Title: Reconfigurable Hardware for High-security/High-Performance Embedded Systems: The SAFES Perspective
1Reconfigurable Hardware for High-security/High-Per
formance Embedded Systems The SAFES Perspective
- Guy Gogniat, Tilman Wolf, Wayne Burleson,
Jean-Philippe Diguet, Lilian Bossuet and Roman
Baslin - Presented by
- Wei Zang
- Xin Guan
- Mar. 03, 2010
2The topic(Reconfigurable Hardware for
High-security/High-Performance Embedded Systems
The SAFES Perspective)
- SAFES? Security
- Security architecture for embedded systems
- Purpose?
- Provide high-Security and high-performance for
a system - Built on reconfigurable hardware - FPGA
3Outline
- Attacks and countermeasures on embedded systems
- SAFES Architecture
- RC6 Architecture Monitoring for Performance
Policy - AES Datapath Implementation Comparison
4Outline
- Attacks and countermeasures on embedded systems
- SAFES Architecture
- RC6 Architecture Monitoring for Performance
Policy - AES Datapath Implementation Comparison
5Security and Attacks
- Security objective
- Protection of private data, design and the system
- Attacks objectives
- Break security in order to
- Access, change or destroy private data
- Change some module, copy or destroy design
- Change behavior or destroy the system
- Challenges ( attack point )
- Tamper resistance
- Facing increasing number of attacks from physical
to software - Assurance
- Continue to operate reliably despite attacks
6Attacks against embedded systems
Physical reversible attacks (Active) Glitch
clock, Fault injection, Variation of V or T
Hardware
Side-channel (Passive) Timing, power or EM
analysis to extrate of secrets
Physical irreversible attacks (Active) Chip
cutting, chemical attack etc.
7Why Reconfigurable architectures?
- Potential advantages of configurable computing
for efficiency - Specialization design the system for a specific
set of parameters - Resource sharing temporal resources sharing
- Throughput high parallelism and deep pipeline
implementation is possible - Potential advantages of configurable computing
for security - System Agility switching from one protection
mechanism to another, balance protection
mechanisms depending on requirements - System Upgrade upgrade of the protection
mechanisms - Configurable computing enables Dynamic
Configuration at Run Time - To react and adapt rapidly to an irregular
situation
8Outline
- Attacks and countermeasures on embedded systems
- SAFES Architecture
- RC6 Architecture Monitoring for Performance
Policy - AES Datapath Implementation Comparison
9SAFES Architecture
- Verification and protection are not inside the
application - Can be updated dynamically depending on the
application running on the system
10Reconfigurable Architecture
- Security primitive
- Performs a security algorithms (Cryptograph, key
management) - Goals
- Speedup the computation of security algorithm
- Provide flexibility to be able to update the
primitive or to switch from one primitive to
another - Provide various tradeoffs throughput, area,
latency, reliability, power, energy and real time
constraints
11Operation of the Primitive
Key size Throughput Pipe stage
011001
101101
ready
Parameter space Key size Throughput Pipe stage
normal
Battery level Channel quality
12- Changes comes from
- Attacks
- SSC manage
- Interrupt SPC when irregular activity detected
(hijacking, denial of service, secret information
extraction) - Response reconfigure with a trusted
configuration, enhance fault tolerance to
guarantee functionality, stall I/O of the
primitive - Performance requirement
- SPC manage flexibility
- Performance tradeoff (throughput versus energy)
- Better energy-efficiency when low battery level
or decreased channel quality, SPC reconfigure
primitive with lower throughput - Guarantee throughput SPC keeps the same
parameters
13Outline
- Attacks and countermeasures on embedded systems
- SAFES Architecture
- RC6 Architecture Monitoring for Performance
Policy - AES Datapath Implementation Comparison
14RC6 Case Study
- RC6 and AES are two major cryptography algorithms
in secure private communication over the
Internet. - Process a block of data with block size 128 bit.
- Different Key Sizes, 128 bit, 192 bit, and 256
bit. - Primitive operation, includes data-dependent
rotations, modular addition and XOR operations,
32 bit multiplication.
15RC6 Introduction
- Key Schedule
- Key Expansion
- Key Transmission
-
-
16RC6 Introduction
- Plaintext Input
- Divide
- Save
-
17RC6 Introduction
18RC6 Introduction
1st Round
A B C D
Repeat 10 Rounds
A B C D
final
19Reconfigurable RC6 architecture-Pipelining
Pipeline Stage 1
Pipeline Stage 2
20Reconfigurable RC6 architecture-Pipelining
Pipeline Stage 1
Pipeline Stage 2
Pipeline Stage 3
20
21Reconfigurable RC6 architecture-Pipelining
PS1
PS2
PS3
PS4
21
22Architecture Comparison
23Closed Loop Control
- Observer
- Averaging
- Decision Making
24Closed Loop Control
25Outline
- Attacks and countermeasures on embedded systems
- SAFES Architecture
- RC6 Architecture Monitoring for Performance
Policy - AES Datapath Implementation Comparison
26AES Case Study
- An encryption standard adopted by the U.S.
government. - Each AES cipher has a 128-bit block size, with
key sizes of 128, 192 and 256 bits - AES operates on a 44 array of bytes, termed the
state. - AES cipher is specified as a number of
repetitions of transformation rounds that convert
the input plaintext into the final output of
ciphertext.
27AES Introduction
- Key Schedule
- 128 bits User Supplied Key is used to
generate 10 sets of Round Key
28AES Introduction
- Plaintext Input
-
- A 128 bits Input data block is fit into the
44 Byte matrix, called state
29AES Introduction
- Round Operation
- SubBytes
- ShiftRows
- MixColumns
- AddRoundKey
-
30AES Introduction
- Dataflow
- Initial Round
- Repeated Round
- Output
-
-
-
-
31Reconfigurable AES Architecture
- Fault Detection Architecture
- Expected Parity Computation
- Parity Check
-
-
-
-
32Reconfigurable AES Architecture
- Fault Tolerant Architecture
- TMR (Triple Modular Redundancy)
- High overhead
-
-
-
-
33Architecture Comparison
With small overhead and improved reliability,
fault detection system can be set as default
design. Due to the high overhead, fault tolerant
system can be used cautiously.
34Architecture Comparison
35SAFES
- Reconfiguration Time
-
- The dynamic reconfiguration is accomplished by
ICAP interface. The clock of ICAP interface of
our FPGA is 50 MHz. Assume write one Byte
Configuration data for one cycle. For AES
encryption, the partial bit-streams required by
fault detection system is 356 kB, which leads to
the reconfiguration time nearly 7 ms.
36Conclusions
- SAFES
- Based on reconfigurable hardware to provide high
performance and flexibility and relies on
hardware monitors to build instruction detection
systems - Includes
- Reconfigurable security primitives
- Reconfigurable hardware monitors
- Hierarchy of secure controllers at the primitive,
system and executive level - Cases on RC6 and AES
- The flexibility of our solution enables the
realization of an energy-efficient system while
addressing the security issue.