Access-Controlled Resource Discovery (2009)
Matthew Burnside, Dwaine Clarke, Sanjay Raman, Srinivas Devadas, Ronald Rivest
Introduction: Resource discovery is one of the fundamental challenges that must be faced in the context of pervasive computing. The dynamic nature of pervasive networks makes it difficult for users...
Blaise Gassend, Daihyun Lim, Dwaine Clarke, Marten Van Dijk
This paper describes a technique to reliably and securely identify individual integrated circuits (ICs) based on the precise measurement of circuit delays and a simple challengeresponse protocol....
Blaise Gassend, Daihyun Lim, Dwaine Clarke, Marten Van Dijk, Srinivas Devadas, Prof Holstlaan Eindhoven
This paper describes a technique to reliably and securely identify individual integrated circuits (ICs) based on the precise measurement of circuit delays and a simple challenge–response protocol....
AEGIS – Tamper Evident and Tamper Resistant Processing (2008)
G. Edward Suh, Dwaine Clarke, Marten Van Dijk, Srinivas Devadas, Tal Garfinkel, Ben Pfaff, ...
Trusted computing means that the computer will consistently behave in specific ways, and those behaviors will be enforced by hardware and software. Enlightened after reading the papers: Trusted...
ABSTRACT Silicon Physical Random Functions (2008)
Blaise Gassend, Dwaine Clarke, Marten Van Dijk, Srinivas Devadas, Blaise Gassend, Dwaine Clarke, ...
We describe the notion of a Physical Random Function (PUF). We argue that a complex integrated circuit can be viewed as a silicon PUF and describe a technique to identify and authenticate individual...
Controlled Physical Random Functions and Applications (2008)
Blaise Gassend, Marten Van Dijk, Dwaine Clarke, Emina Torlak
The cryptographic protocols that we use in everyday life rely on the secure storage of keys in consumer devices. Protecting these keys from invasive attackers, who open a device to steal its key is a...
Matt Burnside, Dwaine Clarke, Blaise Gassend, Thomas Kotwal, Marten Van Dijk, Srinivas Devadas, ...
Introduction: The use of computers in public places is increasingly common in everyday life. In using one of these computers, a user is trusting it to correctly carry out her orders. For many...
Offline Authentication of Untrusted Storage (2007)
Dwaine Clarke, Blaise Gassend, G. Edward Suh, Marten Van Dijk, Srinivas Devadas
We extend the offline memory correctness checking scheme presented by Blum et. al [BEG + 91], by using incremental cryptography, to detect attacks by an active adversary. We also introduce a hybrid...
Delay-Based Circuit Authentication With Application to Key Cards (2007)
Blaise Gassend, Dwaine Clarke, Marten Dijk, Srinivas Devadas
Certi cate Chain Discovery in SPKI/SDSI (2007)
Dwaine Clarke, Jean-emile Elien, Carl Ellison, Matt Fredette, Alexander Morcos, Ronald L. Rivest
SPKI/SDSI is a novel public-key infrastructure emphasizing naming, groups, ease-of-use, and exible authorization. To access a protected resource, a client must present to the server a proof that the...
Efficient MemoryIntegrityVerification and Encryption forSecure Processors (2007)
G. Edward Suh, Dwaine Clarke, Martenvan Dijk
Secure processors enable new sets of applications such as commercial grid computing, software copy-protection, and secure mobile agents by providing security from both physical and software attacks....
Towards constant bandwidth overhead integrity checking of untrusted data (2005)
Dwaine Clarke, G. Edward Suh, Blaise Gassend, Ajay Sudan, Marten Van Dijk, Srinivas Devadas
We present an adaptive tree-log scheme to improve the performance of checking the integrity of arbitrarily-large untrusted data, when using only a small fixed-sized trusted state. Currently, hash...
Towards constant bandwidth overhead integrity checking of untrusted data (2005)
Dwaine Clarke, G. Edward Suh, Blaise Gassend, Ajay Sudan, Marten Van Dijk, Srinivas Devadas
We present an adaptive tree-log scheme to improve the performance of checking the integrity of arbitrarily-large untrusted data, when using only a small fixed-sized trusted state. Currently, hash...
Incremental multiset hash functions and their application to memory integrity checking (2003)
Dwaine Clarke, Srinivas Devadas, Marten Van Dijk, Blaise Gassend, G. Edward Suh
Abstract. We introduce a new cryptographic tool: multiset hash functions. Unlike standard hash functions which take strings as input, multiset hash functions operate on multisets (or sets). They map...
The AEGIS processor architecture for tamperevident and tamper resistant processing (2003)
Edward Suh, Dwaine Clarke, Blaise Gassend, Marten Van Dijk, Srini Devadas, G. Edward Suh, ...
We describe the architecture of the aegis processor which can be used to build computing systems secure against both physical and software attacks. aegis assumes that the operating system and all...
Caches and Hash Trees for Efficient Memory Integrity Verification (2003)
Blaise Gassend, G. Edward Suh, Dwaine Clarke, Marten Van Dijk, Srinivas Devadas
We study the hardware cost of implementing hash-tree based verification of untrusted external memory by a high performance processor. This verification could enable applications such as certified...
Delay-based Circuit Authentication and Applications (2003)
Blaise Gassend, Dwaine Clarke, Marten Dijk, Srinivas Devadas
We describe a technique to reliably identify individual integrated circuits (ICs), based on a prior delay characterization of the IC. We describe a circuit architecture for a key card for which...
Incremental multiset hash functions and their application to memory integrity checking (2003)
Dwaine Clarke, Srinivas Devadas, Marten Van Dijk, Blaise Gassend, G. Edward Suh
Abstract. We introduce a new cryptographic tool: multiset hash functions. Unlike standard hash functions which take strings as input, multiset hash functions operate on multisets (or sets). They map...
Incremental multiset hash functions and their application to memory integrity checking (2003)
Dwaine Clarke, Srinivas Devadas, Marten Van Dijk, Blaise Gassend, G. Edward, Suh Mit, ...
Abstract. We introduce a new cryptographic tool: multiset hash functions. Unlike standard hash functions which take strings as input, multiset hash functions operate on multisets (or sets). They map...
Efficient Memory Integrity Verification and Encryption for Secure Processors (2003)
G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten Van Dijk, Srinivas Devadas
Secure processors enable new sets of applications such as commercial grid computing, software copy-protection, and secure mobile agents by providing security from both physical and software attacks....
Incremental multiset hash functions and their application to memory integrity checking (2003)
Dwaine Clarke, Srinivas Devadas, Marten Van Dijk, Blaise Gassend, G. Edward, Suh Mit, ...
Abstract. We introduce a new cryptographic tool: multiset hash functions. Unlike standard hash functions which take strings as input, multiset hash functions operate on multisets (or sets). They map...
Caches and Hash Trees for Efficient Memory Integrity Verification (2003)
Blaise Gassend, G. Edward Suh, Dwaine Clarke, Marten Van Dijk, Srinivas Devadas
We study the hardware cost of implementing hash-tree based verification of untrusted external memory by a high performance processor. This verification could enable applications such as certified...
Aegis: architecture for tamper-evident and tamper-resistant processing (2003)
G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten Van Dijk, Srinivas Devadas
{suh,declarke,gassend,marten,devadas} @ mit.edu We describe the architecture for a single-chip AEGIS processor which can be used to build computing systems secure against both physical and software...
Incremental multiset hash functions and their application to memory integrity checking (2003)
Dwaine Clarke, Srinivas Devadas, Marten Van Dijk, Blaise Gassend, G. Edward Suh
Abstract. We introduce a new cryptographic tool: multiset hash functions. Unlike standard hash functions which take strings as input, multiset hash functions operate on multisets (or sets). They map...
Aegis: architecture for tamper-evident and tamper-resistant processing (2003)
G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten Van Dijk, Srinivas Devadas
We describe the architecture for a single-chip aegis processor which can be used to build computing systems secure against both physical and software attacks. Our architecture assumes that all...
Efficient Memory Integrity Verification and Encryption for Secure Processors (2003)
G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten Van Dijk, Srinivas Devadas
Secure processors enable new sets of applications such as commercial grid computing, software copy-protection, and secure mobile agents by providing security from both physical and software attacks....
The AEGIS Processor Architecture for Tamper-Evident and Tamper-Resistant Processing (2003)
G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten Van Dijk, Srinivas Devadas
We describe the architecture for a single-chip aegis processor which can be used to build computing systems secure against both physical and software attacks. Our architecture assumes that all...
Incremental Multiset Hash Functions and their Application to Memory Integrity Checking (2003)
Dwaine Clarke, Srinivas Devadas, Marten Van Dijk, Blaise Gassend, G. Edward Suh
We introduce a new cryptographic tool: multiset hash functions. Unlike standard hash functions which take strings as input, multiset hash functions operate on multisets (or sets). They map multisets...
Aegis: architecture for tamper-evident and tamper-resistant processing (2003)
G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten Van Dijk, Srinivas Devadas
We describe the architecture for a single-chip aegis processor which can be used to build computing systems secure against both physical and software attacks. Our architecture assumes that all...
Aegis: architecture for tamper-evident and tamper-resistant processing (2003)
G. Edward Suh, G. Edward Suh, Dwaine Clarke, Dwaine Clarke, Blaise Gassend, Blaise Gassend, ...
We describe the architecture for a single-chip aegis processor which can be used to build computing systems secure against both physical and software attacks. Our architecture assumes that all...
Blaise Gassend, Dwaine Clarke, Daihyun Lim, Marten Van Dijk, Srini Devadas, Blaise Gassend, ...
This paper describes a technique to reliably and securely identify individual integrated circuits (ICs) based on the precise measurement of circuit delays and a simple challengeresponse protocol....
Efficient Memory Integrity Verification and Encryption for Secure Processors (2003)
Srini Devadas, G. Edward Suh, G. Edward Suh, Dwaine Clarke, Dwaine Clarke, Blaise Gassend, ...
Secure processors enable new sets of applications such as commercial grid computing, software copy-protection, and secure mobile agents by providing security from both physical and software attacks....
Delay-based Circuit Authentication and Applications (2003)
Blaise Gassend, Dwaine Clarke, Marten Van Dijk, Srini Devadas
We describe a technique to identify and authenticate arbitrary integrated circuits (IC's) based on a prior delay characterization of the IC. While IC's can be reliably mass-manufactured to...
Speeding up Exponentiation using an Untrusted Computational Resource (2003)
Dwaine Clarke, Dwaine Clarke, Srinivas Devadas, Srinivas Devadas, Marten Van Dijk, Marten Van Dijk, ...
Abstract. We present protocols for speeding up fixed-base exponentiation and variablebase exponentiation using an untrusted computation resource. In the fixed-base protocols, the base and exponent...
Caches and Hash Trees for Efficient Memory Integrity Verification (2003)
Blaise Gassend, G. Edward Suh, Dwaine Clarke, Marten Van Dijk, Srinivas Devadas
We study the hardware cost of implementing hash-tree based verification of untrusted external memory by a high performance processor. This verification could enable applications such as certified...
Controlled physical random functions (2002)
Blaise Gassend, Dwaine Clarke, Marten Van Dijk, Srinivas Devadas
A Physical Random Function (PUF) is a random function that can only be evaluated with the help of a complex physical system. We introduce Controlled Physical Random Functions (CPUFs) which are PUFs...
Offline integrity checking of untrusted storage (2002)
Dwaine Clarke, Blaise Gassend, G. Edward Suh, Marten Van Dijk, Srinivas Devadas
We extend the o#ine memory correctness checking scheme presented by Blum et. al [BEG
Silicon Physical Random Functions (2002)
Blaise Gassend, Dwaine Clarke, Marten Van Dijk, Srinivas Devadas
We describe the notion of a Physical Random Function (PUF). We argue that a complex integrated circuit can be viewed as a silicon PUF and describe a technique to identify and authenticate individual...
Controlled physical random functions (2002)
Blaise Gassend, Dwaine Clarke, Marten Van Dijk, Srinivas Devadas
A Physical Random Function (PUF) is a random function that can only be evaluated with the help of a complex physical system. We introduce Controlled Physical Random Functions (CPUFs) which are PUFs...
Access-controlled resource discovery for pervasive networks (2002)
Sanjay Raman, Dwaine Clarke, Matt Burnside, Srinivas Devadas, Ronald Rivest
Networks of the future will be characterized by a variety of computational devices that display a level of dynamism not seen in traditional wired networks. Because of the dynamic nature of these...
Hardware mechanisms for memory integrity checking (2002)
G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten Van Dijk, Srinivas Devadas
Memory integrity verification is a useful primitive when implementing secure processors that are resistant to attacks on hardware components. This paper proposes new hardware schemes to verify the...
Access-controlled resource discovery for pervasive networks (2002)
Sanjay Raman, Dwaine Clarke, Matt Burnside, Srinivas Devadas, Ronald Rivest
Networks of the future will be characterized by a variety of computational devices that display a level of dynamism not seen in traditional wired networks. Because of the dynamic nature of these...
Offline integrity checking of untrusted storage (2002)
Dwaine Clarke, Blaise Gassend, G. Edward Suh, Marten Van Dijk, Srinivas Devadas
We extend the offline memory correctness checking scheme presented by Blum et. al [BEG + 91] to develop an offline checker that can detect attacks by active adversaries. We introduce the concept of...
Secure hardware processors using silicon physical one-way functions (2002)
Dwaine Clarke, Blaise Gassend, Marten Van Dijk, Srinivas Devadas
Introduction: Physical one way functions (POWF) are functions that combine an input value with the state of a physical system to produce an output value. In addition, they have in common with...
The Untrusted Computer Problem and Camera-Based Authentication (2002)
Matt Burnside, Dwaine Clarke, Blaise Gassend, Thomas Kotwal, Marten Van Dijk, Srinivas Devadas, ...
The use of computers in public places is increasingly common in everyday life. In using one of these computers, a user is trusting it to correctly carry out her orders. For many transactions,...
Blaise Gassend, Dwaine Clarke, Marten Van Dijk, Srinivas Devadas
A Physical Unknown Function (PUF) is a function that is easy to evaluate but hard to characterize. We introduce controlled physical unknown functions (CPUFs) which are PUFs that can only be accessed...
Proxy-based security protocols in networked mobile devices (2002)
Matthew Burnside, Dwaine Clarke, Todd Mills, Srinivas Devadas, Ronald Rivest
We describe a resource discovery and communication system designed for security and privacy. All objects in the system, e.g., appliances, wearable gadgets, software agents, and users have associated...
Access-controlled resource discovery for pervasive networks (2002)
Sanjay Raman, Dwaine Clarke, Matt Burnside, Srinivas Devadas, Ronald Rivest
Networks of the future will be characterized by avariety of computational devices that display a level of dynamism not seen in traditional wired networks. Because of the dynamic nature of these...
The Untrusted Computer Problem and Camera-Based Authentication (2002)
Dwaine Clarke, Blaise Gassend, Thomas Kotwal, Matt Burnside, Marten Van Dijk, Srinivas Devadas, ...
Abstract. The use of computers in public places is increasingly common in everyday life. In using one of these computers, a user is trusting it to correctly carry out her orders. For many...
Controlled physical random functions (2002)
Marten Van Dijk, Blaise Gassend, Blaise Gassend, Dwaine Clarke, Dwaine Clarke, ...
A Physical Random Function (PUF) is a random function that can only be evaluated with the help of a complex physical system. We introduce Controlled Physical Random Functions (CPUFs) which are PUFs...
Access-controlled resource discovery for pervasive networks (2002)
Matthew Burnside, Srini Devadas, Ron Rivest, Sanjay Raman, Sanjay Raman, Dwaine Clarke, ...
Networks of the future will be characterized by avariety of computational devices that display a level of dynamism not seen in traditional wired networks. Because of the dynamic nature of these...
Proxy-based security protocols in networked mobile devices (2002)
Matthew Burnside, Dwaine Clarke, Todd Mills, Andrew Maywah, Srinivas Devadas, Ronald Rivest
Introduction: The goals of ubiquitous and pervasive computing [1, 2] are becoming more and more feasible as the number of computing resources 1 in the world increases rapidly. However, there are...
Proxy-based security protocols in networked mobile devices (2002)
Matthew Burnside, Matthew Burnside, Dwaine Clarke, Dwaine Clarke, Todd Mills, Todd Mills, ...
We describe aresource discovery and communication system designed forsecurity and privacy. All objects in the system, e.g., appliances, wearable gadgets, software agents, and users have associated...
Controlled physical random functions (2002)
Blaise Gassend, Dwaine Clarke, Marten Van Dijk, Srinivas Devadas
A Physical Random Function (PUF) is a random function that can only be evaluated with the help of a complex physical system. We introduce Controlled Physical Random Functions (CPUFs) which are PUFs...
Certificate chain discovery in SPKI/SDSI (2001)
Dwaine Clarke, Jean-emile Elien, Carl Ellison, Matt Fredette, Alexander Morcos, Ronald L. Rivest
SPKI/SDSI is a novel public-key infrastructure emphasizing naming, groups, ease-of-use, and flexible authorization. To access a protected resource, a client must present to the server a proof that...
Certificate Chain Discovery in SPKI/SDSI (2001)
Dwaine Clarke, Jean-Emile Elien, Carl Ellison, Matt Fredette, Alexander Morcos, Ronald L. Rivest
SPKI/SDSI is a novel public-key infrastructure emphasizing naming, groups, ease-of-use, and flexible authorization. To access a protected resource, a client must present to the server a proof that...
6.933J Structure of Engineering Revolutions (2000)
Prof David Mindell, Christopher Beland, Wesley Chan, Dwaine Clarke, Michael Trupiano
3.0 THE EPISTEMOLOGY AND LEARNING GROUP............... 8
Certificate Chain Discovery in SPKI/SDSI (1999)
Dwaine Clarke, Jean-Emile Elien, Carl Ellison, Matt Fredette, Alexander Morcos, Ronald Rivest
We present a practical and efficient algorithm for the problem of "certificate chain discovery" in the SPKI/SDSI public-key infrastructure. We also present a tight worst-case bound on its...