Secure Computing on Reconfigurable Systems
Total Page:16
File Type:pdf, Size:1020Kb
Secure Computing on Reconfigurable Systems Secure Computing on Reconfigurable Systems PROEFSCHRIFT ter verkrijging van de graad van doctor aan de Technische Universiteit Delft, op gezag van de Rector Magnificus Prof.dr.ir. J.T. Fokkema, voorzitter van het College voor Promoties, in het openbaar te verdedigen op dinsdag 11 december 2007 om 15:00 uur door Ricardo Jorge FERNANDES CHAVES elektrotechnisch ingenieur Technical University of Lisbon geboren te Lisboa, Portugal Dit proefschrift is goedgekeurd door de promotors: Prof. dr. K. Goossens Prof. dr. L. Sousa Samenstelling promotiecommissie: Rector Magnificus, voorzitter Technische Universiteit Delft Prof. dr. K. G. W. Goossens, promotor Technische Universiteit Delft Prof. dr. L. Sousa, promotor Universidade Te´cnica de Lisboa Prof. dr. L. Silveira Universidade Te´cnica de Lisboa Prof. dr. A. Ferrari Universidade de Aveiro Prof. dr. K. Beenakker Technische Universiteit Delft Prof. dr. J. Lubbe Technische Universiteit Delft Prof. dr. P. French, reservelid Technische Universiteit Delft My advisor Professor Stamatis Vassiliadis has provided substantial guidance and support in the preparation of this thesis. Universidade Tecnica´ de Lisboa, Instituto Superior Tecnico´ made important contributions to the work described in this dissertation. Financial support was provided by the Portuguese Foundation for Science and Technology. ISBN 978-90-807957-5-4 Subject headings: Secure/trusted computing, reconfigurable systems, cryptography. Copyright © 2007 Ricardo Chaves All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without permission of the author. Printed in The Netherlands in memoriam Professor Stamatis Vassiliadis Secure Computing on Reconfigurable Systems Abstract his thesis proposes a Secure Computing Module (SCM) for reconfig- T urable computing systems. SC provides a protected and reliable com- putational environment, where data security and protection against malicious attacks to the system is assured. SC is strongly based on encryp- tion algorithms and on the attestation of the executed functions. The use of SC on reconfigurable devices has the advantage of being highly adaptable to the application and the user requirements, while providing high performances. Moreover, it is adaptable to new algorithms, protocols, and threats. In this dis- sertation, high performance cryptographic units for symmetric encryption and hash functions, were designed in order to achieve a high performance SCM. Implementations results, in particular for the AES algorithm, suggest improve- ments of more than 500% in terms of Throughput per Slice compared to re- lated art, with absolute throughputs of up to 34Gbit/s on a Virtex II Pro FPGA. A method to attest dynamically reconfigured hardware structures is also pro- posed. In addition, this method does not penalize the performance of the SCM. The presented attestation mechanism allows the configuration bitstreams to be stored in unsecured locations, for example on an external memory or even on the internet, without posing a security threat. Experimental results obtained by implementing the proposed SCM on a Virtex II Pro FPGA suggest speedups up to 750 times, compared with software implemented algorithms, achieving throughputs above 1Gbit/s at low area cost. Overall, this dissertation demon- strates the applicability and identifies the main advantages of implementing SC on reconfigurable systems. Key words: Secure Computing, hardware attestation, reconfigurable systems, FPGA i Secure Computing on Reconfigurable Systems Resumo sta tese propoe˜ um modulo´ para Computac¸ao˜ Segura (Secure Comput- E ing - SC) em sistemas de computac¸ao˜ reconfiguravel.´ A SC propor- ciona um ambiente de computac¸ao˜ protegido e de confianc¸a, em que a seguranc¸a dos dados e a protecc¸ao˜ contra ataques maliciosos ao sistema e´ assegurada. A SC e´ fundamentalmente baseada em algoritmos de cifragem e na atestac¸ao˜ das func¸oes˜ executadas. A utilizac¸ao˜ de SC em dispositivos re- configuraveis´ tem a vantagem de se adaptar a` aplicac¸ao˜ e aos requisitos do utilizador, enquanto permite elevados desempenhos, sendo tambem´ adaptavel´ a novos algoritmos de cifragem, protocolos e ameac¸as. Nesta dissertac¸ao,˜ unidades criptograficas´ de elevado desempenho para cifragem simetrica´ e func¸oes˜ de dispersao˜ foram projectadas de forma a obter um modulo´ de efi- ciente de SC. Resultados da implementac¸ao,˜ em particular para o algoritmo AES, sugerem melhorias superiores a 500%, no que respeita a` razao˜ do ritmo de sa´ıda pelos blocos reconfiguraveis´ usados, comparativamente ao estado da arte; foram obtidos ritmos de sa´ıda ate´ 34Gbit/s numa FPGA Virtex II Pro. Um novo metodo´ e´ tambem´ proposto para a atestac¸ao˜ de estruturas computa- cionais dinamicamente reconfiguradas, sem que o desempenho do modulo´ SC seja comprometido. Este metodo´ permite que o bitstream de configurac¸ao˜ possa ser armazenado em locais nao˜ seguros, por exemplo numa memoria´ ex- terna ou mesmo numa localizac¸ao˜ remota acess´ıvel pela internet, sem que isso constitua uma falha de seguranc¸a. Resultados experimentais obtidos com a implementac¸ao˜ do modulo SC numa FPGA Virtex II Pro sugerem acelerac¸oes˜ de processamento ate´ 750 vezes, comparativamente com as implementac¸oes˜ dos algoritmos em software, obtendo-se ritmos de sa´ıda superiores a 1Gbit/s com uma area´ de circuito reduzida. Pode-se dizer que esta tese mostra a apli- cabilidade do conceito SC a sistemas reconfiguraveis,´ verificando-se experi- mentalmente as suas principais vantagens, com base em implementac¸oes˜ em FPGA. Palavras chaves: Secure Computing, atestac¸ao˜ de hardware, sistemas recon- figuraveis,´ FPGA iii Secure Computing on Reconfigurable Systems Samenvatting it proefschrift introduceert een Secure Computing Module (SCM) voor D herconfigureerbare rekensystemen. SC biedt een beschermde en be- trouwbare rekenomgeving, die dataveiligheid en bescherming tegen aanvallen garandeert. SC is in sterke mate gebaseerd op het gebruikvan ver- sleutelalgoritmes en de validatie van de uitgevoerde functionaliteit. Het vo- ordeel van het gebruik van SC in herconfigureerbare apparaten is dat het gemakkelijk aangepast kan worden aan toepassing en gebuikerseisen, terwijl er toch een hoge snelheid geboden kan worden. Bovendien is het verder aan te passen aan nieuwe algoritmen, protocollen en dreigingen. In dit proefschrift worden een aantal snelle cryptografische eenheden voor symmetrische encryp- tie en hash functies ontworpen die nodig zijn om een snelle SCM te verkrij- gen. Implementatie resultaten suggereren verbeteringen van meer dan 500% in Throughput per Slice ten opzichte van gerelateerd werk, met doorvoersnel- heden tot 34Gbit/s in een Virtex II Pro FPGA. Daarnaast wordt er een nieuwe methode gepresenteerd om dynamisch geherconfigureerde hardwarestructuren te valideren zonder nadelige gevolgen voor de snelheid van de SCM. Hier- door kunnen configuratiebitstromen opgeslagen worden op onveilige lokaties, bijvoorbeeld in extern geheugen of zelfs op het internet, zonder dat dit een vei- ligheidsrisico vormt. Experimentele evaluatie van een implementatie van de SCM in een Virtex II Pro FPGA leidde tot een maximale verbetering van een factor 750 ten opzichte van algoritmes ge¨ımplementeerd in software; de im- plementatie haalde doorvoersnelheden van meer dan 1Gbit/s met een kleinere aanspraak op de beschikbare bronnen. Kortom, dit proefschrift illustreert de toepassing en de voordelen van de implementatie van SC in herconfigureerbare systemen. Sleutelwoorden:Secure Computing, hardware validatie, herconfigureerbare systemen, FPGA v Acknowledgements First and foremost I would like to show my profound gratitude to Prof. Stama- tis Vassiliadis and Prof. Leonel Sousa, for their permanent and dedicated sup- port throughout the development of this thesis and myself. Notwithstanding, I leave this “thank you” with a feeling of sorrow for not having enjoyed and grown more with the company, friendship, and guidance of the paragon that was Professor Stamatis Vassiliadis. Also a special “thank you” to Dr. Georgi Kuzmanov, whose contribution to the development of this work was of truth importance. Even though he was officially only a colleague, he acted as my co-advisor, guiding and helping me to improve the quality of my work. I would like to thank Dr. Georgi Gaydadjiev and Dr. Koen Bertels for all their support; especially to Dr. Gaydadjiev for the endeavor that was the es- tablishment of the mix PhD contract between TULisbon and TUDelft. “Thank you” to Prof. Kees Goossens, for a thoughtful and constructive guidance as my TUDelft promoter in the last steps of my thesis. I would like to thank Frederico and my two paranymphs, Marisa and Rui, for checking the text of this dissertation and everything else. “Thank you” also to Cathal for the Dutch translation of the abstract and the propositions. Also, “thank you” to my office mates from SiPS and CE lab for their friendship, help, the enlightened discussions, and all other conversations. “Thank you” to the CE lab and the SiPS group for this second home. A note of appreciation to the Portuguese Foundation for Science and Technology, for the financial support for this PhD work. Also, a “thank you” for everything else not mentioned and to all those not spoken off. And finally, but certainly not least, a very warm and tender “thank you” to my fader, for all his love and support throughout this