On Device Identity Establishment and Verification

“…Gennaro et al [9] establish a condition for tamperproofness of general hardware and give some clues on how to check device integrity by means of cryptographic chal-lenges.Öksüzoglu and Wallach [19] present, in VoteBox Nano, an elegant human-verifiable software and firmware (FPGA bitstreams) checking mechanism based on random "session identifiers", which change every time the DRE is rebooted. Gallo et al [8] generalize Gennaro et al's conditions, prototyping a human-readable, cryptographicallystrong system verification method called Time-Base One-Time Verification (TOTV), which allows for multiple device verification in a trust amplifying fashion, making humans part of the verification protocol. Although both [19,8] can be used by poll workers and party advocates to assert DRE integrity, they are not practical for large-scale verification by voters, as they require comparison of multiple digit verification numbers, a hindrance when illiterate voters are considered.…”

“…Gallo et al [8] generalize Gennaro et al's conditions, prototyping a human-readable, cryptographicallystrong system verification method called Time-Base One-Time Verification (TOTV), which allows for multiple device verification in a trust amplifying fashion, making humans part of the verification protocol. Although both [19,8] can be used by poll workers and party advocates to assert DRE integrity, they are not practical for large-scale verification by voters, as they require comparison of multiple digit verification numbers, a hindrance when illiterate voters are considered.…”

“…In order to achieve these objectives, we based our proposal on the fundamentals of secure hardware presented by Gennaro et al [9] and Gallo et al [8]. The latter introduces the concept of cryptographic identity, which states conditions for the establishment and verification of a root of trust for general secure hardware.…”

“…For the S-HI-HWM interface, we employ a modified version of TOTV [8] that does not require the high-stability secure real-time clock (HSSRTC) of Gallo et al's solution. The TOTV protocol is similar to the Time-Base One-Time password (TOTP) described in [15]; TOTP derives, from time to time, an n-digit sequence from a secret key known to the verified device and possibly to the verifier.…”

“…Hardware protection and verification is thus an essential aspect, regardless of whether SI systems are employed or not. While some effort has been done towards the specification of hardware functionalities in order to provide sufficient device accreditation and tamper resistance [19,8,24], there is much room for improvement on the path to feasible implementations. Here we follow that path, presenting a hardware trusted computing base (TCB) for direct recording electronic voting architecture, T-DRE in short, suitable for a variety of existing voting protocols and systems.…”

T-Dre

“…Gennaro et al [9] establish a condition for tamperproofness of general hardware and give some clues on how to check device integrity by means of cryptographic chal-lenges.Öksüzoglu and Wallach [19] present, in VoteBox Nano, an elegant human-verifiable software and firmware (FPGA bitstreams) checking mechanism based on random "session identifiers", which change every time the DRE is rebooted. Gallo et al [8] generalize Gennaro et al's conditions, prototyping a human-readable, cryptographicallystrong system verification method called Time-Base One-Time Verification (TOTV), which allows for multiple device verification in a trust amplifying fashion, making humans part of the verification protocol. Although both [19,8] can be used by poll workers and party advocates to assert DRE integrity, they are not practical for large-scale verification by voters, as they require comparison of multiple digit verification numbers, a hindrance when illiterate voters are considered.…”

“…Gallo et al [8] generalize Gennaro et al's conditions, prototyping a human-readable, cryptographicallystrong system verification method called Time-Base One-Time Verification (TOTV), which allows for multiple device verification in a trust amplifying fashion, making humans part of the verification protocol. Although both [19,8] can be used by poll workers and party advocates to assert DRE integrity, they are not practical for large-scale verification by voters, as they require comparison of multiple digit verification numbers, a hindrance when illiterate voters are considered.…”

“…In order to achieve these objectives, we based our proposal on the fundamentals of secure hardware presented by Gennaro et al [9] and Gallo et al [8]. The latter introduces the concept of cryptographic identity, which states conditions for the establishment and verification of a root of trust for general secure hardware.…”

“…For the S-HI-HWM interface, we employ a modified version of TOTV [8] that does not require the high-stability secure real-time clock (HSSRTC) of Gallo et al's solution. The TOTV protocol is similar to the Time-Base One-Time password (TOTP) described in [15]; TOTP derives, from time to time, an n-digit sequence from a secret key known to the verified device and possibly to the verifier.…”

“…Hardware protection and verification is thus an essential aspect, regardless of whether SI systems are employed or not. While some effort has been done towards the specification of hardware functionalities in order to provide sufficient device accreditation and tamper resistance [19,8,24], there is much room for improvement on the path to feasible implementations. Here we follow that path, presenting a hardware trusted computing base (TCB) for direct recording electronic voting architecture, T-DRE in short, suitable for a variety of existing voting protocols and systems.…”

T-Dre

FORTUNA—A framework for the design and development of hardware-based secure systems

Case Studies of Attacks over Adaptive Modulation Based Tactical Software Defined Radios