SoC: Security-on-chip ! MPSoC (July 2005) Srivaths Ravi NEC - - PowerPoint PPT Presentation

soc security on chip
SMART_READER_LITE
LIVE PREVIEW

SoC: Security-on-chip ! MPSoC (July 2005) Srivaths Ravi NEC - - PowerPoint PPT Presentation

Feb 23, 2024 45 likes •197 views

SoC: Security-on-chip ! MPSoC (July 2005) Srivaths Ravi NEC Laboratories America Princeton, NJ Ubiquitous Security Concerns Home Gateway S ervers Desktop ATM machine Corporate Access Point Network S mart Firewall cards, WLAN

slide-1
SLIDE 1

SoC: Security-on-chip !

MPSoC (July 2005) Srivaths Ravi

NEC Laboratories America Princeton, NJ

slide-2
SLIDE 2

Srivaths Ravi NEC Labs America

Ubiquitous Security Concerns

ATM machine S mart cards, e-Wallets S ervers WLAN Terminal

Corporate Network

Access Point Desktop Firewall Cell Phone, PDA MP3 player, Media j ukebox Home Gateway Automotive electronics Aviation

slide-3
SLIDE 3

Srivaths Ravi NEC Labs America

Security Concerns for an Example Device (3G Cell Phone)

HW/SW Providers Handset Manufacturer Service provider Application Service provider Content provider End user

  • Privacy & Integrity of

personal data

  • Fraudulent calls &

transactions

  • Loss / theft
  • Secure execution of

downloaded SW

  • Content security,

digital rights management

  • Secure end-to-end

communications

  • Non-repudiation
  • Secure network access
  • Fraudulent service

usage

  • Intellectual property

protection Mobile phone value chain

slide-4
SLIDE 4

Srivaths Ravi NEC Labs America

Functional Security Measures

Symmetric

  • Crypto. (RC4,

DES,AES) Hash (SHA-1, MD5) Public key Crypto. (RSA,ECC) Digital Signature (DSA,ecDSA) Key Exchange (DH,ecDH) Secure communications protocols

(SSL/TLS, WTLS, IPSEC,S/MIME)

DRM protocols (IPMP) VPN DRM Secure storage Cryptographic primitives Security protocols Applications Web browser Biometric Authentication (fingerprint, face, voice)

slide-5
SLIDE 5

Srivaths Ravi NEC Labs America

  • Assurance gap

– Gap between sound functional measures and a secure implementation

  • Security processing gap *

– Disparity between processing requirements and capabilities

  • Battery gap *

– Energy requirements for security related functionality

Security Challenges for an SOC Designer

* Please refer to the Appendix for quantitative illustrations

slide-6
SLIDE 6

Srivaths Ravi NEC Labs America

Assurance Gap

Cartoon courtesy: Paul Kocher

Implementation Implementation weaknesses! weaknesses! Functional security Functional security measures measures

slide-7
SLIDE 7

Srivaths Ravi NEC Labs America

Privacy Attacks Integrity Attacks Availability Attacks

Functional Functional Classification Classification

Implementation Implementation Attacks Attacks

“Implementation” Attacks

Agent Agent-

  • based

based Classification Classification

Physical Physical Attacks Attacks

Eavesdropping Microprobing

Software Software Attacks Attacks

Virus Trojan Horse

Side Side-

  • Channel

Channel Attacks Attacks

EM Analysis Timing Analysis Fault Injection Power Analysis

slide-8
SLIDE 8

Srivaths Ravi NEC Labs America

Approaches to addressing the security gaps

  • Software

– SW certificates – Encrypted SW execution – OS and language-based techniques for isolation – Tools that check code for vulnerabilities

  • Architecture

– Security-enhanced embedded processors

  • ARM TrustZone, AEGIS (MIT), XOM (Stanford)
  • Co-processors for crypto.
  • Trusted Computing Platforms (TCPA, NGSCB)

– Secure SoCs

  • TI OMAP, NEC MP211
  • Logic-level

– Minimize side-channel leakage - Make timing, power independent

  • f data
  • Circuit, Layout, packaging

– Randomizing layout to make reverse engineering difficult – Scrambling bus lines – Sensors to detect environment variations or package removal

  • One shoe does not fit all!
  • Security solutions strongly tied to

the SOC architecture, resource constraints, attack model, ….and the bottomline

slide-9
SLIDE 9

Case Study: MOSES (Security Architecture of NEC’s MP211 mobile phone SoC)

Joint work with:

  • A. Raghunathan, M. Sankaradass, S. T. Chakradhar

NEC Labs America

  • H. Nakajima, T. Hasegawa, S. Ueno

NEC Electronics Corp.

slide-10
SLIDE 10

Srivaths Ravi NEC Labs America

Objectives/Requirements

  • Mobile phone will be used to run applications such

as secure browsing, VPN, DRM players, etc. – Must support SSL, IPSec, OMA DRM 2.0 – Must meet performance and power targets – Solution must be flexible

  • Security protocols/cryptographic algorithms may change

– Provide protection to any sensitive data or cryptographic keys against common attacks

slide-11
SLIDE 11

Srivaths Ravi NEC Labs America

MOSES : MObile SEcurity processing System

ARM0

Bridge

DMAC

ARM1 ARM2 SPXK5 DSP SRAM

FLASH I/F DRAM I/F

µ85 CoPro

BUS I/F

ScratchPad

CACHE

MOSES MOSES

SDRAM DATA FLASH

Certificates PINS

MOSES FW (code)

Linux Kernel

ARM0 ARM1 ARM2 MOSES

(data)

NEC NEC’ ’s MP211 s MP211 mobile mobile application application processor processor

Security Enforcement Module (SEM)

Shared memory

FLASH ROM

First fully

programmable mobile security engine

Custom instruction

set extensions provide > 10X security processing speedup

Novel SW

architecture for true protocol-level acceleration and multiprocessor systems

Secure boot and

run-time memory protection prevents software (virus) and physical (code modification) attacks

slide-12
SLIDE 12

Thank you.

slide-13
SLIDE 13

Srivaths Ravi NEC Labs America

Computation Requirements for Cryptography : Symmetric Encryption & Hashing

10Mbps @ 651.3 MIPS

MIPS requirements for symmetric encryption and hash algorithms

2.3 Mbps@150MIPS (~SA-1100 206MHz) 3.8 Mbps@ 250MIPS (~XScale 400MHz)

MP3 dec 50MIPS JPEG enc (2MP, 1sec) 200MIPS MPEG4 dec (CIF, 15fps) 250MIPS MPEG4 enc (CIF, 15fps) 800 MIPS

slide-14
SLIDE 14

Srivaths Ravi NEC Labs America

Battery Requirements for Security

  • Additional computation & communication drains

energy

3DES SHA Transmit/ Receive Other

44% 35% 18% 3%

IPSec on a Symbol PPT2800 Pocket PC

Source: Mishra et. al., ICC 2002

50 100 150 200

Battery runs

  • ut of power

Battery runs

  • ut of power
  • Avg. No. of Transactions

Encrypted Normal

Secure data collection on a wireless sensor node

Mobile Node

  • Motorola DragonBall MC68328
  • Sensoria WINS NG RF Subsystem

( 10 Kbps, 10mW power )

  • Sensoria WINS NG Battery Pack

( 7.2 V supplying 26 kJ)

Source: NAI Labs

slide-15
SLIDE 15

Srivaths Ravi NEC Labs America

REFERENCES

Survey Papers: *************

  • S. Ravi, A. Raghunathan, S. Hattangady, and J.-J Quisquater, "Emerging Challenges in Designing

Secure Mobile Appliances" in Ambient Intelligence: Impact on Embedded System Design , Kluwer Academic Publishers, November 2003

  • S. Ravi, A. Raghunathan, P. Kocher and S. Hattangady, "Security in Embedded Systems: Design

Challenges" in ACM Transactions on Embedded Computing Systems: Special Issue on Embedded Systems and Security , 2004

  • S. Ravi, A. Raghunathan and S. Chakradhar, “Tamper Resistance Mechanisms for Secure Embedded

Systems,” IEEE Intl. Conf. on VLSI Design, Jan. 2004.

  • P. Kocher, R. Lee, G. McGraw, A. Raghunathan and S. Ravi, “Security as a New Dimension in

Embedded System Design,” ACM/IEEE Design Automation Conference (DAC), June 2004. Books: ******

  • W. Stallings, Cryptography and Network Security: Principles and Practice. Prentice Hall, 1998.
  • B. Schneier, Applied Cryptography: Protocols, Algorithms and Source Code in C. John Wiley, 1996.
  • G. Hoglund and G. McGraw, Exploiting Software: How to Break Code, Addison-Wesley, 2004.
  • W. Rankl and W. Effing, Smart Card Handbook. John Wiley and Sons.
  • R. Anderson, Security Engineering - a Guide to Building Dependable Distributed Systems, John

Wiley, 2001