Secure computing on reconfigurable systems
Fernandes Chaves, R.J.
This thesis proposes a Secure Computing Module (SCM) for reconfigurable computing systems. SC provides a protected and reliable computational environment, where data security and protection against malicious attacks to the system is assured. SC is strongly based on encryption algorithms and on the attestation of the executed functions. The use of SC on reconfigurable devices has the advantage of being highly adaptable to the application and the user requirements, while providing high performances. Moreover, it is adaptable to new algorithms, protocols, and threats. In this dissertation, high performance cryptographic units for symmetric encryption and hash functions, were designed in order to achieve a high performance SCM. Implementations results, in particular for the AES algorithm, suggest improvements of more than 500% in terms of Throughput per Slice compared to related art, with absolute throughputs of up to 34Gbit/s on a Virtex II Pro FPGA. A method to attest dynamically reconfigured hardware structures is also proposed. In addition, this method does not penalize the performance of the SCM. The presented attestation mechanism allows the configuration bitstreams to be stored in unsecured locations, for example on an external memory or even on the internet, without posing a security threat. Experimental results obtained by implementing the proposed SCM on a Virtex II Pro FPGA suggest speedups up to 750 times, compared with software implemented algorithms, achieving throughputs above 1Gbit/s at low area cost. Overall, this dissertation demonstrates the applicability and identifies the main advantages of implementing SC on reconfigurable systems.