For the first time, we introduce a high-level architecture that can tolerate multiple, colluding malicious hardware components, and a new approach for managing the risk of compromises in cryptographic hardware modules.
Existing high-assurance systems cannot reliably maintain their security properties in the presence of compromised hardware components. In this work, we challenge this perception and demonstrate how trusted, high-assurance hardware can be built from untrusted and potentially malicious components.
Vasilios Mavroudis, Andrea Cerulli, Petr Svenda, Dan Cvrcek, Dusan Klinec, George Danezis. A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components. 24th ACM Conference on Computer and Communications Security, Dallas, TX, Oct 30th-Nov 3rd 2017.