Lightweight Secure-Boot Architecture for RISC-V System-on-Chip
06 Mar 2019-pp 216-223
TL;DR: A lightweight hardware-based secure boot architecture that incorporates an optimized Physical Unclonable Function (PUF) for providing keys to the security blocks of the System on Chip (SoC), among which, secure boot and remote attestation are presented.
Abstract: Securing thousands of connected, resource-constrained computing devices is a major challenge nowadays. Adding to the challenge, third party service providers need regular access to the system. To ensure the integrity of the system and authenticity of the software vendor, secure boot is supported by several commercial processors. However, the existing solutions are either complex, or have been compromised by determined attackers. In this scenario, open-source secure computing architectures are poised to play an important role for designers and white hat attackers. In this manuscript, we propose a lightweight hardware-based secure boot architecture. The architecture uses efficient implementation of Elliptic Curve Digital Signature Algorithm (ECDSA), Secure Hash Algorithm 3 (SHA3) hashing algorithm and Direct Memory Access (DMA). In addition, the architecture includes Key Management Unit, which incorporates an optimized Physical Unclonable Function (PUF) for providing keys to the security blocks of the System on Chip (SoC), among which, secure boot and remote attestation. We demonstrated the framework on RISC-V based SoC. Detailed analysis of performance and security for the platform is presented.
Citations
More filters
01 Jul 2020
TL;DR: This survey identifies the general threat and attack vectors against IoT devices while highlighting the flaws and weak points that can lead to breaching the security.
Abstract: Interconnecting “things” and devices that takes the form of wearables, sensors, actuators, mobiles, computers, meters, or even vehicles is a critical requirement for the current era. These inter-networked connections are serving the emerging applications home and building automation, smart cities and infrastructure, smart industries, and smart-everything. However, the security of these connected Internet of things (IoT) plays a centric role with no margin for error. After a review of the relevant, online literature on the topic and after looking at the market trends and developments, one can notice that there are still concerns with regard to security in IoT products and services. This paper is focusing on a survey on IoT security and aims to highlight the most significant problems related to safety and security in the IoT ecosystems. This survey identifies the general threat and attack vectors against IoT devices while highlighting the flaws and weak points that can lead to breaching the security. Furthermore, this paper presents solutions for remediation of the compromised security, as well as methods for risk mitigation, with prevention and improvement suggestions.
77 citations
Cites methods from "Lightweight Secure-Boot Architectur..."
...Methods such as Elliptic Curve Digital Signature Algorithm (ECDSA), Secure Hash Algorithm (SHA), direct memory access (DMA), and physical unclonable function (PUF) are employed for secure booting and remote attestation [58, 68]....
[...]
Proceedings Article•
07 Dec 2011TL;DR: This work proposes a novel PUF structure based on a Butterfly PUF with multiple RS latches, which generates larger entropy by utilizing location information of theRS latches generating random numbers.
Abstract: Physical Unclonable Functions (PUFs) are expected to represent an important solution for secure ID generation and authentication etc. In general, PUFs are considered to be more secure the larger their output entropy. However, the entropy of conventional PUFs is lower than the output bit length, because some output bits are random numbers, which are regarded as unnecessary for ID generation and discarded. We propose a novel PUF structure based on a Butterfly PUF with multiple RS latches, which generates larger entropy by utilizing location information of the RS latches generating random numbers. More specifically, while conventional PUFs generate binary values (0/1), the proposed PUF generates ternary values (0/1/random) in order to increase entropy. We estimate the entropy of the proposed PUF. According to our experiment with 40 FPGAs, a Butterfly PUF with 128 RS latches can improve entropy from 116 bits to 192.7 bits, this being maximized when the frequency of each ternary value is equal. We also show the appropriate RS latch structure for satisfying this condition, and validate it through an FPGA experiment.
38 citations
09 Mar 2020
TL;DR: This paper presents the first post-quantum secure boot solution, implemented fully as hardware for reasons of security and performance, and uses the eXtended Merkle Signature Scheme (XMSS), a hash-based scheme that has been specified as an IETF RFC.
Abstract: A secure boot protocol is fundamental to ensuring the integrity of the trusted computing base of a secure system The use of digital signature algorithms (DSAs) based on traditional asymmetric cryptography, particularly for secure boot, leaves such systems vulnerable to the threat of quantum computers This paper presents the first post-quantum secure boot solution, implemented fully as hardware for reasons of security and performance In particular, this work uses the eXtended Merkle Signature Scheme (XMSS), a hash-based scheme that has been specified as an IETF RFC The solution has been integrated into a secure SoC platform around RISC-V cores and evaluated on an FPGA and is shown to be orders of magnitude faster compared to corresponding hardware/software implementations and to compare competitively with a fully hardware elliptic curve DSA based solution
17 citations
Cites methods from "Lightweight Secure-Boot Architectur..."
...a) ECDSA: The ECDSA implementation in [9] uses a 233 bit elliptic curve (sec233r1)....
[...]
...elliptic curve digital signature algorithm (ECDSA) in [9] (as also used in the context of secure boot)....
[...]
...The work in [9] is also a RISC-V based system and it presents a fully-HW solution for secure boot and uses an elliptic curve based signature scheme....
[...]
01 Dec 2020
TL;DR: This manuscript discusses a set of primitive building blocks of a secure SoC and presents some of the implemented security subsystems using these building blocks—such as secure boot, memory protection, PUF-based key management, a countermeasure methodology for RISC-V micro-architectural side-channel leakage, and an integration of the open keystone-enclaves for TEE.
Abstract: A rising tide of exploits, in the recent years, following a steady discovery of the many vulnerabilities pervasive in modern computing systems has led to a growing number of studies in designing systems-on-chip (SoCs) with security as a first-class consideration. Following the momentum behind RISC-V-based systems in the public domain, much of this effort targets RISC-V-based SoCs; most ideas, however, are independent of this choice. In this manuscript, we present a consolidation of our early efforts along these lines in designing a secure SoC around RISC-V, named ITUS. In particular, we discuss a set of primitive building blocks of a secure SoC and present some of the implemented security subsystems using these building blocks—such as secure boot, memory protection, PUF-based key management, a countermeasure methodology for RISC-V micro-architectural side-channel leakage, and an integration of the open keystone-enclaves for TEE. The current ITUS SoC prototype, integrating the discussed security subsystems, was built on top of the lowRISC project; however, these are portable to any other SoC code base. The SoC prototype has been evaluated on an FPGA.
9 citations
References
More filters
23 Aug 1985
TL;DR: A new signature scheme is proposed, together with an implementation of the Diffie-Hellman key distribution scheme that achieves a public key cryptosystem that relies on the difficulty of computing discrete logarithms over finite fields.
Abstract: A new signature scheme is proposed, together with an implementation of the Diffie-Hellman key distribution scheme that achieves a public key cryptosystem. The security of both systems relies on the difficulty of computing discrete logarithms over finite fields.
7,514 citations
15 Jan 2020
4,407 citations
"Lightweight Secure-Boot Architectur..." refers methods in this paper
...While Standards for Efficient Cryptography Group (SECG) [21] has defined the Koblitz curve secp256k1 that is used by online cryptocurrency Bitcoin [22]....
[...]
04 Jun 2007
TL;DR: This work presents PUF designs that exploit inherent delay characteristics of wires and transistors that differ from chip to chip, and describes how PUFs can enable low-cost authentication of individual ICs and generate volatile secret keys for cryptographic operations.
Abstract: Physical Unclonable Functions (PUFs) are innovative circuit primitives that extract secrets from physical characteristics of integrated circuits (ICs). We present PUF designs that exploit inherent delay characteristics of wires and transistors that differ from chip to chip, and describe how PUFs can enable low-cost authentication of individual ICs and generate volatile secret keys for cryptographic operations.
2,014 citations
Additional excerpts
...99 Artix-7 256 ROs 16-bit LFSR RO PUF (128) [41] 46....
[...]
Proceedings Article•
01 Jan 2007
1,944 citations
19 May 2019
TL;DR: Spectre as mentioned in this paper is a side channel attack that can leak the victim's confidential information via side channel to the adversary. And it can read arbitrary memory from a victim's process.
Abstract: Modern processors use branch prediction and speculative execution to maximize performance. For example, if the destination of a branch depends on a memory value that is in the process of being read, CPUs will try to guess the destination and attempt to execute ahead. When the memory value finally arrives, the CPU either discards or commits the speculative computation. Speculative logic is unfaithful in how it executes, can access the victim's memory and registers, and can perform operations with measurable side effects. Spectre attacks involve inducing a victim to speculatively perform operations that would not occur during correct program execution and which leak the victim's confidential information via a side channel to the adversary. This paper describes practical attacks that combine methodology from side channel attacks, fault attacks, and return-oriented programming that can read arbitrary memory from the victim's process. More broadly, the paper shows that speculative execution implementations violate the security assumptions underpinning numerous software security mechanisms, including operating system process separation, containerization, just-in-time (JIT) compilation, and countermeasures to cache timing and side-channel attacks. These attacks represent a serious threat to actual systems since vulnerable speculative execution capabilities are found in microprocessors from Intel, AMD, and ARM that are used in billions of devices. While makeshift processor-specific countermeasures are possible in some cases, sound solutions will require fixes to processor designs as well as updates to instruction set architectures (ISAs) to give hardware architects and software developers a common understanding as to what computation state CPU implementations are (and are not) permitted to leak.
1,317 citations