TARDIS: Time and Remanence Decay in SRAM to Implement Secure Protocols in Embedded Devices without Clocks
Lack of a locally trustworthy clock makes security protocols challenging to implement on batteryless embedded devices such as contact smartcards, contactless smartcards, and RFID tags. A device that knows how much time has elapsed between queries from an untrusted reader could better protect against attacks that depend on the existence of a rate-unlimited encryption oracle. The TARDIS (Time and Remanence Decay in SRAM) helps to locally maintain a sense of time elapsed without power and without special-purpose hardware. The TARDIS software computes the expiration state of a timer by analyzing the decay of existing on-chip SRAM memory. The TARDIS enables coarse-grained, hourglass-like timers such that cryptographic software can more deliberately decide how to throttle its response rate. Our experiments demonstrate that the TARDIS can measure time ranging from seconds to several hours depending on hardware parameters. Key challenges to implementing a practical TARDIS include compensating for temperature and handling variation across hardware. Our contributions are (1) the algorithmic building blocks for computing elapsed time from SRAM decay; (2) characterizing TARDIS behavior under different temperatures, capacitors, SRAM sizes, and chips; and (3) three proof of concept implementations that use the TARDIS to enable privacy-preserving RFID tags, to deter double swiping of contactless credit cards, and to increase the difficulty of brute force attacks against e-Passports.
Joint work with Amir Rahmati, Mastooreh Salajegheh, Dan Holcomb, Jacob Sorber and Wayne Burleson. To appear at USENIX Security 2012.
Speaker Details
Kevin Fu will join the University of Michigan as Associate Professor of Computer Science and Engineering in January 2013. His research is in the area of trustworthy computing and low-power embedded devices. In addition to systems security, RFID-scale computation, and energy-aware architectures, Dr. Fu’s interests include medical devices and health IT.
Dr. Fu received his PhD in Electrical Engineering and Computer Science from MIT in 2005 and is currently Associate Professor of Computer Science at University of Massachusetts Amherst.
Dr. Fu has served as a visiting scientist at the Food & Drug Administration, the Beth Israel Deaconess Medical Center of Harvard Medical School, and MIT CSAIL, and is a member of the NIST Information Security and Privacy Advisory Board. He previously worked for Bellcore, Cisco, HP Labs, Microsoft Research, and Holland Community Hospital. He is the recipient of a Sloan Research Fellowship, the NSF CAREER award, and best paper awards from USENIX Security, IEEE S&P, and ACM SIGCOMM. Dr. Fu was named MIT Technology Review’s TR35 Innovator of the Year in 2009, and is a Senior Member of the Association for Computing Machinery.
- Series:
- Microsoft Research Talks
- Date:
- Speakers:
- Kevin Fu
- Affiliation:
- University of Massachusetts Amherst
Series: Microsoft Research Talks
-
DIABLo: a Deep Individual-Agnostic Binaural Localizer
Speakers:- Shoken Kaneko
-
A Tale of Two Cities: Software Developers in Practice During the COVID-19 Pandemic
Speakers:- Denae Ford Robinson
-
Recent Efforts Towards Efficient And Scalable Neural Waveform Coding
Speakers:- Kai Zhen
-
-
Audio-based Toxic Language Detection
Speakers:- Midia Yousefi
-
What Kind of Computation is Human Cognition? A Brief History of Thought (Episode 2/2)
Speakers:- Paul Smolensky
-
From SqueezeNet to SqueezeBERT: Developing Efficient Deep Neural Networks
Speakers:- Forrest Iandola,
- Sujeeth Bharadwaj
-
Hope Speech and Help Speech: Surfacing Positivity Amidst Hate
Speakers:- Ashique Khudabukhsh
-
What Kind of Computation is Human Cognition? A Brief History of Thought (Episode 1/2)
Speakers:- Paul Smolensky
-
An Ethical Crisis in Computing?
Speakers:- Eric Horvitz,
- Moshe Y. Vardi
-
Towards Mainstream Brain-Computer Interfaces (BCIs)
Speakers:- Brendan Allison
-
-
'F' to 'A' on the N.Y. Regents Science Exams: An Overview of the Aristo Project
Speakers:- Peter Clark
-
Checkpointing the Un-checkpointable: the Split-Process Approach for MPI and Formal Verification
Speakers:- Gene Cooperman
-
Learning Structured Models for Safe Robot Control
Speakers:- Subramanian Ramamoorthy
-
Non-linear Invariants for Control-Command Systems
Speakers:- Pierre Roux
-
Distributed Entity Resolution for Computational Social Science
Speakers:- Rebecca C. Steorts
-
The Worst Form Including All Those Others: Canada’s Experiments with Online Voting
Speakers:- Aleksander Essex
-
How Not to Prove Your Election Outcome
Speakers:- Vanessa Teague
-
Dashboard Mechanisms for Online Marketplaces
Speakers:- Jason Hartline
-
Compacting the Uncompactable: The Mesh Compacting Memory Allocator
Speakers:- Emery Berger
-
Tea: A High-level Language and Runtime System for Automating Statistical Analysis
Speakers:- Eunice Jun
-
Resource-Efficient Redundancy for Large-Scale Data Processing and Storage Systems
Speakers:- Rashmi Vinayak
-
Battling Unfair Demons in Peer Review
Speakers:- Nihar Shah
-
Sequential Estimation of Quantiles with Applications to A/B-testing and Best-arm Identification
Speakers:- Aaditya Ramdas