1 / 36

Guy Gogniat, Tilman Wolf, Wayne Burleson, Jean-Philippe Diguet, Lilian Bossuet and Roman Baslin

Reconfigurable Hardware for High-security/High-Performance Embedded Systems: The SAFES Perspective. Guy Gogniat, Tilman Wolf, Wayne Burleson, Jean-Philippe Diguet, Lilian Bossuet and Roman Baslin Presented by: Wei Zang Xin Guan Mar. 03, 2010.

freira
Download Presentation

Guy Gogniat, Tilman Wolf, Wayne Burleson, Jean-Philippe Diguet, Lilian Bossuet and Roman Baslin

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Reconfigurable Hardware for High-security/High-Performance Embedded Systems: The SAFES Perspective Guy Gogniat, Tilman Wolf, Wayne Burleson, Jean-Philippe Diguet, Lilian Bossuet and Roman Baslin Presented by: Wei Zang Xin Guan Mar. 03, 2010

  2. The topic(Reconfigurable Hardware for High-security/High-Performance Embedded Systems: The SAFES Perspective) • SAFES? –Security Security architecture for embedded systems • Purpose? Provide high-Security and high-performance for a system • Built on reconfigurable hardware - FPGA

  3. Outline • Attacks and countermeasures on embedded systems • SAFES Architecture • RC6 Architecture Monitoring for Performance Policy • AES Datapath Implementation Comparison

  4. Outline • Attacks and countermeasures on embedded systems • SAFES Architecture • RC6 Architecture Monitoring for Performance Policy • AES Datapath Implementation Comparison

  5. Security and Attacks • Security objective • Protection of private data, design and the system • Attacks objectives • Break security in order to • Access, change or destroy private data • Change some module, copy or destroy design • Change behavior or destroy the system • Challenges ( attack point ) • Tamper resistance • Facing increasing number of attacks from physical to software • Assurance • Continue to operate reliably despite attacks

  6. Attacks against embedded systems Software attacks Worm, virus, Trojan horse Physical reversible attacks (Active) Glitch clock, Fault injection, Variation of V or T Hardware Side-channel (Passive) Timing, power or EM analysis to extrate of secrets Physical irreversible attacks (Active) Chip cutting, chemical attack etc.

  7. Why Reconfigurable architectures? • Potential advantages of configurable computing for efficiency • Specialization: design the system for a specific set of parameters • Resource sharing: temporal resources sharing • Throughput: high parallelism and deep pipeline implementation is possible • Potential advantages of configurable computing for security • System Agility: switching from one protection mechanism to another, balance protection mechanisms depending on requirements • System Upgrade: upgrade of the protection mechanisms • Configurable computing enables Dynamic Configuration at Run Time • To react and adapt rapidly to an irregular situation

  8. Outline • Attacks and countermeasures on embedded systems • SAFES Architecture • RC6 Architecture Monitoring for Performance Policy • AES Datapath Implementation Comparison

  9. SAFES Architecture • Verification and protection are not inside the application • Can be updated dynamically depending on the application running on the system

  10. Reconfigurable Architecture • Security primitive • Performs a security algorithms (Cryptograph, key management) • Goals • Speedup the computation of security algorithm • Provide flexibility to be able to update the primitive or to switch from one primitive to another • Provide various tradeoffs: throughput, area, latency, reliability, power, energy and real time constraints

  11. Operation of the Primitive Key size Throughput Pipe stage 011001 101101 ready Parameter space Key size Throughput Pipe stage normal Battery level Channel quality

  12. Changes comes from: • Attacks • SSC manage • Interrupt SPC when irregular activity detected (hijacking, denial of service, secret information extraction) • Response: reconfigure with a trusted configuration, enhance fault tolerance to guarantee functionality, stall I/O of the primitive • Performance requirement • SPC manage flexibility • Performance tradeoff (throughput versus energy) • Better energy-efficiency: when low battery level or decreased channel quality, SPC reconfigure primitive with lower throughput • Guarantee throughput: SPC keeps the same parameters

  13. Outline • Attacks and countermeasures on embedded systems • SAFES Architecture • RC6 Architecture Monitoring for Performance Policy • AES Datapath Implementation Comparison

  14. RC6 Case Study RC6 and AES are two major cryptography algorithms in secure private communication over the Internet. Process a block of data with block size 128 bit. Different Key Sizes, 128 bit, 192 bit, and 256 bit. Primitive operation, includes data-dependent rotations, modular addition and XOR operations, 32 bit multiplication.

  15. RC6 Introduction Key Schedule Key Expansion Key Transmission

  16. Plaintext Input Divide Save RC6 Introduction

  17. Encryption RC6 Introduction

  18. RC6 Introduction 1st Round • Encryption A B C D Repeat 10 Rounds A B C D final

  19. 2-stage Reconfigurable RC6 architecture-Pipelining Pipeline Stage 1 Pipeline Stage 2

  20. 3-stage Reconfigurable RC6 architecture-Pipelining Pipeline Stage 1 Pipeline Stage 2 Pipeline Stage 3 20

  21. 4-stage Reconfigurable RC6 architecture-Pipelining PS1 PS2 PS3 PS4 21

  22. Architecture Comparison

  23. Observer Averaging Decision Making Closed Loop Control

  24. Closed Loop Control

  25. Outline • Attacks and countermeasures on embedded systems • SAFES Architecture • RC6 Architecture Monitoring for Performance Policy • AES Datapath Implementation Comparison

  26. An encryption standard adopted by the U.S. government. Each AES cipher has a 128-bit block size, with key sizes of 128, 192 and 256 bits AES operates on a 4×4 array of bytes, termed the state. AES cipher is specified as a number of repetitions of transformation rounds that convert the input plaintext into the final output of ciphertext. AES Case Study

  27. Key Schedule 128 bits User Supplied Key is used to generate 10 sets of Round Key AES Introduction

  28. Plaintext Input A 128 bits Input data block is fit into the 4*4 Byte matrix, called state AES Introduction

  29. Round Operation SubBytes ShiftRows MixColumns AddRoundKey AES Introduction

  30. Dataflow Initial Round Repeated Round Output AES Introduction

  31. Fault Detection Architecture Expected Parity Computation Parity Check Reconfigurable AES Architecture

  32. Fault Tolerant Architecture TMR (Triple Modular Redundancy) High overhead Reconfigurable AES Architecture

  33. Architecture Comparison With small overhead and improved reliability, fault detection system can be set as default design. Due to the high overhead, fault tolerant system can be used cautiously.

  34. Architecture Comparison

  35. Reconfiguration Time The dynamic reconfiguration is accomplished by ICAP interface. The clock of ICAP interface of our FPGA is 50 MHz. Assume write one Byte Configuration data for one cycle. For AES encryption, the partial bit-streams required by fault detection system is 356 kB, which leads to the reconfiguration time nearly 7 ms. SAFES

  36. Conclusions • SAFES • Based on reconfigurable hardware to provide high performance and flexibility and relies on hardware monitors to build instruction detection systems • Includes: • Reconfigurable security primitives • Reconfigurable hardware monitors • Hierarchy of secure controllers at the primitive, system and executive level • Cases on RC6 and AES • The flexibility of our solution enables the realization of an energy-efficient system while addressing the security issue.

More Related