Reconfigurable trust forembeddedcomputingplatforms

Published in:Applied Electronics (AE), 2012 International

ConferenceBy:-Martin Schramm University of Applied Sciences Deggendorf Deggendorf, [email protected] Grzemba University of Applied Sciences Deggendorf Deggendorf, Germany [email protected]

Reconfigurable Trust for Embedded Computing Platforms

INTRODUCTION

● embedded systems are integral parts of our everyday lives

● ubiquity and the wireless nature of many embedded applications give rise to the need for sophisticated security and privacy mechanisms.

● ”W/O privacy mechanisms” attack surface and injection vectors

● pure software-based security techniques often can only react to well-known threatS

INTRODUCTION

● Trusted Computing is a promising new approach for computer security “hardware-based security module”

● it uses an adaptive hardware-based trust anchor (FPGA,TPM)

● FPGAs offers major advantages when using them for cryptographic applications.

● high security requirements and performance constrains.

Trusted Computing

● The most important of this approach is the utilization of a hardware security chips

● egTrusted Platform Module (TPM)● The interesting feature of the TPM is the possibility to store the

hash” values represent a digital fingerprint” values of security critical data in a specially secured volatile memory area inside of the chip

● Called Platform Configuration Register (PCR)● The hardware-based security module is tied to the computing

platform and offer special protected capabilities which are securely isolated from the rest of the system.

Reconfigurable Hardware● FPGAs, are more and more becoming important parts of

embedded computing platforms

● It can offer major advantages when using them for cryptographic applications

● It can be used not only as an accelerator for cryptographic calculations, but rather as a hardware trust Anchor in embedded systems

FPGA-BASED TRUST ANCHOR

● This section deals with the concept of an adaptive Trust Anchor which is based on a FPGA chip.

● Conceptual Design of a FPGA-based Trust Anchor

FPGA-BASED TRUST ANCHOR

1) Asymmetric cryptographic algorithms a pair of keys is used to encrypt and decrypt data eg: Elliptic Curve Cryptography ECC

2) Symmetric cryptographic algorithms eg: Advanced Encryption Standard AES

3) Random number generator for the creation of cryptographic key material.

4) Cryptographic Hash/MAC Engine, calculate cryptographic hash values and message authentication codes.

5) A special memory area is dedicated to store the integrity values generated during integrity measurements of the components of the embedded system

FPGA-BASED TRUST ANCHORAdvantages and Disadvantages

1) Advantages:

● When applying cryptography there always is a risk that the utilized algorithms and protocols can possess theoretical or practical weaknesses or that they have been implemented incorrectly

● A great benefit of reconfigurable hardware a remote upload of a revised configuration can fix bugs in fielded devices

FPGA-BASED TRUST ANCHOR

1) Advantages.

● Furthermore there always is the possibility that new methods could be discovered with modern cryptography.

FPGA-BASED TRUST ANCHOR

2) Shortcomings● adopt methods to identify the utilized

cryptographic key Knowledge of the key enables the attacker to decrypt past and future messages which has been encrypted or to masquerade as the attacked communication party.eg :-reverse engineering, finding out information about the inner logic of the FPGA configuration. physical access, physical attacks to investigate the designof the chip or to extract information about the secret key.

FPGA-BASED TRUST ANCHOR

2) Shortcomingsside channel attacks:Attackers could evaluate information about timing behavior or power consumption in order to conclude which cryptographic key is employed in the design.

FPGA-BASED TRUST ANCHOR

2) Shortcomings● cloning of the whole configuration together with the

cryptographic algorithm and key. In the case that a symmetric algorithm is used it can be enough to run the copied application in decryption mode to be able to decrypt all past and future messages.

symmetric algorithm:-using the same cryptographic keys for both encryption and decryptionSolution for cloning bitstream ..

TPM and FPGA-based hybrid system

Because of the remaining unsolved shortcomings of a pure FPGA-based Trust Anchor solution , a hybrid system which consists of a combination of the reconfigurable security module with another hardware-based security module, such as the Trusted Platform Module.

TPM and FPGA-based hybrid system

● tamper resistant and tamper evident and offers some special capabilities, such as a True Random Number Generator (TRNG)

True Random Number Generator ~Pseudo-random Numbers Generator

TRNG it generates random numbers by a specified hardware chip w/o using a computer program like Pseudo “newran. ”

TPM and FPGA-based hybrid system● FPGA Trust Anchor used true random numbers generated

from TRNG to create cryptographic keys for the algorithms implemented in the reconfigurable hardware device.

● The integrity of the FPGA configuration file can be measured by the TPM and stored into the Platform Configuration Register of the security module

TPM and FPGA-based hybrid system

TPM and FPGA-based hybrid systemRSA engine: RSA Authentication Manager software which validates the pass code

SHA-1 hash engine: Secure Hash Algorithm, The SHA-1 is known as a one-way hash function, meaning there is no known mathematical method of computing the output given only the input HMAC engine :Hashed Message Authentication Code,is a specific construction for calculating a message authentication code (MAC)

POSSIBLE APPLICATION FIELDS

1) Secure partitioning of real time system:

● Real-Time Operating Systems (RTOS) performing safety-critical tasks have a high demand for enhanced security features

POSSIBLE APPLICATION FIELDSSecure partitioning of real time system:

POSSIBLE APPLICATION FIELDSSecure partitioning of real time system:

● The General-Purpose Operating System (GPOS) is connected to the potentially untrustworthy network.

● A TPM is used to measure the integrity level of the GPOS

● FPGA can be seen as a secured interconnection between the GPOS and the RTOS

POSSIBLE APPLICATION FIELDS

2) Securing individual nodes of a networked system ● The proposed concept

of a reconfigurable hardware security module could help securing individual nodes from a networked system

POSSIBLE APPLICATION FIELDS2) Securing individual nodes of a networked system

● Two nodes of a networked system are illustrated● One node consists of a common x86-based system

running a GPOS and is equipped with a TPM● On the second node, a RTOS is running on top of an

ARM-based system and a combination of FPGA Trust Anchor in combination with another hardware-based security module protects the system against manipulation attempts

CONCLUSION AND FUTURE WORK

● Reliability and security are main requirements which have to be met if a FPGA should be used as root of trust of a security architecture

● FPGAs have become central components for many advanced embedded systems.

CONCLUSION AND FUTURE WORK

FUTURE WORK

In the next steps of this ongoing research work effective ways have to be found in order that a pure FPGA-basedsecurity architecture can give authentic and trustworthyinformation about the state of the system.

THANK YOUSupervised by Dr.Belal SabahaDone by Abdullah Deeb, graduate student at Princess Sumaya University for Technology (PSUT)

[email protected]