Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions[
合集下载
- 1、下载文档前请自行甄别文档内容的完整性,平台不提供额外的编辑、内容补充、找答案等附加服务。
- 2、"仅部分预览"的文档,不可在线预览部分如存在完整性等问题,可反馈申请退款(可完整预览的文档不适用该条件!)。
- 3、如文档侵犯您的权益,请联系客服反馈,我们会尽快为您处理(人工客服工作时间:9:00-18:30)。
3
Existing Approaches
Tamper-Proof Package: IBM 4758
Sensors to detect attacks Expensive Continually battery-powered
Trusted Platform Module (TPM)
A separate chip (TPM) for security functions Decrypted “secondary” keys can be read out from the bus
• EEPROM adds additional complexity to manufacturing
8
Our Solution: Physical Random Functions (PUFs)
• Generate keys from a complex physical system
5
Contributions
• Physical Random Functions (PUFs)
– Cheap and secure way to authenticate the processor
• Architecture to minimize the trusted code base
– Efficient use of protection mechanisms – Reduce the code to be verified
Receive() { … }
• Need a secure platform
– Authenticate “itself (device)”
Send(…) { … } Func(…) { … }
– Authenticate “software”
– Guarantee the integrity and privacy of “execution”
I/O
Identify
Memory
• A single chip is easier and cheaper to protect
• The processor authenticates itself, identifies the security kernel, and protects off-chip memory
• Attackers can physically tamper with devices
– Invasive probing – Non-invasive measurement – Install malicious software
• Software-only protections are not enough
• Integration of protection mechanisms
– Additional checks in MMU – Off-chip memory encryption and integrity verification (IV)
• Evaluation of a fully-functional RTL implementation
Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions
G. Edward Suh, Charles W. O’Donnell, Ishan Sachdev, and Srinivas Devadas Massachusetts Institute of Technology
2Βιβλιοθήκη Baidu
Distributed Computation
• How can we “trust” remote computation?
Example: Distributed Computation on the Internet (SETI@home, etc.)
DistComp() {
x = Receive(); result = Func(x); Send(result); }
– Area Estimate – Performance Measurement
6
Physical Random Function (PUF – Physical Unclonable Function)
7
Problem
Storing digital information in a device in a way that is resistant to physical attacks is difficult and expensive.
1
New Security Challenges
• Computing devices are becoming distributed, unsupervised, and physically exposed
– Computers on the Internet (with untrusted owners) – Embedded devices (cars, home appliances) – Mobile devices (cell phones, PDAs, laptops)
Probe
EEPROM/ROM Processor
• Adversaries can physically extract secret keys from EEPROM while processor is off
• Trusted party must embed and test secret keys in a secure location
4
Our Approach
• Build a secure computing platform with only trusting a “single-chip” processor (named AEGIS)
Security Kernel (trusted part of an OS)
Protected Environment Protect
Existing Approaches
Tamper-Proof Package: IBM 4758
Sensors to detect attacks Expensive Continually battery-powered
Trusted Platform Module (TPM)
A separate chip (TPM) for security functions Decrypted “secondary” keys can be read out from the bus
• EEPROM adds additional complexity to manufacturing
8
Our Solution: Physical Random Functions (PUFs)
• Generate keys from a complex physical system
5
Contributions
• Physical Random Functions (PUFs)
– Cheap and secure way to authenticate the processor
• Architecture to minimize the trusted code base
– Efficient use of protection mechanisms – Reduce the code to be verified
Receive() { … }
• Need a secure platform
– Authenticate “itself (device)”
Send(…) { … } Func(…) { … }
– Authenticate “software”
– Guarantee the integrity and privacy of “execution”
I/O
Identify
Memory
• A single chip is easier and cheaper to protect
• The processor authenticates itself, identifies the security kernel, and protects off-chip memory
• Attackers can physically tamper with devices
– Invasive probing – Non-invasive measurement – Install malicious software
• Software-only protections are not enough
• Integration of protection mechanisms
– Additional checks in MMU – Off-chip memory encryption and integrity verification (IV)
• Evaluation of a fully-functional RTL implementation
Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions
G. Edward Suh, Charles W. O’Donnell, Ishan Sachdev, and Srinivas Devadas Massachusetts Institute of Technology
2Βιβλιοθήκη Baidu
Distributed Computation
• How can we “trust” remote computation?
Example: Distributed Computation on the Internet (SETI@home, etc.)
DistComp() {
x = Receive(); result = Func(x); Send(result); }
– Area Estimate – Performance Measurement
6
Physical Random Function (PUF – Physical Unclonable Function)
7
Problem
Storing digital information in a device in a way that is resistant to physical attacks is difficult and expensive.
1
New Security Challenges
• Computing devices are becoming distributed, unsupervised, and physically exposed
– Computers on the Internet (with untrusted owners) – Embedded devices (cars, home appliances) – Mobile devices (cell phones, PDAs, laptops)
Probe
EEPROM/ROM Processor
• Adversaries can physically extract secret keys from EEPROM while processor is off
• Trusted party must embed and test secret keys in a secure location
4
Our Approach
• Build a secure computing platform with only trusting a “single-chip” processor (named AEGIS)
Security Kernel (trusted part of an OS)
Protected Environment Protect