetti R., Chari S., Halevi S., Pfitzmann B., et al.: Composable Security Analysis of OS Services. Cryptology ePrint Archive (2010), http://eprint.iacr.org/2010/213.pdf

  6. Canetti, R., Halevi, S., Katz, J., Lindell, Y., MacKenzie, P.: Universally Composable Password-Based Key Exchange. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 404–421. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  7. Canetti, R., Krawczyk, H.: Universally Composable Notions of Key Exchange and Secure Channels. In: Knudsen, L. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 337–351. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  8. Canetti R.: Universal Composable Security: A New Paradigm for Cryptographic Protocols. In 42nd Annual Syposium on Foundations of Computer Science, pp. 136–145 (2001); An updated version is available from the Cryptology ePrint Archieve, Report 2000/067

    Google Scholar 

  9. Chari, S., Jutla, C., Rao, J., Rohatgi, P.: Towards Sound Approaches to Counteract Power-Analysis Attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  10. Chen, H., Wagner, D.: MOPS: An Infrastructure for Examining Security Properties of Software. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 235–244. ACM Press, New York (2002)

    Google Scholar 

  11. Common Criteria Project/ISO: Common Criteria for Information Technology Security Evaluation Version 2.1 (ISO/IEC 15408) (1999), http://www.commoncriteria.org

  12. Dolev, D., Yao, A.: On the Security of Public Key Protocols. IEEE Trans. on Information Theory 29(2), 198–208 (1983)

    Article  MathSciNet  MATH  Google Scholar 

  13. Ferguson, N., Schneier, B., Kohno, T.: Cryptography Engineering: Design Principles and Practical Applications. Wiley, Hoboken (2010)

    Google Scholar 

  14. Katz, J.: Universally Composable Multi-party Computation Using Tamper-Proof Hardware. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 115–128. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  15. Kayem, A., Akl, S., Martin, P.: Adaptive Cryptographic Access Control. Springer, Heidelberg (2010)

    Book  MATH  Google Scholar 

  16. Kingston Technology Corporation: DataTraveler Family - USB Flash Drives (2010), http://www.kingston.com/flash/datatraveler_home.asp

  17. Koblitz, N., Menezes, A.: Another Look at Provable Security. Journal of Cryptology 20, 3–37 (2007)

    Article  MathSciNet  MATH  Google Scholar 

  18. Koc, C.K.: Cryptographic Engineering. Springer, Heidelberg (2008)

    Google Scholar 

  19. Li, Z., Zhang, L., Liu, Y.: Foundations of Cryptographic Engineering. Information Science and Technology Institute Press, Zhengzhou (2008)

    Google Scholar 

  20. Liao, W.-S., Hsiung, P.-A.: FVP: a Formal Verification Platform for SoC. In: Proceeding of IEEE International SOC Conference, pp. 21–24. IEEE Press, New York (2003)

    Google Scholar 

  21. Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks: Revealing the Secrets of Smart Cards. Springer, Heidelberg (2007)

    MATH  Google Scholar 

  22. Marrero W., Clarke E., Jha S.: Model Checking for Cryptographic Protocols. In: Proc of DIMACS Workshop on Design and Formal Verification of Security Protocols, Piscataway, NJ, pp. 147–166 (1997)

    Google Scholar 

  23. Menezes, A.J., Van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)

    MATH  Google Scholar 

  24. Murdoch, S., Drimer, S., Anderson, R., Bond, M.: Chip and PIN is Broken. In: IEEE Symposium on Security and Privacy, pp. 433–446. IEEE Press, New York (2010)

    Google Scholar 

  25. National Institute of Standards and Technology: FIPS 140-2: Security Requirement for Cryptogoraphic Modules (2001), http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf

  26. Visa International: Visa Integrated Circuit Card - Card Specification, Version 1.4.0 (2001), http://www.scardsoft.com/documents/VISA/ICC_Card.pdf

  27. Zhan, J., Sang, N., Xiong, G.: Formal Co-verification for SoC Design with Colored Petri Net. In: Wu, Z., Chen, C., Guo, M., Bu, J. (eds.) ICESS 2004. LNCS, vol. 3605, pp. 188–195. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  28. The full version of this paper, http://www.mathmagic.cn/wanganl/ISPEC2011full.pdf

Download references

Author information

Authors and Affiliations

  1. Key Laboratory of Cryptologic Technology and Information Security, Ministry of Education, Shandong University, Jinan, 250100, China

    An Wang & Yanyan Yu

  2. Department of Electronic Technology, Information Science and Technology Institute, Zhengzhou, 450004, China

    Zheng Li & Xianwen Yang

Authors
  1. An Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zheng Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xianwen Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yanyan Yu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institute for Infocomm Research, 1 Fusionopolis Way, # 19-01 Connexis (South Tower), 138632, Singapore, Singapore

    Feng Bao

  2. Jinan University, Huangpu Avenue West 602, 510632, Tianhe District, Guangzhou, China

    Jian Weng

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Wang, A., Li, Z., Yang, X., Yu, Y. (2011). A New Security Proof of Practical Cryptographic Devices Based on Hardware, Software and Protocols. In: Bao, F., Weng, J. (eds) Information Security Practice and Experience. ISPEC 2011. Lecture Notes in Computer Science, vol 6672. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21031-0_29

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-21031-0_29

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-21030-3

  • Online ISBN: 978-3-642-21031-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation