This paper addresses mobile code protection with respect to potential integrity and confidentiality violations originating from the untrusted runtime environment where the code execution takes place. Both security properties are defined in a framework where code is modeled using Boolean circuits. Two protection schemes are presented. The first scheme addresses the protection of a function that is evaluated by an untrusted environment and yields an encrypted result only meaningful for the party providing the function. The second scheme addresses the protection of a piece of software executed by an untrusted environment. It enforces the secure execution of a series of functions while allowing interactions with the untrusted party. The latter technique relies on trusted tamper-proof hardware with limited capability. Executing a small part of the computations in the tamper-proof hardware extends its intrinsic security to the overall environment.
Extending tamper-proof hardware security to untrusted execution environments
CARDIS 2002, 5th IFIP/USENIX International Conference on Smart Card Research and Advanced Applications, November 21-22, 2002, San Jose, USA
© IFIP. Personal use of this material is permitted. The definitive version of this paper was published in CARDIS 2002, 5th IFIP/USENIX International Conference on Smart Card Research and Advanced Applications, November 21-22, 2002, San Jose, USA and is available at :
PERMALINK : https://www.eurecom.fr/publication/1077