Tamper proof certification system based on secure non-volatile FPGAs Diogo Alcoforado da Gama de Oliveira Parrinha Thesis to obtain the Master of Science Degree in Electrical and Computer Engineering Supervisor(s): Prof. Ricardo Jorge Fernandes Chaves Prof. Leonel Augusto Pires Seabra de Sousa Examination Committee Chairperson: Prof. Gonçalo Nuno Gomes Tavares Supervisor: Prof. Ricardo Jorge Fernandes Chaves Member of the Committee: Prof. Fernando Manuel Duarte Gonçalves November 2017 ii Acknowledgments I would like to start by thanking the constant support from my family and everything they did for me, which allowed me to close this chapter of my life. Without them, this would have been much harder. A special thanks to my mother Marina and my father Ricardo. Throughout the years I spent in IST, I have enjoyed working with a lot of people, from colleagues to professors. I have made some great friends and I am happy to realize that we have spent amazing moments together. However, I would like to offer a particular thanks to Diogo Prata for being a good friend throughout the degree and for overcoming many common adversities together. Finally, I would like to extend my sincere thanks to my supervisor Prof. Ricardo Chaves, for his con- tinuous support and guidance throughout this project. His technical expertise and constant motivation have helped me to conclude this thesis. May this be the start of a new beginning. Thank you! iii iv Resumo Os sistemas embebidos suportados por FPGAs temˆ um papel cada vez maior em sistemas cr´ıticos e de seguranc¸a. Um exemplo particular destes sistemas sao˜ os Modulos´ de Seguranc¸a em Hardware (HSM), que fornecem gestao˜ e utilizac¸ao˜ de chaves privadas, de modo seguro e confiavel.´ Contudo, os sistemas que estao˜ dispon´ıveis comercialmente sao˜ demasiado caros e limitados nas funcionalidades disponibilizadas. Por outro lado, as soluc¸oes˜ baseadas em FPGAs volateis´ que existem ate´ a` data, nao˜ sao˜ adequadas para a criac¸ao˜ de um Modulo´ de Seguranc¸a em Hardware, pois nao˜ contemˆ as carac- ter´ısticas de seguranc¸a necessarias,´ como funcionalidades anti-adulterac¸ao,˜ gestao˜ de chaves interna segura e capacidade de prevenir clonagem. Neste trabalho, e´ proposto um HSM que seja de codigo´ aberto, de baixo custo, reconfiguravel´ e altamente flex´ıvel. O sistema e´ suportado por um System- on-Chip que contem´ uma FPGA nao-vol˜ atil,´ com diversos servic¸os e caracter´ısticas de seguranc¸a. A soluc¸ao˜ apresentada opera como um sistema de certificac¸ao˜ versatil,´ capaz de providenciar gestao˜ se- gura de chaves, assinaturas digitais e de emitir certificados digitais confiaveis,´ suportando uma interface PKCS#11 com func¸oes˜ adicionais. Para melhor ilustrar a flexibilidade da soluc¸ao˜ proposta, um caso-de- uso, denominado Log-Chain, e´ tambem´ proposto e implementado. O Log-Chain consiste numa cadeia de logs que pode ser incrementada e verificada, nao˜ podendo ser modificada ou repudiada. Os resulta- dos experimentais sugerem que o sistema consegue calcular ate´ 2 operac¸oes˜ de assinatura/certificac¸ao˜ por segundo, com uma abordagem de baixo custo, adaptavel´ e segura. Palavras-chave: FPGA nao-vol˜ atil,´ Modulo´ de Seguranc¸a em Hardware, Sistema de Certificac¸ao,˜ Microsemi Smartfusion2 SoC v vi Abstract Embedded systems supported by FPGAs are increasingly playing a bigger role in safety-critical areas. A particular example of such safety-critical systems are Hardware Security Modules (HSM), which pro- vide private key management and usage, in a secure and reliable way. However, commercially available systems are too expensive and limited in the provided functionality. On the other hand, existing volatile FPGA solutions do not adequately provide the needed security characteristics, such as anti-tampering features, secure internal key management and anti-cloning capabilities. Herein, an open-source, low- cost and highly flexible reconfigurable HSM is proposed, supported by a System-on-Chip with a non- volatile FPGA that contains several security characteristics and services. The presented solution oper- ates as a versatile certification system that provides secure key management, digital signatures services and is able to issue trustworthy certificates, using an extended PKCS#11 interface. To further illustrate the flexibility of the proposed solution, a Log-Chain certification use-case is also presented, which con- sists of a chain-of-logs that can be incremented and verified, but cannot be repudiated or modified. Experimental results suggest that the system is able to compute up to 2 sign/certification operations per second with a low-cost, adaptable, and secure approach. Keywords: Non-volatile FPGA, Hardware Security Module, Certification System, Microsemi Smartfusion2 SoC vii viii Contents Acknowledgments........................................... iii Resumo.................................................v Abstract................................................. vii List of Tables.............................................. xi List of Figures............................................. xiii List of Acronyms............................................ xv 1 Introduction 1 1.1 Objectives and Requirements..................................2 1.2 Main contributions........................................3 1.3 Thesis Outline..........................................4 2 Background 5 2.1 Cryptographic Services and Mechanisms...........................5 2.1.1 Symmetric Key Cryptography..............................5 2.1.2 Asymmetric Key Cryptography.............................6 2.1.3 Hashing Function.....................................7 2.1.4 Secret Key Establishment................................8 2.1.5 Digital Signatures....................................9 2.1.6 Key Certification and PKI................................ 10 2.1.7 Physically Unclonable Function............................. 11 2.2 Secure Computing Platforms.................................. 11 2.3 Implementation Technologies.................................. 13 2.4 Smartfusion2 SoC........................................ 14 2.4.1 Device Description.................................... 15 2.4.2 Security Features.................................... 15 2.5 Summary............................................. 18 3 State of the Art 19 3.1 FPGA as Secure Platform.................................... 19 3.2 Key Generation and Storage.................................. 20 3.3 Full Security Systems...................................... 21 ix 3.4 Discussion............................................ 24 4 Proposed Solution 27 4.1 Users and Key Management.................................. 28 4.2 Communication and Session Establishment.......................... 30 4.3 Log-Chain............................................. 32 4.4 Conclusions............................................ 34 5 Implementation 37 5.1 Device Configuration and Setup................................. 38 5.2 Cryptographic Operations.................................... 39 5.3 Key Generation and Management............................... 41 5.4 Memory.............................................. 42 5.5 Log-Chain............................................. 44 5.6 Communication Channel..................................... 45 5.7 Middleware............................................ 46 5.8 Simple Time Service....................................... 47 5.9 Conclusions............................................ 49 6 Results 51 6.1 Cryptographic Operations.................................... 51 6.1.1 SHA-256......................................... 52 6.1.2 AES-256......................................... 53 6.1.3 EC Scalar Multiplication................................. 54 6.2 System Operations........................................ 55 6.3 Communication Channel..................................... 56 6.4 Comparison with the State of the Art.............................. 57 6.5 Conclusions............................................ 58 7 Conclusions 61 7.1 Future Work............................................ 62 Bibliography 63 A Communication Protocol 67 x List of Tables 2.1 X.509v3 certificate fields..................................... 10 2.2 Single-threaded performance (signatures/second) for different HSMs [12].......... 13 2.3 HSM Key Storage capacity [12]................................. 13 2.4 Protection mechanisms for FPGA configuration data...................... 14 2.5 Key Features for Secure Hardware [4].............................. 16 3.1 Comparison of Security Features of the different system proposals.............. 25 3.1 Comparison of Security Features of the different system proposals.............. 26 4.1 Key generation and storage.................................... 29 4.2 Secure session establishment.................................. 30 4.3 Available Device commands................................... 31 5.1 Non-volatile memory usage requirements for the implemented system............ 43 5.2 Additional API functions...................................... 47 5.3 Supported official PKCS#11 API functions........................... 47 6.1 Operation times for the three SHA-256 implementations.................... 52 6.2 Operation times for the two AES-256 implementations..................... 54 6.3 Operation times for the three versions conceived........................ 55 6.4 Operation times for the three versions conceived........................ 56 xi xii List of Figures 2.1 An example of an elliptic curve. Example equation: y2 = x3 + ax + b ............7 2.2 SmartFusion2
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages84 Page
-
File Size-