Faerieplay on Tiny Trusted Third Parties

Many security protocols refer to a trusted third party (TTP) as an ideal way of handling computation and data with conflicting stakeholders. Subsequent discussion usually dismisses a TTP as hypothetical or impractical. However, the last decade has seen the emergence of hardware-based devices like the IBM 4758 that, to high assurance, can carry out computation unmolested; TPM-based systems like Intel’s Lagrande also provide secure platforms; emerging research in trusted computing promises more. In theory, such devices can perform the role of a TTP in real-world problems. In practice, all existing devices have problems. TPM-based systems are not secure against physical attack. The 4758 aspires to be general-purpose but is too small to accommodate real-world problem sizes. The small size forces programmers to hand-tune each algorithm anew, to fit inside the small space without losing security. This tuning heavily uses operations that general-purpose processors do not perform well. Furthermore, current devices are too expensive to deploy widely. Our current research attempts to overcome these barriers, by focusing on the effective use of tiny TTPs (T3Ps). To eliminate the programming obstacle, we designed and prototyped an efficient system, called Faerieplay, to execute arbitrary programs on T3Ps while preserving critical trust properties. To eliminate the performance and cost obstacles, we are currently examining the potential hardware design for a T3P optimized for bottleneck operations. We estimate that such a T3P could outperform the 4758 by several orders of magnitude, while also having a gate-count of only 30K-60K, one to three orders of magnitude smaller than the 4758 or hardened CPU systems like AEGIS. We are currently proceeding with a proof-of-concept prototype on a Xilinx FPGA.