384 research outputs found
An IoT Endpoint System-on-Chip for Secure and Energy-Efficient Near-Sensor Analytics
Near-sensor data analytics is a promising direction for IoT endpoints, as it
minimizes energy spent on communication and reduces network load - but it also
poses security concerns, as valuable data is stored or sent over the network at
various stages of the analytics pipeline. Using encryption to protect sensitive
data at the boundary of the on-chip analytics engine is a way to address data
security issues. To cope with the combined workload of analytics and encryption
in a tight power envelope, we propose Fulmine, a System-on-Chip based on a
tightly-coupled multi-core cluster augmented with specialized blocks for
compute-intensive data processing and encryption functions, supporting software
programmability for regular computing tasks. The Fulmine SoC, fabricated in
65nm technology, consumes less than 20mW on average at 0.8V achieving an
efficiency of up to 70pJ/B in encryption, 50pJ/px in convolution, or up to
25MIPS/mW in software. As a strong argument for real-life flexible application
of our platform, we show experimental results for three secure analytics use
cases: secure autonomous aerial surveillance with a state-of-the-art deep CNN
consuming 3.16pJ per equivalent RISC op; local CNN-based face detection with
secured remote recognition in 5.74pJ/op; and seizure detection with encrypted
data collection from EEG within 12.7pJ/op.Comment: 15 pages, 12 figures, accepted for publication to the IEEE
Transactions on Circuits and Systems - I: Regular Paper
Crypto accelerators for power-efficient and realtime on-chip implementation of secure algorithms
The demand for data exchange is ever growing. Internet of Things (IoT), industry 4.0, smart city and next-generation interconnected vehicles are some examples of scenarios in which a high volume of nodes share data across networks. Hence, the data protection plays a fundamental aspect to avoid disclosure or manipulation of sensitive information and disruption of services, particularly in safety critical applications. On the other hand, also the compute power at disposal of possible attackers and hackers is growing, and next-future post-quantum capabilities will require the usage of longer keys, certificates and digital signatures, to preserve the security level offered by cryptographic functions. This will affect not only the amount of exchange data, but also the computational resources to secure data, increasing processing time, latencies and power consumption, and lowering data rates. In this work, we investigate different implementation strategies to overcome such performance limitations. This work provides a comparison among pure software approach (both on 32b and 64b processors) and hardware-based solutions we developed for FPGA and ASIC System-on-Chip platforms, for the most common symmetric-key and public-key cryptographic algorithms. The proposed hardware accelerators feature one order of magnitude higher throughput (and lower latency) and more than two orders lower power consumption than their software counterparts. A highly configurable cryptographic suite is proposed that can be customized according to the application requirements and thus able to increase as much as possible the efficiency in terms of energy per enciphered bits per secon
A Guideline on Pseudorandom Number Generation (PRNG) in the IoT
Random numbers are an essential input to many functions on the Internet of
Things (IoT). Common use cases of randomness range from low-level packet
transmission to advanced algorithms of artificial intelligence as well as
security and trust, which heavily rely on unpredictable random sources. In the
constrained IoT, though, unpredictable random sources are a challenging desire
due to limited resources, deterministic real-time operations, and frequent lack
of a user interface.
In this paper, we revisit the generation of randomness from the perspective
of an IoT operating system (OS) that needs to support general purpose or
crypto-secure random numbers. We analyse the potential attack surface, derive
common requirements, and discuss the potentials and shortcomings of current IoT
OSs. A systematic evaluation of current IoT hardware components and popular
software generators based on well-established test suits and on experiments for
measuring performance give rise to a set of clear recommendations on how to
build such a random subsystem and which generators to use.Comment: 43 pages, 11 figures, 11 table
IXIAM: ISA EXtension for Integrated Accelerator Management
During the last few years, hardware accelerators have been gaining popularity thanks to their ability to achieve higher performance and efficiency than classic general-purpose solutions. They are fundamentally shaping the current generations of Systems-on-Chip (SoCs), which are becoming increasingly heterogeneous. However, despite their widespread use, a standard, general solution to manage them while providing speed and consistency has not yet been found. Common methodologies rely on OS mediation and a mix of user-space and kernel-space drivers, which can be inefficient, especially for fine-grained tasks. This paper addresses these sources of inefficiencies by proposing an ISA eXtension for Integrated Accelerator Management (IXIAM), a cost-effective HW-SW framework to control a wide variety of accelerators in a standard way, and directly from the cores. The proposed instructions include reservation, work offloading, data transfer, and synchronization. They can be wrapped in a high-level software API or even integrated into a compiler. IXIAM features also a user-space interrupt mechanism to signal events directly to the user process. We implement it as a RISC-V extension in the gem5 simulator and demonstrate detailed support for complex accelerators, as well as the ability to specify sequences of memory transfers and computations directly from the ISA and with significantly lower overhead than driver-based schemes. IXIAM provides a performance advantage that is more evident for small and medium workloads, reaching around 90x in the best case. This way, we enlarge the set of workloads that would benefit from hardware acceleration
PASCAL: Timing SCA Resistant Design and Verification Flow
A large number of crypto accelerators are being deployed with the widespread
adoption of IoT. It is vitally important that these accelerators and other
security hardware IPs are provably secure. Security is an extra functional
requirement and hence many security verification tools are not mature. We
propose an approach/flow-PASCAL-that works on RTL designs and discovers
potential Timing Side-Channel Attack(SCA) vulnerabilities in them. Based on
information flow analysis, this is able to identify Timing Disparate Security
Paths that could lead to information leakage. This flow also (automatically)
eliminates the information leakage caused by the timing channel. The insertion
of a lightweight Compensator Block as balancing or compliance FSM removes the
timing channel with minimum modifications to the design with no impact on the
clock cycle time or combinational delay of the critical path in the circuit.Comment: Total page number: 4 pages; Figures: 5 figures; conference: 25th IEEE
International Symposium on On-Line Testing and Robust System Design 201
Hardware Architectures for Post-Quantum Cryptography
The rapid development of quantum computers poses severe threats to many commonly-used cryptographic algorithms that are embedded in different hardware devices to ensure the security and privacy of data and communication. Seeking for new solutions that are potentially resistant against attacks from quantum computers, a new research field called Post-Quantum Cryptography (PQC) has emerged, that is, cryptosystems deployed in classical computers conjectured to be secure against attacks utilizing large-scale quantum computers. In order to secure data during storage or communication, and many other applications in the future, this dissertation focuses on the design, implementation, and evaluation of efficient PQC schemes in hardware. Four PQC algorithms, each from a different family, are studied in this dissertation. The first hardware architecture presented in this dissertation is focused on the code-based scheme Classic McEliece. The research presented in this dissertation is the first that builds the hardware architecture for the Classic McEliece cryptosystem. This research successfully demonstrated that complex code-based PQC algorithm can be run efficiently on hardware. Furthermore, this dissertation shows that implementation of this scheme on hardware can be easily tuned to different configurations by implementing support for flexible choices of security parameters as well as configurable hardware performance parameters. The successful prototype of the Classic McEliece scheme on hardware increased confidence in this scheme, and helped Classic McEliece to get recognized as one of seven finalists in the third round of the NIST PQC standardization process. While Classic McEliece serves as a ready-to-use candidate for many high-end applications, PQC solutions are also needed for low-end embedded devices. Embedded devices play an important role in our daily life. Despite their typically constrained resources, these devices require strong security measures to protect them against cyber attacks. Towards securing this type of devices, the second research presented in this dissertation focuses on the hash-based digital signature scheme XMSS. This research is the first that explores and presents practical hardware based XMSS solution for low-end embedded devices. In the design of XMSS hardware, a heterogenous software-hardware co-design approach was adopted, which combined the flexibility of the soft core with the acceleration from the hard core. The practicability and efficiency of the XMSS software-hardware co-design is further demonstrated by providing a hardware prototype on an open-source RISC-V based System-on-a-Chip (SoC) platform. The third research direction covered in this dissertation focuses on lattice-based cryptography, which represents one of the most promising and popular alternatives to today\u27s widely adopted public key solutions. Prior research has presented hardware designs targeting the computing blocks that are necessary for the implementation of lattice-based systems. However, a recurrent issue in most existing designs is that these hardware designs are not fully scalable or parameterized, hence limited to specific cryptographic primitives and security parameter sets. The research presented in this dissertation is the first that develops hardware accelerators that are designed to be fully parameterized to support different lattice-based schemes and parameters. Further, these accelerators are utilized to realize the first software-harware co-design of provably-secure instances of qTESLA, which is a lattice-based digital signature scheme. This dissertation demonstrates that even demanding, provably-secure schemes can be realized efficiently with proper use of software-hardware co-design. The final research presented in this dissertation is focused on the isogeny-based scheme SIKE, which recently made it to the final round of the PQC standardization process. This research shows that hardware accelerators can be designed to offload compute-intensive elliptic curve and isogeny computations to hardware in a versatile fashion. These hardware accelerators are designed to be fully parameterized to support different security parameter sets of SIKE as well as flexible hardware configurations targeting different user applications. This research is the first that presents versatile hardware accelerators for SIKE that can be mapped efficiently to both FPGA and ASIC platforms. Based on these accelerators, an efficient software-hardwareco-design is constructed for speeding up SIKE. In the end, this dissertation demonstrates that, despite being embedded with expensive arithmetic, the isogeny-based SIKE scheme can be run efficiently by exploiting specialized hardware. These four research directions combined demonstrate the practicability of building efficient hardware architectures for complex PQC algorithms. The exploration of efficient PQC solutions for different hardware platforms will eventually help migrate high-end servers and low-end embedded devices towards the post-quantum era
10281 Abstracts Collection -- Dynamically Reconfigurable Architectures
From 11.07.10 to 16.07.10, Dagstuhl Seminar 10281 ``Dynamically Reconfigurable Architectures \u27\u27 was held
in Schloss Dagstuhl~--~Leibniz Center for Informatics.
During the seminar, several participants presented their current
research, and ongoing work and open problems were discussed. Abstracts of
the presentations given during the seminar as well as abstracts of
seminar results and ideas are put together in this paper. The first section
describes the seminar topics and goals in general.
Links to extended abstracts or full papers are provided, if available
A Survey of Recent Developments in Testability, Safety and Security of RISC-V Processors
With the continued success of the open RISC-V architecture, practical deployment of RISC-V processors necessitates an in-depth consideration of their testability, safety and security aspects. This survey provides an overview of recent developments in this quickly-evolving field. We start with discussing the application of state-of-the-art functional and system-level test solutions to RISC-V processors. Then, we discuss the use of RISC-V processors for safety-related applications; to this end, we outline the essential techniques necessary to obtain safety both in the functional and in the timing domain and review recent processor designs with safety features. Finally, we survey the different aspects of security with respect to RISC-V implementations and discuss the relationship between cryptographic protocols and primitives on the one hand and the RISC-V processor architecture and hardware implementation on the other. We also comment on the role of a RISC-V processor for system security and its resilience against side-channel attacks
- …