10,545 research outputs found
Crypto Embedded System for Electronic Document
In this paper, a development of low-cost RSA-based Crypto Embedded System targeted for electronic document security is presented. The RSA algorithm is implemented in a re-configurable hardware, in this case Field Programmable Gate
Array (FPGA). The 32-bit soft cores of AlteraÂ’s Nios RISC processor is used as the basic building blocks of the proposed complete embedded solutions. AlteraÂ’s SOPC Builder is used to facilitate the development of crypto embedded system, particularly in hardware/software integration stage. The use of Cryptographic Application Programming Interface (CAPI) to bridge the application and the hardware, and the associated communication layer in the embedded system is also discussed. The result obtained shows that the crypto embedded system provides a suitable compromise between the constraints of speed, space and required security level based on the specific demands of targeted applications
A FPGA-Based Reconfigurable Software Architecture for Highly Dependable Systems
Nowadays, systems-on-chip are commonly equipped with reconfigurable hardware. The use of hybrid architectures based on a mixture of general purpose processors and reconfigurable components has gained importance across the scientific community allowing a significant improvement of computational performance. Along with the demand for performance, the great sensitivity of reconfigurable hardware devices to physical defects lead to the request of highly dependable and fault tolerant systems. This paper proposes an FPGA-based reconfigurable software architecture able to abstract the underlying hardware platform giving an homogeneous view of it. The abstraction mechanism is used to implement fault tolerance mechanisms with a minimum impact on the system performanc
Towards the Model-Driven Engineering of Secure yet Safe Embedded Systems
We introduce SysML-Sec, a SysML-based Model-Driven Engineering environment
aimed at fostering the collaboration between system designers and security
experts at all methodological stages of the development of an embedded system.
A central issue in the design of an embedded system is the definition of the
hardware/software partitioning of the architecture of the system, which should
take place as early as possible. SysML-Sec aims to extend the relevance of this
analysis through the integration of security requirements and threats. In
particular, we propose an agile methodology whose aim is to assess early on the
impact of the security requirements and of the security mechanisms designed to
satisfy them over the safety of the system. Security concerns are captured in a
component-centric manner through existing SysML diagrams with only minimal
extensions. After the requirements captured are derived into security and
cryptographic mechanisms, security properties can be formally verified over
this design. To perform the latter, model transformation techniques are
implemented in the SysML-Sec toolchain in order to derive a ProVerif
specification from the SysML models. An automotive firmware flashing procedure
serves as a guiding example throughout our presentation.Comment: In Proceedings GraMSec 2014, arXiv:1404.163
Platform for Testing and Evaluation of PUF and TRNG Implementations in FPGAs
Implementation of cryptographic primitives like
Physical Unclonable Functions (PUFs) and True Random Number
Generators (TRNGs) depends significantly on the underlying
hardware. Common evaluation boards offered by FPGA vendors
are not suitable for a fair benchmarking, since they have different
vendor dependent configuration and contain noisy switching
power supplies. The proposed hardware platform is primary
aimed at testing and evaluation of cryptographic primitives
across different FPGA and ASIC families. The modular platform
consists of a motherboard and exchangeable daughter board
modules. These are designed to be as simple as possible to
allow cheap and independent evaluation of cryptographic blocks
and namely PUFs. The motherboard is based on the Microsemi
SmartFusion 2 SoC FPGA. It features a low-noise power supply,
which simplifies evaluation of vulnerability to the side channel
attacks. It provides also means of communication between the
PC and the daughter module. Available software tools can be
easily customized, for example to collect data from the random
number generator located in the daughter module and to read it
via USB interface. The daughter module can be plugged into
the motherboard or connected using an HDMI cable to be
placed inside a Faraday cage or a temperature control chamber.
The whole platform was designed and optimized to fullfil the
European HECTOR project (H2020) requirements
Implementing a protected zone in a reconfigurable processor for isolated execution of cryptographic algorithms
We design and realize a protected zone inside a reconfigurable and extensible embedded RISC processor for isolated execution of cryptographic algorithms. The protected zone is a collection of processor subsystems such as functional units optimized for high-speed execution of integer operations, a small amount of local memory, and general and special-purpose registers. We outline the principles for secure software implementation of cryptographic algorithms
in a processor equipped with the protected zone. We also demonstrate the efficiency and effectiveness of the protected zone by implementing major cryptographic algorithms, namely RSA, elliptic curve cryptography, and AES in the protected zone. In terms of time efficiency, software implementations
of these three cryptographic algorithms outperform equivalent software implementations on similar processors reported in the literature. The protected zone is designed in such a modular fashion that it can easily be integrated into any RISC processor; its area overhead is considerably moderate in the sense that
it can be used in vast majority of embedded processors. The protected zone can also provide the necessary support to implement TPM functionality within the boundary of a processor
Quantum Key Distribution (QKD) and Commodity Security Protocols: Introduction and Integration
We present an overview of quantum key distribution (QKD), a secure key
exchange method based on the quantum laws of physics rather than computational
complexity. We also provide an overview of the two most widely used commodity
security protocols, IPsec and TLS. Pursuing a key exchange model, we propose
how QKD could be integrated into these security applications. For such a QKD
integration we propose a support layer that provides a set of common QKD
services between the QKD protocol and the security applicationsComment: 12Page
- …