Marten van Dijk

Learn More
We present Path ORAM, an extremely simple Oblivious RAM protocol with a small amount of client storage. Partly due to its simplicity, Path ORAM is the most practical ORAM scheme for small client storage known to date. We formally prove that Path ORAM requires log^2 N / log X bandwidth overhead for block size B = X log N. For block sizes bigger than(More)
Modern cryptographic protocols are based on the premise that only authorized participants can obtain secret keys and access to information systems. However, various kinds of tampering methods have been devised to extract secret keys from widely fielded conditional access systems such as smartcards and ATMs. As a solution, Arbiter-based Physical Unclonable(More)
We construct a simple fully homomorphic encryption scheme, using only elementary modular arithmetic. We use Gentry’s technique to construct fully homomorphic scheme from a “bootstrappable” somewhat homomorphic scheme. However, instead of using ideal lattices over a polynomial ring, our bootstrappable encryption scheme merely uses addition and multiplication(More)
We introduce the notion of a Physical Random Function (PUF). We argue that a complex integrated circuit can be viewed as a silicon PUF and describe a technique to identify and authenticate individual integrated circuits (ICs).We describe several possible circuit realizations of different PUFs. These circuits have been implemented in commodity Field(More)
We describe the architecture for a single-chip <sc>aegis</sc> processor which can be used to build computing systems secure against both physical and software attacks. Our architecture assumes that all components external to the processor, such as memory, are untrusted. We show two different implementations. In the first case, the core functionality of the(More)
This paper describes a technique that exploits the statistical delay variations of wires and transistors across ICs to build a secret key unique to each IC. To explore its feasibility, we fabricated a candidate circuit to generate a response based on its delay characteristics. We show that there exists enough delay variation across ICs implementing the(More)
Secure processors enable new sets of applications suchas commercial grid computing, software copy-protection,and secure mobile agents by providing security from bothphysical and software attacks. This paper proposes newhardware mechanisms for memory integrity verification andencryption, which are two key primitives required in single-chipsecure processors.(More)
A Physical Random Function (PUF) is a random function that can only be evaluated with the help of a complex physical system. We introduce Controlled Physical Random Functions (CPUFs) which are PUFs that can only be accessed via an algorithm that is physically bound to the PUF in an inseparable way. CPUFs can be used to establish a shared secret between a(More)
We study the hardware cost of implementing hash-tree based verification of untrusted external memory by a high performance processor. This verification could enable applications such as certified program execution. A number of schemes are presented with different levels of integration between the on-processor L2 cache and the hash-tree machinery.(More)
Recent targeted attacks have increased significantly in sophistication, undermining the fundamental assumptions on which most cryptographic primitives rely for security. For instance, attackers launching an Advanced Persistent Threat (APT) can steal full cryptographic keys, violating the very secrecy of “secret” keys that cryptographers assume in designing(More)