Upload
phoenix-keyworth
View
222
Download
3
Embed Size (px)
Citation preview
Ingrid Verbauwhede 1 March 2005
Low Power Embedded Security:Thumbpod embedded biometrics project
Ingrid VerbauwhedeUniversity of California, Los Angeles
Acknowledgements:D. Hwang, S. Yang, P. Schaumont, K. Tiri
and all other IVGroup membersFunded by: NSF, SRC, UC-Micro
www.emsec.ee.ucla.edu
Ingrid Verbauwhede 2 March 2005
Motivation
• Embedded biometrics• PDA’s, cell phones, smart cards, gadgets.. • Distributed, communicating, devices
• Secure ?• Low Energy ? • Distributed security ?
New York Times (1/24/05):
“A Virus Writer Tests the Limits in Cell phones”
Informationsdienst Wissenschaft (1/28/05):
Siemens eröffnet Labor für Seitenkanalattacken
Ingrid Verbauwhede 3 March 2005
Embedded Security Pyramid
Cipher Design,Biometrics
• Security is as strong as the weakest link!
DQ
Vcc
CPUCrypto
MEM
JCA
Java
JVM
CLK
Identification
ConfidentialityIntegrity
SIM
DQ
Vcc
CPU
MEM
JCA
Java
KVM
CLK
Protocol: Wireless authentication protocol design
Algorithm: Embedded fingerprint matchingalgorithms, crypto algorithms
Architecture: Co-design, HW/SW, SOC
Circuit: Circuit techniques to combat sidechannel analysis attacks
Micro-Architecture: co-processor design
Identification
ConfidentialityIntegrity
IdentificationIntegrity
SIMSIMSIM
Ingrid Verbauwhede 4 March 2005
Driver Application: ThumbPod
• Intelligent secure keychain device that recognizes owner biometrically
• Components: – Microcontroller with memory– Fingerprint sensor– Biometric signal processing– Security processing
• Communication: IR and USB• Applications:
– Secure credit cards, secure memory, access control, etc.
LOW POWER, LOW COST AND SECURE!
Ingrid Verbauwhede 5 March 2005
Thumbpod-I (FPGA)
Processor & co-processors• Xilinx Virtex-II FPGA• Embedded LEON 32-b Sparc
processor• Memory-mapped co-
processors on the AMBA APB bus
• Two UARTs– Communication with server– Authentec CMOS fingerprint
sensor
Xilinx Virtex-II FPGA
DFTCo-Proc.
AMBA AHB
APB Bridge
UART
LEON32- Sparc
Proc.
AESCo-Proc.
APB
Mem. Controller Boot PROM
32 MB SRAM
KVM
Application
NativeBiometrics
NativeSecurity
JAM
Embedded Software Architecture
Server
AuthentecAF-2
DAC student designcontest 2003 winner
Ingrid Verbauwhede 6 March 2005
Protocol- Motivation
• Security – communication – computation trade-off• Traditional model: multiple storage of template!
Biometric Engine
TemplateStorage
Server
FingerprintSensor
FeatureExtraction
Match /Decision
User
RESULT
ID Protocol Controller
Ingrid Verbauwhede 7 March 2005
Security – communication - computation
• 4 tasks – distribute between device and server– DC: Data collection (from sensor)– FE: Feature extraction (signal processing)– MD: Matching & Decision– TS: Storage
Server
Crypto Engine
Biometric Engine
TemplateStorage
FingerprintSensor
FeatureExtraction
Match /Decision
Crypto Engine
Protocol Controller
ID
Biometric Engine
TemplateHash
Protocol Controller
User
RESULT
WIRELESS
Device
Ingrid Verbauwhede 8 March 2005
Security Partitioning
Architecture
Micro-Architecture
Circuit
Protocol
Algorithm
F1
F2
F3
F4
F5
INSECUREFUNCTIONS
SECUREFUNCTIONS
SECURECO-PROCESSORARCHITECTURE
INSECURERISC PROCESSOR
ARCHITECTURE
PHYSICAL PROTECTIONMECHANISMS
NO PHYSICALPROTECTION
INSTRUCTIONS
BUSES
WIRES
DEVICE FUNCTIONS
Ingrid Verbauwhede 9 March 2005
RINGS: energy – flexibility - security
Networking Video
StandardAlgorithm
ArchitectureArchitecture
Circuit
Application Model: System = Software-integrated domains
Domain-Specific
Hardware
SoftwareNetworking
Medium accessBaseband ProcArchitecture
Circuit
Security
ProtocolAlgorithm
Architecture Architecture
Circuit
MEMORY
Reconfigurable Interconnect
CPU
RF
BasebandProcessing
VideoEngine
Crypto
Architecture Model: System = Flex. connected processors
Ingrid Verbauwhede 10 March 2005
Side-channel attacks
had seen active service, and was naturally regarded as a man of energy and spirit, he was much sought after and listened to by simpletons. Although hewas not the chief of any
1 1 1 1 0 1 1 0 1 1 0 0 1 0 1 1 1 0 1 1 1 0 0 1 1 0 0 0 1 1 1 1 1 1 1 0 0 0 0 0 0 0 1 0 1 0 1 0 0 0 0 0 1 0 0 1 0 1 0 1 0 0 1 0 1 0 0 0 1 1 0 1 0 0 0 1 0 0 0 0
power consumption, delay, electromagnetic radiation
Characteristics of encryption module may expose the key
Differential Power Analysis (DPA) Statistical analysis extract secret key Quick with relatively cheap setup
0 31 63
Subkey Guess
Secret Key
Ingrid Verbauwhede 11 March 2005
Security partitioning
Thumbpod-II• Processor & co-
processor• Security partitioning
– Secure ASIC– Regular processor
LEON Processor
ASIC NON-DPA
ASIC DPA
LEON Processor
Boot PROM I/F
AMBA Peripheral
Bus
ASIC NON-DPA
Fingerprint
ASIC DPA 32bits Memory Bus
Comparator
LEON Processor
ASIC NON-DPA
ASIC DPA
LEON Processor
AHB/APB
Bridge
Boot PROM I/F
Boot ROM
Memory
Controller
Integer Unit
AMBA Peripheral
Bus
AHB Controller
ASIC NON-DPA
Sensor
RS232
2MB SRAM
UART1
UART2
AES Coprocessor
ASIC DPA 32bits Memory Bus
Comparator
Template
Storage
D-Cache2KB
I-
Cache
-Cache2KBAHB I/F
Ingrid Verbauwhede 12 March 2005
DPA attack set-up
Here is a picture of a Differential Power attack set-up.It is however to big to upload on theServer.See www.emsec.ucla.edu forMore information.
Ingrid Verbauwhede 13 March 2005
WDDL vs. STD CELL: AES Power Traces
STD CELL WDDL
Encryptionstartpulse
Power supply current
Standard cells WDDL
Ingrid Verbauwhede 14 March 2005
Conclusion
Cipher Design,Biometrics
• Embedded Security is NOT a point solution
DQ
Vcc
CPUCrypto
MEM
JCA
Java
JVM
CLK
Identification
ConfidentialityIntegrity
SIM
DQ
Vcc
CPU
MEM
JCA
Java
KVM
CLK
Protocol: Security – Communication – Computation trade-off
Algorithm: Security partitioning
Architecture: RINGS & Gezel
Circuit: WDDL & Diff routing
Micro-Architecture: co-processor design
Identification
ConfidentialityIntegrity
IdentificationIntegrity
SIMSIMSIM
Systematic cross layer design techniques and optimizations
Ingrid Verbauwhede 15 March 2005
Discussion
• Our goal (NSF): provide ENABLING TECHNOLOGIES• Secure storage to avoid identity theft of biometrics!
– Single storage instead of multiple storage– Storage with the user/customer
Privacy - social impact
If one TP stolen, only biometrics of one person is gone– Store in “hashed” version:
mathematical/crypto/embedded design issue– Multi mode biometrics
• Ultra low power Trusted compute platforms– Architectures, HW/SW co-design techniques– For Smart-cards, RF-ID tags, sensor nodes, etc.
Ingrid Verbauwhede 16 March 2005
[1] Amphion CS5230 on Virtex2 + Xilinx Virtex2 Power Estimator
[2] Helger Lipmaa PIII assembly handcoded + Intel Pentium III (1.13 GHz) Datasheet
[3] gcc, 1 mW/MHz @ 120 Mhz Sparc – assumes 0.25 um CMOS
[4] Java on KVM (Sun J2ME, non-JIT) on 1 mW/MHz @ 120 MHz Sparc – assumes 0.25 um CMOS
648 Mbits/secAsmPentium III [2] 41.4 W 0.015 (1/1900)
Java [4]Emb. Sparc 450 bits/sec 120 mW 0.0000037
(1/9600000)
CEmb. Sparc [3] 133 Kbits/sec 0.0011
(1/33000)
56 mW
Power
1.32 Gbit/secFPGA [1]
35.7 (1/1)2 Gbits/sec0.18m CMOS
Figure of Merit(Gb/s/W)
ThroughputAES 128bit key128bit data
490 mW 2.7 (1/11)
120 mW
Throughput – Energy numbers