TY - GEN
T1 - A new security proof of practical cryptographic devices based on hardware, software and protocols
AU - Wang, An
AU - Li, Zheng
AU - Yang, Xianwen
AU - Yu, Yanyan
PY - 2011
Y1 - 2011
N2 - Nowadays, cryptographic devices are widely used, so how to assess the security of them becomes a pivotal issue. There are two conventional ways to do this, by analyzing the underlying cryptographic protocols or by estimating if the devices meet standards such as FIPS 140-2 or Common Criteria Standard Documents. However, neither of them provides a comprehensive view of the security of the devices. In this paper, we first propose a bottom-up method to prove the UC (Universally Composable) security of the cryptographic devices composed by hardware, software and protocols, and give a general security framework of them. Base on the framework, we present a method that describes the local physical security of cryptographic SoC hardware as UC security. Then we establish the equivalence of software codes and the real-world models in the condition of "Exactly Realize", which illustrate the UC security of software. Besides, we propose methods to construct UC secure cryptographic modules from UC secure cryptographic SoC and a further method to construct UC secure cryptographic devices. Furthermore, based on the idea of bottom-up, we can develop new UC secure cryptographic devices which are more powerful by the combination of the existed UC secure cryptographic devices.
AB - Nowadays, cryptographic devices are widely used, so how to assess the security of them becomes a pivotal issue. There are two conventional ways to do this, by analyzing the underlying cryptographic protocols or by estimating if the devices meet standards such as FIPS 140-2 or Common Criteria Standard Documents. However, neither of them provides a comprehensive view of the security of the devices. In this paper, we first propose a bottom-up method to prove the UC (Universally Composable) security of the cryptographic devices composed by hardware, software and protocols, and give a general security framework of them. Base on the framework, we present a method that describes the local physical security of cryptographic SoC hardware as UC security. Then we establish the equivalence of software codes and the real-world models in the condition of "Exactly Realize", which illustrate the UC security of software. Besides, we propose methods to construct UC secure cryptographic modules from UC secure cryptographic SoC and a further method to construct UC secure cryptographic devices. Furthermore, based on the idea of bottom-up, we can develop new UC secure cryptographic devices which are more powerful by the combination of the existed UC secure cryptographic devices.
KW - Cryptographic device
KW - bottom-up method
KW - cryptographic SoC
KW - universally composable security model
UR - http://www.scopus.com/inward/record.url?scp=79956328414&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-21031-0_29
DO - 10.1007/978-3-642-21031-0_29
M3 - Conference contribution
AN - SCOPUS:79956328414
SN - 9783642210303
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 386
EP - 400
BT - Information Security Practice and Experience - 7th International Conference, ISPEC 2011, Proceedings
T2 - 7th International Conference on Information Security Practice and Experience, ISPEC 2011
Y2 - 30 May 2011 through 1 June 2011
ER -