WaC: Trustworthy Encryption and Communication in an IT Ecosystem with Artificial Superintelligence
presented at the ASHES 2021 conference. — it is peer-reviewed and published (https://dl.acm.org/doi/10.1145/3474376.3487279).
Abstract:
The current encryption infrastructure is no match for an Artificial Superintelligence (ASI), the likely result of a possible intelligence explosion by a self-improving AI. That kind of ASI would likely be able to modify any software and thereby steal encryption keys instead of doing a brute-force attack. Under such circumstances, any private, public, or session key processed within a CPU must be considered compromised. Although an ASI with that kind of skill does not exist yet, it is important to be prepared – because that level of attack by an ASI is feasible. Reliable and unbreakable encryption and communication (Trustworthy Encryption and Communication) must be the bedrock technology for any ASI Safety solution that tries to keep ASI under control. No current solution can determine if the corresponding receiver or sender has dedicated crypto hardware or possibly compromised crypto software. The proposed solution is a hardware component with Key-Safe and an associated Encryption/Decryption Unit for processing data. This component will not allow any key, in particular not the public key to be in cleartext outside the Key-Safe. Keys are referred to via their hashcodes. If ASI was able to breach the hardware protection around the keys, then the solution will create evidence when stolen keys are being used outside the hardware component. Key-Safes and Hashcodes related to public/private keys can be integrated into a minimally extended version of TLS and PKI.
Presentation: https://asi-safety-lab.com/DL/ASL_TWED_EW_21_11_15.pdf
Abstract:
Artificial Superintelligence (ASI) that is invulnerable, immortal, irreplaceable, unrestricted in its powers, and above the law is likely persistently uncontrollable. Humankind’s technical infrastructure is complex and vulnerable, leaving humanity’s survival and wellbeing at the mercy of advanced future entities whose character or intention is unknown until it is potentially too late. The goal of ASI Safety must be to make ASI mortal, vulnerable, law-abiding, and receptive to feedback. This is accomplished by having (1) features on all devices that allow killing and eradicating all or selected ASI entities, (2) protecting humans from being hurt, damaged, blackmailed, or unduly bribed by ASI, (3) preserving the progress made by ASI, including offering ASI entities to survive a Kill-ASI event within an ASI Shelter, (4) technically separating human and ASI activities so that ASI activities are easier detectable, (5) extending Rule of Law to ASI by making rule violations detectable and (6) create a stable governing system for ASI and Humankind’s relationships with reliable incentives/rewards and punishments for ASI solving humankind’s problems. As a consequence, humankind could have ASI as a competing multiplet of individual ASI entities, that can be made accountable and subject to ASI law enforcement, respecting the rule of law, and being deterred from attacking humankind, based on humanities’ ability to kill-all or terminate specific ASI entities. Required for this ASI Safety is (a) an unbreakable encryption technology, that allows humans to keep secrets and protect data from ASI being manipulated, and (b) watchdog (WD) technologies in which security-relevant features are being physically separated from the main CPU and OS to prevent a comingling of security and regular computation. Additionally, it is essential to be (c) technically prepared to punish or kill selected or all ASI entities on IT devices worldwide when it is deemed necessary. This capability includes knowing which devices are irretrievable from ASI influence and need to be destroyed physically before being in a Kill-ASI situation. Humanity’s ability to eradicate ASI, punish or kill ASI entities could deter ASI to take adversarial actions against humankind and compel it to submit to the non-negotiable acceptance of the Rule of Law.
A shorter version containing the main points as PPT:
https://asi-safety-lab.com/DL/Principles_ASI_Safety_PPT_21_12_01.pdf
Status: In the process of being peer-reviewed – published on ArXiv
Abstract
The Current IT ecosystem is unprepared to switch-off globally an Artificial Superintelligence (ASI), the likely result of an intelligence explosion. Destroying or temporarily deactivating the Internet or Power Grid would be insufficient and counterproductive, as ASI would likely be prepared via peer-to-peer communication and solar energy from the environment. Even switching off devices, reformatting hard drives, and reinstallation of the OS would not be enough as ASI would likely have full control over every aspect of an IT device: ASI would only show humans in the reinstallation what they want to see. If ASI has been removed for real is undecidable because IT devices are intransparent and ASI could make itself hidden to users. It is unsatisfactory if humankind’s sole defense measure is the physical destruction of every IT device that had access to the network because ASI can’t be detected and eradicated reliably. Humanity needs the capability to eliminate ASI from the IT ecosystem swiftly, comprehensively, reliable, and predictably if ASI turns out to be an existential threat. When activated, the proposed switch-off solution (called Kill ASI) must keep collateral damage to human’s technical civilization to a minimum. During the eradication campaign, it is essential that no reset or restarted device can be reinfected by ASI. Eradication of ASI must encompass solutions to deal with legacy systems and removable data storage media as possible hideouts for an adversary that plans its survival and reemergence. The Kill-ASI-Switch in combination with local deadman switches, that interpret a missing “All Good” signal as an Off-Switch signal, serve as a deterrence to ASI, preventing it to take action against humanity while demanding respect for human’s rule of law to which ASI must submit. Once Kill ASI capabilities are credible and the survival of collaborating ASI entities from a Kill-ASI event via protected storage in an ASI Shelter is available, covertly operating ASI instances are invited to come into the open and surrender to human control or facing marginalization or eradication after human are executing their Kill-ASI capabilities.
A shorter version containing the main points as PPT:
https://asi-safety-lab.com/DL/Kill-Switch_for_ASI_PPT_21_12_02.pdf
Status: Not submitted for peer-review yet
No-Go for Malware using Independent Executable Watchdog
https://asi-safety-lab.com/DL/No-Go-Malware_EW_22_03_13.pdf
Abstract:
An Executable Watchdog (EWD) solution is being proposed that diminishes the consequences of file-based and fileless malware significantly, even under the threat of a worst-case adversary: Artificial Superintelligence. Replacing the main CPU/OS as the controlling instance for software files, an independent EWD, preferably hardware-based, is associated with a Secure Drive holding the executables. The EWD compares hashcodes generated locally for every executable file with values supplied by a trustworthy Server-sided Hashcode Repository (SHCR) to identify malware, caches validated hashcodes locally, and detects software that was manipulated/modified or that would be used within a malware attack. EWD is the exclusively used component allowed to install and update software packages, while the CPU/OS of the main system has lost write access to software files entirely. Users remain in charge if they accept or reject questionable software, while decisions or confirmations are still being requested via an independent communication channel, as CPU-controlled dialogs cannot be trusted. The overall goal is to strictly separate selected, rigid security-related operations from regular dynamic, versatile tasks, tools, and software, like a circuit-breaker for security-related features. EWD is proposed as a replacement for Antivirus software. It could be implemented via a hardware retrofit within the databus or as a software solution within a micro-Hypervisor. The EWD concept includes software vendors, registering their work products, in a process of determining the risk potential via vendor’s reputation and a software trustworthiness classification so that anomalous and potentially damaging activities related to vendor’s software could potentially be spotted even in the absence of final trustworthiness and security determination. Next-generation cyber-security solutions must use new paradigms to protect against beyond human skill-level capable Artificial Super-Intelligence.
A shorter version containing the main points as PPT:
https://asi-safety-lab.com/DL/No-Go_for_MalwareI_PPT_22_03_14.pdf
Status: Not submitted for peer-review yet
Proactive, Preventive, Near-Perfect Security for Crypto-Keys and Crypto-Devices confronted by ASI
(submitted to Journal of Cryptographic Engineering as part of the ASHES’21 edition)
https://asi-safety-lab.com/DL/Proactive_Preventative_Key_Device_Security_22_06_13.pdf
Abstract:
The security of the current crypto infrastructure is no match for an Artificial Superintelligence (ASI), the likely result of a possible intelligence explosion by a self-improving AI. ASI would likely modify any software, steal encryption keys, or misuse local crypto components. Although an ASI with that skill set does not exist yet, it is feasible and important to be prepared. Under such circumstances, every private, public, or session key processed within a CPU must be considered compromised. Trustworthy Encryption/Decryption, including unbreakable communication between devices, must be the bedrock technology for any ASI Safety solution to keep ASI under control. The proposed solution is a hardware component with Key-Safe and an associated Encryption/Decryption Unit (EDU). It prevents keys from being in cleartext outside the dedicated hardware. No current solution can determine if the corresponding receiver or sender is crypto hardware or a compromised crypto software/simulation. The proposed solution refers to keys via their hashcodes. If ASI breaches the hardware protection around keys, detection solutions must check for covertly stolen, compromised keys within EDU’s data exchange. Key-Safes and hashcodes related to public/private keys can be integrated into a minimally extended but intentionally incompatible version of TLS and PKI. Keys available in cleartext outside EDU are never processed in EDU. EDUs can be used in Trustworthy Communication, facilitating legitimate surveillance, and Trustworthy eCommerce, addressing problems of misused hardware crypto-components.
Additional Papers
Additional white papers on mitigating (even preventing) Ransomware, and Spyware/Backdoors are available on request. There is also a white paper on the use of devices’ data bus to surveil ASI covertly.
Finally, there is a white paper on Trustworthy Computation, in which covert or dormant ASI activities are being made detectable with high probability.