Secure computing on reconfigurable systems

Doctoral thesis English OPEN
Fernandes Chaves, R.J. (2007)

This thesis proposes a Secure Computing Module (SCM) for reconfigurable computing systems. SC provides a protected and reliable computational environment, where data security and protection against malicious attacks to the system is assured. SC is strongly based on encryption algorithms and on the attestation of the executed functions. The use of SC on reconfigurable devices has the advantage of being highly adaptable to the application and the user requirements, while providing high performances. Moreover, it is adaptable to new algorithms, protocols, and threats. In this dissertation, high performance cryptographic units for symmetric encryption and hash functions, were designed in order to achieve a high performance SCM. Implementations results, in particular for the AES algorithm, suggest improvements of more than 500% in terms of Throughput per Slice compared to related art, with absolute throughputs of up to 34Gbit/s on a Virtex II Pro FPGA. A method to attest dynamically reconfigured hardware structures is also proposed. In addition, this method does not penalize the performance of the SCM. The presented attestation mechanism allows the configuration bitstreams to be stored in unsecured locations, for example on an external memory or even on the internet, without posing a security threat. Experimental results obtained by implementing the proposed SCM on a Virtex II Pro FPGA suggest speedups up to 750 times, compared with software implemented algorithms, achieving throughputs above 1Gbit/s at low area cost. Overall, this dissertation demonstrates the applicability and identifies the main advantages of implementing SC on reconfigurable systems.
  • References (44)
    44 references, page 1 of 5

    3.1 Stand-alone DES performances . . . . . . . . . . . . . . . . . 51 3.2 AES implementation results . . . . . . . . . . . . . . . . . . 59 3.3 AES folded core performance comparisons . . . . . . . . . . 60 3.4 AES unfolded core performance comparisons . . . . . . . . . 61 4.1 SHA-1 data block expansion unit comparison. . . . . . . . . . 76 4.2 SHA-1 DM addition comparison. . . . . . . . . . . . . . . . . 77 4.3 SHA-1 core performance comparisons. . . . . . . . . . . . . . 78 4.4 SHA256 core performance comparison. . . . . . . . . . . . . 79 4.5 SHA512 core performance comparison. . . . . . . . . . . . . 80 4.6 Whirlpool performance comparison . . . . . . . . . . . . . . 86 5.1 Virtex II Pro internal configuration registers. . . . . . . . . . . 93 5.2 Virtex II Pro CMD Register commands. . . . . . . . . . . . . 94

    [14] S. Vassiliadis, S. Wong, G. N. Gaydadjiev, K. Bertels, G. Kuzmanov, and E. M. Panainte, “The Molen polymorphic processor,” IEEE Transactions on Computers, pp. 1363- 1375, November 2004.

    [15] Xilinx, Virtex-II Pro and Virtex-II Pro X FPGA User Guide, ug012 (v4.1) ed., March 2007.

    [16] A. Seshadri, A. Perrig, L. van Doorn, and P. K. Khosla, “Swatt: Software-based attestation for embedded devices,” in IEEE Symposium on Security and Privacy, pp. 272-, IEEE Computer Society, May 2004.

    [17] E. Shi, A. Perrig, and L. van Doorn, “Bind: A fine-grained attestation service for secure distributed systems,” in IEEE Symposium on Security and Privacy, May 2005.

    [18] Douglas R. Stinson, “Cryptography - Theory and Practice,” CRC Press, 1995.

    [19] A. J. Menezes, P. C. van Oorschot, and S. A. Vanstone, Handbook of Applied Cryptography. CRC Press, 2001.

    [20] NIST, “Data encryption standard (DES), FIPS 46-3 ed,” tech. rep., National Institute of Standards and Technology, 1998.

    [21] C. E. Shannon, “Communication theory of secrecy systems,” Bell Systen Technicl Journal, vol. 28, pp. 656-715, October 1949.

    [22] NIST, “Data encryption standard (DES), FIPS 46-2 ed,” tech. rep., National Institute of Standards and Technology, December 1993.

  • Metrics
    No metrics available
Share - Bookmark

  • Download from
    TU Delft Repository via NARCIS (Doctoral thesis, 2007)
  • Cite this publication