EVT/WOTE 09 AUGUST 10, Ersin Öksüzoğlu Dan S. Wallach

Similar documents
Compute Node Design for DAQ and Trigger Subsystem in Giessen. Justus Liebig University in Giessen

Spartan -3A / Spartan -3AN Out of the box, now what? Eric Crabill Xilinx, Incorporated 04/01/2007

Trojan-tolerant Hardware & Supply Chain Security in Practice

Getting started with Digilent NetFPGA SUME, a Xilinx Virtex 7 FPGA board for high performance computing and networking systems

SECURE PARTIAL RECONFIGURATION OF FPGAs. Amir S. Zeineddini Kris Gaj

VGA Demo. Forza 4 and Slideshow

NS115 System Emulation Based on Cadence Palladium XP

Simplify System Complexity

S2C K7 Prodigy Logic Module Series

Parallel Cable III Emulator for the XSV Board

Validation Strategies with pre-silicon platforms

5I21 SERIAL ANYTHING I/O MANUAL

Intel Galileo gen 2 Board

S100 Series. Compact Smart Camera. High Performance: Dual Core Cortex-A9 processor and Xilinx FPGA. acquisition and preprocessing

Melon S3 FPGA Development Board Product Datasheet

Open Platform for Developing and Testing Smart Grid Automation Systems. Igor Alvarado National Instruments Corp.

F 2 MC-8FX Family. 8-bit Microcontroller. MB95200 Series

Electronics Single Board Computers

Parallel Cable III Emulator for the XSB-300E Board

Simplify System Complexity

Efficient Data Structures for Tamper-Evident Logging

AT-501 Cortex-A5 System On Module Product Brief

User Manual For CP-JR ARM7 USB-LPC2148 / EXP

MYD-C7Z010/20 Development Board

L2: FPGA HARDWARE : ADVANCED DIGITAL DESIGN PROJECT FALL 2015 BRANDON LUCIA

Smart Grid Embedded Cyber Security: Ensuring Security While Promoting Interoperability

Designing for Audit: A Voting Machine with a Tiny TCB

Celeron EPIC Computer with GUI and Dual Ethernet SBC4685

Figure 1. JTAGAVRU1 application The JTAGAVRU1 is supported by AVR Studio. Updated versions of AVR Studio is found on

Programming in the MAXQ environment

VoteBox: a verifiable, tamper-evident electronic voting system

ice40 UltraPlus Image Sensor Elliptical Crypto Engine (ECC) Demo - Radiant Software User Guide

)8-,768'HY.LW 2YHUYLHZ. )XMLWVX0LNURHOHNWURQLN*PE+ Am Siebenstein Dreieich-Buchschlag, Germany

ArduCAM CC3200 UNO board

Spartan-6 and Virtex-6 FPGA Embedded Kit FAQ

Bringing the benefits of Cortex-M processors to FPGA

Canon MFP Security Chip. ISO/IEC Security Policy

Extending Fixed Subsystems at the TLM Level: Experiences from the FPGA World

Intelop. *As new IP blocks become available, please contact the factory for the latest updated info.

Getting Started with STK200 Dragon

YSSC2P A SSCNET II PCI Interface Adapter. User manual

BOUNDARY-SCAN DFT & LAYOUT PRINCIPLES at BOARD LEVEL

Voting Machines and Automotive Software: Explorations with SMT at Scale

Avnet Zynq Mini Module Plus Embedded Design

MB95260H/MB95270H. MB95280H Series. MB95260H Series/MB95270H Series/

Full Linux on FPGA. Sven Gregori

Introduction to Embedded Systems

Space-Time Adventures on Novena Introducing: Balboa

Scan chain encryption in Test Standards

Trojan-tolerant Hardware

NanEye GS USB3 Evaluation Kit

Secure RISC-V. A FIPS140-2 Compliant Trust Module for Quad 64-bit RISC-V Core Complex

ErgoGroup. E-vote 2011 Security Architecture Electronic counting of paper votes V 1.1

Advanced 486/586 PC/104 Embedded PC SBC1491

4I39 RS-422 ANYTHING I/O MANUAL

USB Debug Adapter. Power USB DEBUG ADAPTER. Silicon Laboratories. Stop. Run. Figure 1. Hardware Setup using a USB Debug Adapter

Opal Kelly. XEM6002 User s Manual

The Next Generation of Cryptanalytic Hardware

Specification Manual

Lab 1. OMAP5912 Starter Kit (OSK5912)

A Deterministic Flow Combining Virtual Platforms, Emulation, and Hardware Prototypes

EMUL-PPC-PC. Getting Started Guide. Version 1.0

Titan silicon root of trust for Google Cloud

Tutorial: ISE 12.2 and the Spartan3e Board v August 2010

Nexus Instrumentation architectures and the new Debug Specification

Zatara Series ARM ASSP High-Performance 32-bit Solution for Secure Transactions

BASICS OF THE RENESAS SYNERGY PLATFORM

RISCV with Sanctum Enclaves. Victor Costan, Ilia Lebedev, Srini Devadas

Introduction to Sitara AM437x Processors

The industrial technology is rapidly moving towards ARM based solutions. Keeping this in mind, we are providing a Embedded ARM Training Suite.

Breaking the Bitstream Decryption of FPGAs

SoC Systeme ultra-schnell entwickeln mit Vivado und Visual System Integrator

Outline. Trusted Design in FPGAs. FPGA Architectures CLB CLB. CLB Wiring

MYC-C7Z010/20 CPU Module

Veloce2 the Enterprise Verification Platform. Simon Chen Emulation Business Development Director Mentor Graphics

TRACE32. Product Overview

Introducing the Spartan-6 & Virtex-6 FPGA Embedded Kits

DISTRIBUTED DATABASE MODEL FOR MOBILE E-POLLING SYSTEM

100M Gate Designs in FPGAs

5I20 ANYTHING I/O MANUAL

FIRMWARE DOWNLOAD AND ON-BOARD FLASH PROM PROGRAMMING

System-on-a-Programmable-Chip (SOPC) Development Board

EyeCheck Smart Cameras

New System Solutions for Laser Printer Applications by Oreste Emanuele Zagano STMicroelectronics

Creating hybrid FPGA/virtual platform prototypes

Implementing debug. and trace access. through functional I/O. Alvin Yang Staff FAE. Arm Tech Symposia Arm Limited

High-Performance 32-bit

Spartan-3E FPGA Design Guide for prototyping and production environment

Electronic Design for Power Control Technology and Knowledge transferred from University to Industry

Trusted Platform Modules Automotive applications and differentiation from HSM

Booting It Successfully For The First Time In Mainline

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

Building and Using the ATLAS Transactional Memory System

Spartan-II Demo Board User s Guide

MYD-IMX28X Development Board

MYD-Y6ULX Development Board

ARM TrustZone for ARMv8-M for software engineers

ATLAS: A Chip-Multiprocessor. with Transactional Memory Support

RiceNIC. Prototyping Network Interfaces. Jeffrey Shafer Scott Rixner

Getting Started With the Stellaris EK-LM4F120XL LaunchPad Workshop. Version 1.05

Transcription:

EVT/WOTE 09 AUGUST 10, 2009 Ersin Öksüzoğlu Dan S. Wallach

VoteBox Full featured DRE voting machine Paper in USENIX Security Symposium 2008 2

Pre-rendered user interface simplifies the graphics subsystem & code size Network ballot replication increases the availability of voting records Challenge option casts the votes as intended Elgamal ballot encryption allows tallying the votes independently 3

One way of encryption Two ways of decryption 4

In a tampered VoteBox, we cannot detect privacy attacks The random number can be used as a subliminal channel VoteBox still needs to be smaller EVM Language LOC Pvote Python 460 VoteBox Java 14500 Diebold AccuVote TSX C++ 64000 Sequoia Edge C 124000 5

Hardware and software hybrid Pre-rendered GUI Minimized code size for easier inspection Challenge option Elgamal Encryption End to end cryptography True Random Number Generator Better random numbers Session ID Bitstream Readback Additional tamper-evidence mechanism 6

A blank chip that the user can program on the field Emulate any chip Used for prototyping custom silicon Accelerate designs taking the advantage of the parallelism Widely deployed in the industry ($2.75 billion in 2010) Fast time to market Low initial cost Re-programmable hence easy to update 7

500k gate FPGA Chip Flash RAM DRAM VGA port Dot Matrix LCD (2x16) A rotary encoder RS232 serial ports Buttons and switches USB configuration port No CPU, GPU, network chip 8

Network replication and storage facilities We have limited space on board Ethernet communication module Instead we have RS232 port High resolution bitmap based GUI We have character graphics 9

VoteBox Classic vs. VoteBox Nano 10

X Y color text 11

IEEE port standard for IC s to: Debug Program Monitor Daisy chain connection for all the components on board One wire data in One wire data out USB For FPGAs, JTAG is used for 1. Bitstream upload and download 2. Software upload and download 3. Accessing software debugger 12

Programming USB Done JTAG!!! Triggers Session ID..9F23..XXXX Captured from TRNG 13

Programming USB Done JTAG!!! The design is ready!..9f23..7fed..1456..3247..6831..127f..e2d6..e12c..fafa..ed92..259a..2201..f032..cc21..0932 FPGA is sealed Write it down! 14

Readback bitstream Done!!!..0932 Same?..0932..7FED..1456..3247..6831..127F..E2D6..E12C..FAFA..ED92..259A..2201..F032..CC21 Seal is broken Compare 15

Elections Start Upload a new bitstream Evil bitstream Elections End Session ID Bitstream verification Elections Start Evil bitstream Change software Honest bitstream JTAG port is monitored Session ID is read-only Elections End Session ID Bitstream verification 16

EVM Language LOC Pvote Python 460 VoteBox Nano C 996 VoteBox (Stripped) Java ~7300 VoteBox (Full) Java 14500 Diebold AccuVote TSX C++ 64000 Sequoia Edge C 124000 17

Pvote 460 lines Python Python Libraries Linux Kernel PR-GUI SHA1 VoteBox (Full) 14500 lines JAVA JAVA Libraries Linux Kernel PR-GUI Challenge Network ballot rep. Elgamal enc. DSA VoteBox Nano 122 kb executable FPGA Modules Custom Modules PR-GUI Challenge Session ID TRNG Elgamal enc. DSA 18

We have shown that a very compact EVM can be built using an FPGA with following features: Externally verifiable attestation True Random Number Generator Elgamal Encryption and DSA Challenge Option Pre-rendered GUI No underlying OS 19

At the last step, the voter is given two options Cast The votes are valid Usual flow Challenge The votes are invalidated FPGA reveals the random numbers FPGA only publishes the random numbers, the secret key is still safe With a certain amount of challenges, the results are reliable enough 20

TRNG has 128 ring oscillators, each consisting of 3 inverters f s is 25 MHz and throughput is 195 kb/s. 21

22

Theft of the device No secret data is stored in long term Tapping serial port The votes are encrypted Encryption is probabilistic 23

Hardware LOC Crypto Module 760 TRNG 520 Other 483 Total 1763 24

TDI: (Test Data In) TDO: (Test Data Out) TCK: (Test Clock) TMS: (Test Mode Select) The line is tripwired to the Session ID 25

500k gate FPGA Chip Flash RAM (16 MB) DRAM (32 MB) VGA port Dot Matrix LCD (2x16) A rotary encoder RS232 serial ports Buttons and switches USB configuration port Ethernet Port PS/2 port 8 LEDs Xilinx Spartan-3E 500 Starter Kit 26

TDI: (Test Data In) TDO: (Test Data Out) TCK: (Test Clock) TMS: (Test Mode Select) USB The line is tripwired to the Session ID JTAG For FPGAs JTAG is used for 1. Bitstream upload and download 2. Software upload and download 3. Accessing software debugger 27

28

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback