Reconfigurable trust forembeddedcomputingplatforms
- 1. Published in:Applied Electronics (AE), 2012 International Conference By:- Martin Schramm University of Applied Sciences Deggendorf Deggendorf, Germanymartin.schramm@hdu-deggendorf.de Andreas Grzemba University of Applied Sciences Deggendorf Deggendorf, Germany andreas.grzemba@hdu-deggendorf.de Reconfigurable Trust for Embedded Computing Platforms
- 2. INTRODUCTION ● embedded systems are integral parts of our everyday lives ● ubiquity and the wireless nature of many embedded applications give rise to the need for sophisticated security and privacy mechanisms. ● ”W/O privacy mechanisms” attack surface and injection vectors ● pure software-based security techniques often can only react to well-known threatS
- 3. INTRODUCTION ● Trusted Computing is a promising new approach for computer security “hardware-based security module” ● it uses an adaptive hardware-based trust anchor (FPGA,TPM) ● FPGAs offers major advantages when using them for cryptographic applications. ● high security requirements and performance constrains.
- 4. Trusted Computing ● The most important of this approach is the utilization of a hardware security chips ● egTrusted Platform Module (TPM) ● The interesting feature of the TPM is the possibility to store the hash” values represent a digital fingerprint” values of security critical data in a specially secured volatile memory area inside of the chip ● Called Platform Configuration Register (PCR) ● The hardware-based security module is tied to the computing platform and offer special protected capabilities which are securely isolated from the rest of the system.
- 5. Reconfigurable Hardware ● FPGAs, are more and more becoming important parts of embedded computing platforms ● It can offer major advantages when using them for cryptographic applications ● It can be used not only as an accelerator for cryptographic calculations, but rather as a hardware trust Anchor in embedded systems
- 6. FPGA-BASED TRUST ANCHOR ● This section deals with the concept of an adaptive Trust Anchor which is based on a FPGA chip. ● Conceptual Design of a FPGA-based Trust Anchor
- 7. FPGA-BASED TRUST ANCHOR 1) Asymmetric cryptographic algorithms a pair of keys is used to encrypt and decrypt data eg: Elliptic Curve Cryptography ECC 2) Symmetric cryptographic algorithms eg: Advanced Encryption Standard AES 3) Random number generator for the creation of cryptographic key material. 4) Cryptographic Hash/MAC Engine, calculate cryptographic hash values and message authentication codes. 5) A special memory area is dedicated to store the integrity values generated during integrity measurements of the components of the embedded system
- 8. FPGA-BASED TRUST ANCHOR Advantages and Disadvantages 1) Advantages: ● When applying cryptography there always is a risk that the utilized algorithms and protocols can possess theoretical or practical weaknesses or that they have been implemented incorrectly ● A great benefit of reconfigurable hardware a remote upload of a revised configuration can fix bugs in fielded devices
- 9. FPGA-BASED TRUST ANCHOR 1) Advantages. ● Furthermore there always is the possibility that new methods could be discovered with modern cryptography.
- 10. FPGA-BASED TRUST ANCHOR 2) Shortcomings ● adopt methods to identify the utilized cryptographic key Knowledge of the key enables the attacker to decrypt past and future messages which has been encrypted or to masquerade as the attacked communication party. eg :-reverse engineering, finding out information about the inner logic of the FPGA configuration. physical access, physical attacks to investigate the design of the chip or to extract information about the secret key.
- 11. FPGA-BASED TRUST ANCHOR 2) Shortcomings side channel attacks:Attackers could evaluate information about timing behavior or power consumption in order to conclude which cryptographic key is employed in the design.
- 12. FPGA-BASED TRUST ANCHOR 2) Shortcomings ● cloning of the whole configuration together with the cryptographic algorithm and key. In the case that a symmetric algorithm is used it can be enough to run the copied application in decryption mode to be able to decrypt all past and future messages. symmetric algorithm:- using the same cryptographic keys for both encryption and decryption Solution for cloning bitstream ..
- 13. TPM and FPGA-based hybrid system Because of the remaining unsolved shortcomings of a pure FPGA-based Trust Anchor solution , a hybrid system which consists of a combination of the reconfigurable security module with another hardware-based security module, such as the Trusted Platform Module.
- 14. TPM and FPGA-based hybrid system ● tamper resistant and tamper evident and offers some special capabilities, such as a True Random Number Generator (TRNG) True Random Number Generator ~Pseudo-random Numbers Generator TRNG it generates random numbers by a specified hardware chip w/o using a computer program like Pseudo “newran. ”
- 15. TPM and FPGA-based hybrid system ● FPGA Trust Anchor used true random numbers generated from TRNG to create cryptographic keys for the algorithms implemented in the reconfigurable hardware device. ● The integrity of the FPGA configuration file can be measured by the TPM and stored into the Platform Configuration Register of the security module
- 16. TPM and FPGA-based hybrid system
- 17. TPM and FPGA-based hybrid system RSA engine: RSA Authentication Manager software which validates the pass code SHA-1 hash engine: Secure Hash Algorithm, The SHA-1 is known as a one-way hash function, meaning there is no known mathematical method of computing the output given only the input HMAC engine :Hashed Message Authentication Code,is a specific construction for calculating a message authentication code (MAC)
- 18. POSSIBLE APPLICATION FIELDS 1) Secure partitioning of real time system: ● Real-Time Operating Systems (RTOS) performing safety- critical tasks have a high demand for enhanced security features
- 19. POSSIBLE APPLICATION FIELDS Secure partitioning of real time system:
- 20. POSSIBLE APPLICATION FIELDS Secure partitioning of real time system: ● The General-Purpose Operating System (GPOS) is connected to the potentially untrustworthy network. ● A TPM is used to measure the integrity level of the GPOS ● FPGA can be seen as a secured interconnection between the GPOS and the RTOS
- 21. POSSIBLE APPLICATION FIELDS 2) Securing individual nodes of a networked system ● The proposed concept of a reconfigurable hardware security module could help securing individual nodes from a networked system
- 22. POSSIBLE APPLICATION FIELDS 2) Securing individual nodes of a networked system ● Two nodes of a networked system are illustrated ● One node consists of a common x86-based system running a GPOS and is equipped with a TPM ● On the second node, a RTOS is running on top of an ARM-based system and a combination of FPGA Trust Anchor in combination with another hardware-based security module protects the system against manipulation attempts
- 23. CONCLUSION AND FUTURE WORK ● Reliability and security are main requirements which have to be met if a FPGA should be used as root of trust of a security architecture ● FPGAs have become central components for many advanced embedded systems.
- 24. CONCLUSION AND FUTURE WORK FUTURE WORK In the next steps of this ongoing research work effective ways have to be found in order that a pure FPGA-based security architecture can give authentic and trustworthy information about the state of the system.
- 25. THANK YOU Supervised by Dr.Belal Sabaha Done by Abdullah Deeb, graduate student at Princess Sumaya University for Technology (PSUT) WWW.PSUT.EDU.JO ABDULLAH.DEEB@GMAIL.COM