The K2 Architecture for Trustworthy Hardware Security Modules

Anish Athalye, Frans Kaashoek, Nickolai Zeldovich, Joseph Tassarotti

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

K2 is a new architecture and verification approach for hardware security modules (HSMs). The K2 architecture's rigid separation between I/O, storage, and computation over secret state enables modular proofs and allows for software development and verification independent of hardware development and verification while still providing correctness and security guarantees about the composed system. For a key step of verification, K2 introduces a new tool called Chroniton that automatically proves timing properties of software running on a particular hardware implementation, ensuring the lack of timing side channels at a cycle-accurate level.

Original languageEnglish (US)
Title of host publicationKISV 2023 - Proceedings of the1st Workshop on Kernel Isolation, Safety and Verification
PublisherAssociation for Computing Machinery, Inc
Pages26-32
Number of pages7
ISBN (Electronic)9798400704116
DOIs
StatePublished - Oct 23 2023
Event1st Workshop on Kernel Isolation, Safety and Verification, KISV 2023 - Koblenz, Germany
Duration: Oct 23 2023 → …

Publication series

NameKISV 2023 - Proceedings of the1st Workshop on Kernel Isolation, Safety and Verification

Conference

Conference1st Workshop on Kernel Isolation, Safety and Verification, KISV 2023
Country/TerritoryGermany
CityKoblenz
Period10/23/23 → …

Keywords

  • security
  • verification

ASJC Scopus subject areas

  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'The K2 Architecture for Trustworthy Hardware Security Modules'. Together they form a unique fingerprint.

Cite this