Topics in secure embedded system design
1
Citation
79
Reference
20
Related Paper
Citation Trend
Abstract:
Pervasive networks have led to widespread use of embedded systems, like cell phones, PDAs, RFIDs etc., in increasingly diverse applications. Many of these embedded system applications handle sensitive data (e.g., credit card information on a mobile phone/PDA) or perform critical functions (e.g., medical devices or automotive electronics), and the use of security protocols is imperative to maintain confidentiality, integrity and authentication of these applications. Typically embedded systems have low computing power and finite energy supply based on a battery, and these factors are at odds with the computationally intensive nature of the cryptographic algorithms underlying many security protocols. In addition, secure embedded systems are vulnerable to attacks, like physical tampering, malware and side-channel attacks. Thus, design of secure embedded systems is guided by the following factors: small form factor, good performance, low energy consumption (and, thus, longer battery life), and robustness to attacks.
This thesis presents our work on tackling three issues in the design of secure embedded systems: energy consumption, performance and robustness to side-channel attacks. First, we present our work on optimizing the energy consumption of the widely employed secure sockets layer (SSL) protocol running on an embedded system. We discuss results of energy analysis of various cryptographic algorithms, and the manner in which this information can be used to adapt the operation of SSL protocol to save energy. Next, we present results of our experiments on optimizing the performance of Internet protocol security (IPSec) protocol on an embedded processor. Depending on the mode of operation, the IPSec computation is dominated by cryptographic or non-cryptographic processing. We demonstrate how both these components of the IPSec protocol can be optimized by leveraging the extensible and configurable features of an embedded processor. Next, we introduce a satisfiability-based framework for enabling side-channel attacks on cryptographic software running on an embedded processor. This framework enables us to identify variables in the software implementations which result in the disclosure of the secret key used. Thus, security of software implementations can be improved by better protection of these identified variables. Finally, we conclude by introducing a novel memory integrity checking protocol that has much lower communication complexity than existing Merkle tree-based protocols while incurring a modest price in computation on the processor. This scheme is based on Toeplitz matrices, and can be very efficiently realized on embedded systems with hardware extensions for bit matrix operations.Keywords:
IPsec
Robustness
Transport Layer Security
Cite
The emergence of Internet of Things (IoT) devices is challenging the conventional design targets for integrated systems such as energy efficiency, cost, noise, and performance. With the prospected proliferation of IoT devices with 5G networks, ensuring safe margins for these design targets will become even more crucial due to the limited battery life and significant physical constraints. Additionally, IoT devices are quite vulnerable to hardware attacks since they are typically more accessible to an attacker as compared to the other general purpose computing devices. The limitations, when combined with the cost constraints make the design of security measures for the IoT devices quite challenging. Regardless of these constraints, IoT devices still need to perform a certain level of secure computation by utilizing encryption algorithms. Subsequently, new specific cryptographic algorithms designed and developed to be adequate for implementation in resource-constrained devices such as RFID systems, smart card, and wireless sensor networks known as lightweight cryptographic algorithms. In this paper, a survey is conducted to compare between selected lightweight cryptographic algorithms. There are two types of lightweight cryptography algorithms know as block ciphers and stream ciphers, both are presented in this paper. Their security features and performances of hardware implementations are also analyzed.
Implementation
Cite
Citations (34)
The Internet of Things creates advanced application systems requiring minimum human interaction by integrating entities having unique addressing mechanisms with digital processing platforms by communicating in a network. The Internet of Things devices being resource constrained are prone to attacks and security breaches. Conventional cryptographic procedures are not viable for Internet of Things and embedded applications as the computations involved with them require higher processing power, memory and energy. Lightweight cryptographic techniques can be used in resource constrained Internet of Things devices to mitigate the security issues. These lightweight cryptographic solutions use smaller key sizes, smaller block sizes and lesser number of rounds. This paper uses a lightweight cryptographic algorithm, AES (Advanced Encryption Algorithm) which is one of the efficient and robust algorithms, to secure communication in the wireless sensor networks. The experimentation uses UDP protocol for transmissions and Routing Protocol for Low-Power and Lossy networks (RPL) for packet delivery from source to destination. Later, the performance of different variants of AES is checked by performing the power analysis. The results demonstrate that AES-192 and AES-256 with 8 rounds show optimized results in terms of power, thus making it suitable for power constrained devices.
Cite
Citations (15)
Cite
Citations (4)
Cite
Citations (11)
This thesis investigates the role of error-correcting codes in Distributed and Pervasive Computing. The main results are at the intersection of Security and Fault Tolerance for these environments. There are two primary areas that are explored in this thesis. (1) We have investigated protocols for large scale fault tolerant secure distributed storage. The two main concerns here are security and redundancy. In one arm of this research we developed SAFE, a distributed storage system based on a new protocol that offers a two-in-one solution to fault-tolerance and confidentiality. This protocol is based on cryptographic properties of error correction codes. In another arm, we developed eSAFE, another prototype distributed persistent storage; eSAFE facilitates seamless hardware extension of storage units, high resilience to loads and provides high availability. The main ingredient in its design is a modern class of erasure codes known as the Fountain Codes. One problem in such large storage is the heavy overhead of the associated fingerprints needed for checking data integrity. eSAFE deploys a clever integrity check mechanism by use of a data structure known as the Merkle Tree to address this issue. (2) We also investigated the design of a new remote authentication protocol. Applications over long range wireless would benefit quite a bit from this design. We designed and implemented LAWN, a lightweight remote authentication protocol for wireless networks that deploys a randomized approximation scheme based on Error correcting codes. We have evaluated in detail the performance of LAWN; while it adds very low overhead of computation, the savings in bandwidth and power are quite dramatic.
Distributed data store
Data integrity
Erasure code
Cite
Citations (0)
In recent years, embedded systems have evolved rapidly and become ubiquitous as they are found in a large number of devices. At the same time, as a result of recent technological advancements and high demand of connectivity, such systems are particularly susceptible to security attacks. Software-based security solutions cannot provide complete protection and are relatively slow. On the other hand, hardware-assisted techniques improve execution time but still involve dedicated software modules. In this paper, we have proposed a hardware based mechanism to process sensitive information in complete isolation without requiring any software process. The proposed solution is evaluated for an image processing based authentication system and it has demonstrated negligible area, power consumption and performance overhead.
Isolation
Cite
Citations (1)
Security was not considered when current wireless sensor nodes were designed. As a result providing high level of security on current WSNs platforms is unattainable, especially against attacks based on key resolving and node compromise. In this paper we scrutinize the security holes in current WSNs platforms, and compare the main approaches to implementing the cryptographic primitives used to provide security services for these platforms, in terms of security, energy, and time efficiency. To secure these holes and provide more efficiency we propose a custom hardware platform for WSNs. The choice of cryptographic primitives for our suggested platform is based on their compatibility with the constrained nature of WSNs and their security status. We also discuss the most efficient configurations and implementation methodologies of these primitives, and review their specialized implementations for WSNs in recent literature. Based on that, we provide a hardware implementation of a crypto-processor using Very high speed integrated circuit Hardware Description Language (VHDL). Experimental results using synthesis for Spartan-6 low-power FPGA shows that the proposed protocol outperforms related work in terms of computation time and energy consumption.
Implementation
Hardware security module
Cite
Citations (14)
Cite
Citations (30)
Security is critical to a wide range of wireless data applications and services. While several security mechanisms and protocols have been developed in the context of the wired Internet, many new challenges arise due to the unique characteristics of battery powered embedded systems. In this work, we focus on an important constraint of such devices -- battery life -- and examine how it is impacted by the use of security protocols.We present a comprehensive analysis of the energy requirements of a wide range of cryptographic algorithms that are used as building blocks in security protocols. Furthermore, we study the energy consumption requirements of the most popular transport-layer security protocol SSL (Secure Sockets Layer). To our knowledge, this is the first comprehensive analysis of the energy requirements of SSL. For our studies, we have developed a measurement-based experimental testbed that consists of an iPAQ PDA connected to a wireless LAN and running Linux, a PC-based data acquisition system for real-time current measurement, the OpenSSL implementation of the SSL protocol, and parametrizable SSL client and server test programs. We investigate the impact of various parameters at the protocol level (such as cipher suites, authentication mechanisms, and transaction sizes, etc.) and the cryptographic algorithm level (cipher modes, strength) on overall energy consumption for secure data transactions.Based on our results, we discuss various opportunities for realizing energy-efficient implementations of security protocols. We believe such investigations to be an important first step towards addressing the challenges of energy efficient security for battery-constrained systems.
Transport Layer Security
Testbed
Wireless security
IPsec
Application layer
Cite
Citations (267)
Architectures that implement the Internet Protocol Security (IPSec) standard have to meet the enormous computing demands of cryptographic algorithms. In addition, IPSec architectures have to be flexible enough to adapt to diverse security parameters. This article proposes an FPGA-based Adaptive Cryptographic Engine (ACE) for IPSec architectures. By taking advantage of FPGA technology, ACE can adapt to diverse security parameters on the fly while providing superior performance compared with software-based solutions. In this paper, we focus on performance issues. A diverse set of private-key cryptographic algorithms is utilized to demonstrate the applicability of the proposed cryptographic engine. The time performance metrics are throughput and key-setup latency. The latency metric is the most important measure for IPSec where a small amount of data is processed per key and key context switching occurs repeatedly. We are not aware of any published results that include extensive key-setup latency results.
IPsec
Security association
Cite
Citations (26)