tee boot procedure with crypto accelerators in risc v
play

TEE Boot Procedure with Crypto-accelerators in RISC-V Processors - PowerPoint PPT Presentation

Apr 09, 2023 •125 likes •470 views

TEE Boot Procedure with Crypto-accelerators in RISC-V Processors Authors: Ckristian Duran, Trong-Thuc Hoang, Akira Tsukamoto, Kuniyasu Suzaki, and Cong-Kha Pham Outline Motivation Hardware Structure for Trusted Execution Environments

  1. TEE Boot Procedure with Crypto-accelerators in RISC-V Processors Authors: Ckristian Duran, Trong-Thuc Hoang, Akira Tsukamoto, Kuniyasu Suzaki, and Cong-Kha Pham

  2. Outline ● Motivation ● Hardware Structure for Trusted Execution Environments ● Boot Procedure with Crypto-accelerators ● Implementation Results ● Conclusions 2

  3. Outline ● Motivation ● Hardware Structure for Trusted Execution Environments ● Boot Procedure with Crypto-accelerators ● Implementation Results ● Conclusions 3

  4. RISC-V Processor Privilege Modes 0x00000000 Debug Reset Vector ROM Devices RAM 0xFFFFFFFF RISC-V Processor M-mode 4

  5. RISC-V Processor Privilege Modes 0x00000000 Debug ROM - Boot Procedure Reset Vector ROM Copy Store Jump to BOOTLDR BOOTLDR BOOTLDR from SD in RAM in RAM Devices SD SD commands Card through a SPI Device RAM 0xFFFFFFFF RISC-V Processor M-mode 5

  6. RISC-V Processor Privilege Modes 0x00000000 Debug ROM - Boot Procedure Reset Vector ROM Copy Store Jump to BOOTLDR BOOTLDR BOOTLDR from SD in RAM in RAM Devices BOOTLDR RAM 0xFFFFFFFF RISC-V Processor M-mode 6

  7. RISC-V Processor Privilege Modes 0x00000000 Debug ROM - Boot Procedure ROM Copy Store Jump to BOOTLDR BOOTLDR BOOTLDR from SD in RAM in RAM Devices Execution BOOTLDR RAM 0xFFFFFFFF RISC-V Processor M-mode 7

  8. RISC-V Processor Privilege Modes 0x00000000 0x00000000 Debug Debug ROM Devices Devices Execution BOOTLDR The bootloader extracts Linux and RAM executes it in Execution Linux Supervisor-Mode RAM 0xFFFFFFFF 0xFFFFFFFF RISC-V Processor RISC-V Processor M-mode S-mode 8

  9. RISC-V Processor Privilege Modes 0x00000000 0x00000000 0x00000000 Debug Debug ROM PID 1 Execution App 1 Memory Devices Devices App 2 PID 2 Memory Execution Execution BOOTLDR RAM Execution Linux RAM 0xFFFFFFFF 0xFFFFFFFF 0xFFFFFFFF RISC-V Processor RISC-V Processor RISC-V Processor M-mode S-mode U-mode 9

  10. Non-Protected Applications 0x00000000 Malicious applications can access and execute code arbitrarily. Some attacks PID 1 are: Execution App 1 Memory ● Cache manipulation App 2 ● Privilege mode escalation Memory ● Controlled power glitches PID 2 Malicious Execution App 0xFFFFFFFF RISC-V Processor U-mode 10

  11. Making a Secure Environment 0x00000000 0x00000000 Debug PID 1 Execution App 1 Memory Devices Sign App 2 PID 2 Memory Execution Sign Linux only executes the application if the Execution signature is Linux authenticated. RAM 0xFFFFFFFF 0xFFFFFFFF RISC-V Processor RISC-V Processor S-mode U-mode 11

  12. Making a Secure Environment 0x00000000 0x00000000 Debug PID 1 Once the signature Execution App 1 verification is performed, Memory Devices the attack can rewrite the Sign instructions of any application to execute App 2 unsigned code . Memory Sign PID 2 Unsigned Execution Linux Execution Code RAM 0xFFFFFFFF 0xFFFFFFFF RISC-V Processor RISC-V Processor S-mode U-mode 12

  13. Making the Trusted Execution Environment 0x00000000 0x00000000 0x00000000 Debug Debug ROM PID 1 Execution App 1 Interface Devices Devices Sign Signature and Execution are App 1 performed in the Execution BOOTLDR highest privileged mode RAM Execution Linux RAM 0xFFFFFFFF 0xFFFFFFFF 0xFFFFFFFF RISC-V Processor RISC-V Processor RISC-V Processor M-mode S-mode U-mode 13

  14. RISC-V Lack of Crypto-Hardware Signature Procedure Elliptic App 1 Generate Hashing Curve 16KB Memory Keypair Sign / Ver 164ms at 100MHz clock 14

  15. RISC-V Lack of Crypto-Hardware Signature Procedure Elliptic App 1 Generate Hashing Curve 16KB Memory Keypair Sign / Ver 164ms at 100MHz clock Signature Procedure Elliptic BOOTLDR Generate 2MB Hashing Curve + Linux Keypair Sign / Ver 18.5s at 100MHz clock 15

  16. Outline ● Motivation ● Hardware Structure for Trusted Execution Environment ● Boot Procedure with Crypto-accelerators ● Implementation Results ● Conclusions 16

  17. SoC Architecture ROCKET COREPLEX ROCKET RISC-V CORE 1 ROCKET RISC-V CORE 2 I$ D$ I$ D$ TILELINK SYSTEM BUS (SBUS) MBUS TILELINK PERIPHERAL BUS (PBUS) TL to AXI4 SPI (as SPI (as DDR SHA-3 UART GPIO ROM) MMC) controller 17

  18. SHA-3 Device Architecture 18

  19. SHA-3 Device Architecture 19

  20. SHA-3 Device Architecture 20

  21. SHA-3 Device Architecture 21

  22. Outline ● Motivation ● Hardware Structure for Trusted Execution Environments ● Boot Procedure with Crypto-accelerators ● Implementation Results ● Conclusions 22

  23. SoC Memory Map 0x00000000 Debug ROM - Boot Procedure Reset Vector ZSBL Calculate Generate Copy BBL Generate SHA3 Keypair from SD Signature (H s ) (S K ,P K ) Devices UART SPI: Contains SD Card BBL RAM SHA3 ED25519 Crypto Sign Acc 0xFFFFFFFF ED25519 RISC-V Processor Base Mult M-mode 23

  24. Boot Procedure 0x00000000 Debug ROM - Boot Procedure Reset Vector ZSBL Calculate Generate Copy BBL Generate SHA3 Keypair from SD Signature (H s ) (S K ,P K ) Devices UART SPI: Contains SD BBL The BBL is copied to Card BBL the main memory SM from a untrusted SHA3 source (SD card). Free This also creates the Mem ED25519 Crypto Secure Monitor ( SM ) Sign Acc 0xFFFFFFFF ED25519 RISC-V Processor Base Mult M-mode 24

  25. Boot Procedure 0x00000000 Debug ROM - Boot Procedure Reset Vector ZSBL Calculate Generate Copy BBL Generate SHA3 Keypair from SD Signature (H s ) (S K ,P K ) Devices UART Payload SPI: Contains SD BBL Card BBL The BBL is hashed SM using the SHA-3 SHA3 hardware by Free pushing registers to Mem ED25519 Crypto the device. Sign Acc 0xFFFFFFFF ED25519 RISC-V Processor Base Mult M-mode 25

  26. Boot Procedure 0x00000000 Debug ROM - Boot Procedure Reset Vector ZSBL Calculate Generate Copy BBL Generate SHA3 Keypair from SD Signature (H s ) (S K ,P K ) Devices UART SPI: Contains SD BBL Card BBL The previous hash is SM used by the SHA3 ED25519 base-point Free Hash (H s ) multiplier to create Mem ED25519 Crypto the Keypair (S K ,P K ) Sign Acc 0xFFFFFFFF ED25519 RISC-V Processor Base Mult M-mode 26

  27. Boot Procedure 0x00000000 Debug ROM - Boot Procedure Reset Vector ZSBL Calculate Generate Copy BBL Generate SHA3 Keypair from SD Signature (H s ) (S K ,P K ) Devices UART SPI: Contains SD BBL Card BBL The Keypair and Auxiliar some auxiliar SM Hashes SHA3 hashes are used to Sign calculate the ED25519 Crypto signature. Sign Acc 0xFFFFFFFF ED25519 Keypair RISC-V Processor Base Mult (S K ,P K ) M-mode 27

  28. Outline ● Motivation ● Hardware Structure for Trusted Execution Environments ● Boot Procedure with Crypto-accelerators ● Implementation Results ● Conclusions 28

  29. Implementation Results Table 1: Synthesis result on Stratix-IV GX Altera FPGA. SHA-3 RocketTile ALUTs 8108 24332 FFs 2790 15325 RAM Bits 0 17680 DSP 0 32 Total 10898 57369 Logic Utilization 3.4% 12.4% RAM Utilization 0% 1% DSP Utilization 0% 2.4% 29

  30. Implementation Results Figure 1: Comparison between software and hardware with different bootloader sizes. Table 2: Execution results for Ed25519 task. 2MB Bootloader Software HW SHA-3 with SW Ed25519 Ed25519 keypair (ms) 109.5 93.4 Ed25519 signature (ms) 231019 82.6 30

  31. Outline ● Motivation ● Hardware Structure for Trusted Execution Environments ● Boot Procedure with Crypto-accelerators ● Implementation Results ● Conclusions 31

  32. Conclusions ● We presented a system platform for trusted execution environments (TEEs) featuring the SHA-3 accelerator. ● ISC-V core with RV64IMAFDC ISA using the Rocket chip generator. ● The SHA-3 accelerator hashes data using a 64-bit register as input. ● The software authenticates the bootloader and utilizes the accelerators. ● The execution time drops significantly compared to software. 32

  33. Questions? 33

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Running a FireSim Simulation: Password Cracking on a RISC-V SoC with SHA-3 Accelerators and Linux

Running a FireSim Simulation: Password Cracking on a RISC-V SoC with SHA-3 Accelerators and Linux

Running a FireSim Simulation: Password Cracking on a RISC-V SoC with SHA-3 Accelerators and Linux https://fires.im @firesimproject MICRO Tutorial 2019 Albert Ou Agenda Configure and launch a simulation runfarm Boot Linux interactively

770 views • 28 slides
The Standardized Boot flow for RISC-V Platforms - Jagan Teki, Amarula Solutions(India) CRVA

The Standardized Boot flow for RISC-V Platforms - Jagan Teki, Amarula Solutions(India) CRVA

The Standardized Boot flow for RISC-V Platforms - Jagan Teki, Amarula Solutions(India) CRVA Technical Seminar (CRVS 2020) Jagan Teki Co-Founder, CEO at Amarula Solutions India Business development and customer handling. Amarula

991 views • 20 slides
CRYPTO HERE, CRYPTO THERE, CRYPTO, CRYPTO EVERYWHERE WORLD AQUATIC HEALTH CONFERENCE

CRYPTO HERE, CRYPTO THERE, CRYPTO, CRYPTO EVERYWHERE WORLD AQUATIC HEALTH CONFERENCE

CRYPTO HERE, CRYPTO THERE, CRYPTO, CRYPTO EVERYWHERE WORLD AQUATIC HEALTH CONFERENCE WILLIAMSBURG, VA THURSDAY, OCTOBER 17 TH , 2019 JOHN KELLY, PE IOWA DEPARTMENT OF PUBLIC HEALTH DISCLAIMER THIS PRESENTATION: IS INTENDED FOR

843 views • 40 slides
The future of operating systems on RISC-V Alex Bradbury asb@lowrisc.org @asbradbury 4th

The future of operating systems on RISC-V Alex Bradbury asb@lowrisc.org @asbradbury 4th

The future of operating systems on RISC-V Alex Bradbury asb@lowrisc.org @asbradbury 4th March 2019 Structure of this talk Introduction to RISC-V RISC-V status Selected RISC-V topics RISC-V and open hardware: the future

733 views • 28 slides
RE-FRAME LET'S MAKE A CLOCK (WOW!) TO UNDERSTAND RE-FRAME, YOU MUST BE ABLE TO LIVE WITHOUT IT.

RE-FRAME LET'S MAKE A CLOCK (WOW!) TO UNDERSTAND RE-FRAME, YOU MUST BE ABLE TO LIVE WITHOUT IT.

RE-FRAME LET'S MAKE A CLOCK (WOW!) TO UNDERSTAND RE-FRAME, YOU MUST BE ABLE TO LIVE WITHOUT IT. BOOT https://github.com/boot-clj/boot BOOT TEMPLATES boot -d seancorfield/boot-new new -t tenzing -n <name> [+a <option>]* $ cd

566 views • 22 slides
Roadmap 1. Instruction Set Architectures (ISA) What is CISC? What is RISC? Why did RISC prevail

Roadmap 1. Instruction Set Architectures (ISA) What is CISC? What is RISC? Why did RISC prevail

Roadmap 1. Instruction Set Architectures (ISA) What is CISC? What is RISC? Why did RISC prevail in the instruction set wars? Describe a simple RISC ISA called DLX 2. Designing a simple DLX processor: Single Cycle Implementation Multiple

1.01k views • 21 slides
Roadmap 1. Instruction Set Architectures (ISA) What is CISC? What is RISC? Why did RISC prevail

Roadmap 1. Instruction Set Architectures (ISA) What is CISC? What is RISC? Why did RISC prevail

Roadmap 1. Instruction Set Architectures (ISA) What is CISC? What is RISC? Why did RISC prevail in the instruction set wars? Describe a simple RISC ISA called DLX 2. Designing a simple DLX processor: Single Cycle Implementation Multiple

753 views • 11 slides
GRVI Phalanx Update: A Massively Parallel RISC-V FPGA Accelerator Framework Jan Gray |

GRVI Phalanx Update: A Massively Parallel RISC-V FPGA Accelerator Framework Jan Gray |

GRVI Phalanx Update: A Massively Parallel RISC-V FPGA Accelerator Framework Jan Gray | jan@fpga.org | http://fpga.org CARRV2017: 2017/10/14 FPGA Datacenter Accelerators Are Almost Mainstream Catapult v2. Intel += Altera. OpenPOWER CAPI. AWS

508 views • 28 slides
Introduction to Unification Theory Higher-Order Unification Temur Kutsia RISC, Johannes Kepler

Introduction to Unification Theory Higher-Order Unification Temur Kutsia RISC, Johannes Kepler

Introduction to Unification Theory Higher-Order Unification Temur Kutsia RISC, Johannes Kepler University of Linz, Austria kutsia@risc.jku.at Overview Introduction Preliminaries Higher-Order Unification Procedure Outline Introduction

1.53k views • 130 slides
Secure Boot mistakes Jasper van Woudenberg (Job de Haas) jasper@riscure.com @jzvw 1 Secure

Secure Boot mistakes Jasper van Woudenberg (Job de Haas) jasper@riscure.com @jzvw 1 Secure

Top 10 Secure Boot mistakes Jasper van Woudenberg (Job de Haas) jasper@riscure.com @jzvw 1 Secure Boot Theory Internal boot ROM 1 st stage boot loader N th stage Verify signature Optional decrypt boot loader OS / Application 2

517 views • 25 slides
Confidential Accelerators Stavros Volos Microsoft Research Accelerators Play Pivotal Role in

Confidential Accelerators Stavros Volos Microsoft Research Accelerators Play Pivotal Role in

Confidential Accelerators Stavros Volos Microsoft Research Accelerators Play Pivotal Role in Cloud GPU, FPGA, AI Accelerators (e.g., Brainwave, TPU) Increasing compute performance and bandwidth E.g., Nvidia V100 offers 14 TFLOPS & ~1

300 views • 12 slides
Applications on Heterogeneous Platforms with Accelerators Accelerators and Hybrid Exascale

Applications on Heterogeneous Platforms with Accelerators Accelerators and Hybrid Exascale

TStream: Scaling Data-Intensive Applications on Heterogeneous Platforms with Accelerators Accelerators and Hybrid Exascale Systems, IPDPS12 25 th May 2012, Shanghai, China. Ana Balevic, Bart Kienhuis University of Leiden The Netherlands

493 views • 16 slides
LOGIC TECHNOLOGY FOR CS EDUCATION RISCAL The RISC Algorithm Language Wolfgang Schreiner

LOGIC TECHNOLOGY FOR CS EDUCATION RISCAL The RISC Algorithm Language Wolfgang Schreiner

LOGIC TECHNOLOGY FOR CS EDUCATION RISCAL The RISC Algorithm Language Wolfgang Schreiner Research Institute for Symbolic Computation (RISC) Wolfgang.Schreiner@risc.jku.at http://www.risc.jku.at Systematic Problem Solving A key competence

592 views • 24 slides
PROCESSOR DEVELOPMENT THE FREE AND OPEN RISC INSTRUCTION SET ARCHITECTURE Codasip is the

PROCESSOR DEVELOPMENT THE FREE AND OPEN RISC INSTRUCTION SET ARCHITECTURE Codasip is the

ENHANCED TOOLS FOR RISC-V PROCESSOR DEVELOPMENT THE FREE AND OPEN RISC INSTRUCTION SET ARCHITECTURE Codasip is the leading provider of RISC-V processor IP Codasip Bk : A portfolio of RISC-V processors Uniquely providing design automation tools

318 views • 9 slides
LOGIC TECHNOLOGY FOR CS EDUCATION RISCAL The RISC Algorithm Language Wolfgang Schreiner

LOGIC TECHNOLOGY FOR CS EDUCATION RISCAL The RISC Algorithm Language Wolfgang Schreiner

LOGIC TECHNOLOGY FOR CS EDUCATION RISCAL The RISC Algorithm Language Wolfgang Schreiner Research Institute for Symbolic Computation (RISC) Wolfgang.Schreiner@risc.jku.at http://www.risc.jku.at Systematic Problem Solving A key competence

1.25k views • 73 slides
I Boot when U-Boot @bernardomr (MIA) @_evict 1 / 44 Agenda 1. Introduction 2. The target device

I Boot when U-Boot @bernardomr (MIA) @_evict 1 / 44 Agenda 1. Introduction 2. The target device

I Boot when U-Boot @bernardomr (MIA) @_evict 1 / 44 Agenda 1. Introduction 2. The target device 3. The bootkit 4. Defending / Detecting 2 / 44 Introduction Vincent Works at KPN REDteam Likes Linux and low-level stu Located in Amsterdam

792 views • 44 slides
Automatic Layout Generation with Applications in Machine Learning Engine Evaluation Haoyu Yang 1 ,

Automatic Layout Generation with Applications in Machine Learning Engine Evaluation Haoyu Yang 1 ,

Automatic Layout Generation with Applications in Machine Learning Engine Evaluation Haoyu Yang 1 , Wen Chen 1 , Piyush Pathak 2 , Frank Gennari 2 , Ya-Chieh Lai 2 , Bei Yu 1 1 The Chinese University of Hong Kong 2 Cadence Design Systems, Inc. 1 /

353 views • 18 slides
THIRD QUARTER 2019 CONFERENCE CALL 1 phillips66.com | NYSE: PSX CAUTIONARY STATEMENT

THIRD QUARTER 2019 CONFERENCE CALL 1 phillips66.com | NYSE: PSX CAUTIONARY STATEMENT

Ponca City Refinery Ponca City, Oklahoma October 25, 2019 THIRD QUARTER 2019 CONFERENCE CALL 1 phillips66.com | NYSE: PSX CAUTIONARY STATEMENT This presentation contains certain forward-looking statements within the meaning of Section

431 views • 39 slides
Outline 2 Outline 2 ZSim core simulation techniques Outline 2 ZSim core simulation

Outline 2 Outline 2 ZSim core simulation techniques Outline 2 ZSim core simulation

ZSim Tutorial MICRO 2015 S TATS AND C ONFIGURATION Core Models Po-An Tsai Outline 2 Outline 2 ZSim core simulation techniques Outline 2 ZSim core simulation techniques ZSim core structure I1D I1I Simple IPC 1 core

1.96k views • 120 slides
Uncertainty 10 AI Slides (5e) c Lin Zuoquan@PKU 2003-2019 10 1 10 Uncertainty 10.1

Uncertainty 10 AI Slides (5e) c Lin Zuoquan@PKU 2003-2019 10 1 10 Uncertainty 10.1

Uncertainty 10 AI Slides (5e) c Lin Zuoquan@PKU 2003-2019 10 1 10 Uncertainty 10.1 Uncertainty 10.2 Probability Syntax and semantics Inference Independence Bayes rule 10.3 Bayesian networks 10.4 Probabilistic reasoning

1.38k views • 102 slides
Special and Extra Special Groups Generalised Bestvina-Brady groups Special Cube Complexes My

Special and Extra Special Groups Generalised Bestvina-Brady groups Special Cube Complexes My

Special and Extra Special Groups Vladimir Vankov Bestvina-Brady groups Special and Extra Special Groups Generalised Bestvina-Brady groups Special Cube Complexes My work Vladimir Vankov 8 February 2019 Special and Extra Outline

680 views • 21 slides
1 If BBL can solve problem itself General control world model is updated situations are

1 If BBL can solve problem itself General control world model is updated situations are

InterRap Architecture Behavior Based Layer Patterns of Behavior PoBs Patterns of Behavior (PoBs) Sample representation POB :name avoid-collision :type physical :participants self, A:agent :situational_context at(self,

493 views • 7 slides
ConocoPhillips Alaska: Posi0oning for the Future Jo Joe Marushac Marushack, k, Pr Preside

ConocoPhillips Alaska: Posi0oning for the Future Jo Joe Marushac Marushack, k, Pr Preside

ConocoPhillips Alaska: Posi0oning for the Future Jo Joe Marushac Marushack, k, Pr Preside sident t - Alask laska a November 18, 2015 Cau0onary Statement & Safe Harbor The following presenta0on includes forward-looking statements.

544 views • 16 slides
Positioning for Growth Second Quarter 2018 Earnings Release Conference Call Presentation August

Positioning for Growth Second Quarter 2018 Earnings Release Conference Call Presentation August

Positioning for Growth Second Quarter 2018 Earnings Release Conference Call Presentation August 3, 2018 Advisories This presentation contains forward-looking statements. All statements, other than statements of historical fact that address

622 views • 16 slides

More recommend