Secure execution environments through reconfigurable lightweight cryptographic components

Software protection is one of the most important problems in the area of computing as it affects a multitude of players like software vendors, digital content providers, users, and government agencies. There are multiple dimensions to this broad problem of software protection. The most important ones are: (1) protecting software from reverse engineering. (2) protecting software from tamper (or modification). (3) preventing software piracy. (4) verification of integrity of the software;In this thesis we focus on these areas of software protection. The basic requirement to achieve these goals is to provide a secure execution environment, which ensures that the programs behave in the same way as it was designed, and the execution platforms respect certain types of wishes specified by the program;We take the approach of providing secure execution environment through architecture support. We exploit the power of reconfigurable components in achieving this. The first problem we consider is to provide architecture support for obfuscation. This also achieves the goals of tamper resistance, copy protection, and IP protection indirectly. Our approach is based on the intuition that the software is a sequence of instructions (and data) and if the sequence as well the contents are obfuscated then all the required goals can be achieved;The second problem we solve is integrity verification of the software particularly in embedded devices. Our solution is based on the intuition that an obfuscated (permuted) binary image without any dynamic traces reveals very little information about the IP of the program. Moreover, if this obfuscation function becomes a shared secret between the verifier and the embedded device then verification can be performed in a trustworthy manner;Cryptographic components form the underlying building blocks/primitives of any secure execution environment. Our use of reconfigurable components to provide software protection in both Arc 3 D and TIVA led us to an interesting observation about the power of reconfigurable components. Reconfigurable components provide the ability to use the secret (or key) in a much stronger way than the conventional cryptographic designs. This opened up an opportunity for us to explore the use of reconfigurable gates to build cryptographic functions

Relating Boolean Gate Truth Tables to One-Way Functions

In this paper, the authors present a schema to build one way functions from a family of Boolean gates. Moreover, the authors relate characteristics of these Boolean gate truth tables to properties of the derived one-way functions

Architecture Support for 3D Obfuscation

Article discussing research on architecture support for 3D obfuscation

Framework for Design Validation of Security Architectures

This technical report discusses a framework for design validation of security architectures

Secure execution environments through reconfigurable lightweight cryptographic components

Software protection is one of the most important problems in the area of computing as it affects a multitude of players like software vendors, digital content providers, users, and government agencies. There are multiple dimensions to this broad problem of software protection. The most important ones are: (1) protecting software from reverse engineering. (2) protecting software from tamper (or modification). (3) preventing software piracy. (4) verification of integrity of the software;In this thesis we focus on these areas of software protection. The basic requirement to achieve these goals is to provide a secure execution environment, which ensures that the programs behave in the same way as it was designed, and the execution platforms respect certain types of wishes specified by the program;We take the approach of providing secure execution environment through architecture support. We exploit the power of reconfigurable components in achieving this. The first problem we consider is to provide architecture support for obfuscation. This also achieves the goals of tamper resistance, copy protection, and IP protection indirectly. Our approach is based on the intuition that the software is a sequence of instructions (and data) and if the sequence as well the contents are obfuscated then all the required goals can be achieved;The second problem we solve is integrity verification of the software particularly in embedded devices. Our solution is based on the intuition that an obfuscated (permuted) binary image without any dynamic traces reveals very little information about the IP of the program. Moreover, if this obfuscation function becomes a shared secret between the verifier and the embedded device then verification can be performed in a trustworthy manner;Cryptographic components form the underlying building blocks/primitives of any secure execution environment. Our use of reconfigurable components to provide software protection in both Arc 3 D and TIVA led us to an interesting observation about the power of reconfigurable components. Reconfigurable components provide the ability to use the secret (or key) in a much stronger way than the conventional cryptographic designs. This opened up an opportunity for us to explore the use of reconfigurable gates to build cryptographic functions.</p

Secure Embedded Platform Networked Automotive Systems

This paper discusses secure embedded platforms for networked automotive systems

How to Hide Secrets from Operating System: Architecture Level Support for Dynamic Address Trace Obfuscation

This technical report addresses how to hide secrets from an operating system. The authors provide a detailed design for the VM blackbox and some microarchitecture level simulation derived performance data. They also describe a compiler directed prefetch scheme that uses both instruction and data prefetches to obfuscate the address traces on the address bus between on-chip L2 cache and memory

REBEL: Reconfigurable Block Encryption Logic

Existing block cipher function designs have tended to deploy the secret bits in a specific and limited way. We generalize the role of the secret as truth tables of Boolean gates in a carefully designed logic schema. Our claims are: these reconfigurable functions are pseudo one-way and pseudo random functions. Such a function family is proposed using reconfigurable gates. Based on this function family we create REBEL, REconfigurable Block Encryption Logic, which is an LR-Network. We prove cryptographic and cryptanalytic security for REBEL. From cryptographic perspective, this function is a pseudo-permutation. From cryptanalysis perspective, any observable attribute appears to be a random process.

WARM SRAM: A Novel Scheme to Reduce Static Leakage Energy in SRAM Arrays

This presentation accompanies a paper discussing research on a novel scheme to reduce static leakage energy in SRAM arrays