Cyber physical systems: devices. Cyber physical systems. Ingrid Verbauwhede KU Leuven COSIC. Ingrid Verbauwhede, COSIC KU Leuven

Transcription

1 Cyber physical systems: security for embedded d devices Ingrid Verbauwhede KU Leuven COSIC Cyber physical systems Networked embedded systems interacting with the environment Ed Lee, after H. Gill NSF [source photograph: Jan Rabaey SWARM lab] Darmstadt, June 10-11,

2 E-Health: mobile, networked, interacting with environment IMEC: NERF - brain stimulant IMEC: Human++ project Embedded crypto? Deep Brain stimulation [Sources: J. Rabaey, National Institutes of Health, Neurology journal] Darmstadt, June 10-11,

3 Cyber physical system Networked embedded systems interacting with the environment o o o Interacting = Real time processing Networked = communication computation trade-off Embedded systems = Low power / low energy Novel security challenge! REAL-TIME Clock frequency versus sample frequency Throughput versus latency Darmstadt, June 10-11,

4 Real-time, throughput, latency Throughput = associated with application o Amount of data processed per time unit o Samples/sec Video: Gbits/sec, Internet: Gpackets/sec o Real-time : HW has to work as fast as application dictates Latency = associated with application o Delay from input to output o o Measure of reaction speed or turn-around time Real-time : HW has to react as fast as application dictates Clock Frequency Clock frequency = property of hardware = 1/ (longest critical path) = 1/ (critical path) Most design: time multiplexing Clock frequency sample frequency clock frequency = number of clock cycles available for the job sample frequency General purpose computing (i.e. caches) does not fit! Latency and sample frequency put hard constraints Darmstadt, June 10-11,

5 Past: security for Embedded system Old Model (simplified view): -Attack on channel between communicating parties -Encryption and cryptographic operations in black boxes -Protection by strong mathematic algorithms and protocols 9 Past: design for efficiency e.g. DES Efficiency Data Encryption Standard Dedicated processor Enc/Dec 3DES PRNG MAC generation All modes of operation 10 [EuroAsic 1991] Darmstadt, June 10-11,

6 Next: Power and energy constraint added! Power is limited o Cooling!! o Implanted devices only temperature 1 CC Energy Battery is limited o Pace maker battery is not rechargeble o One AAA battery is Joule How much crypto in one micro Joule? 11 Past: efficiency & power - Rijndael HW and SW friendly Rijndael AES evaluation Enc + Dec 0.18 μm CMOS Standard cells 2.3 Gbits/sec Only 56 mw 12 [JSSC 2003] Darmstadt, June 10-11,

7 Current: security for embedded system 13 New Model (also simplified view): -Attack channel and endpoints -Encryption and cryptographic operations in gray boxes -Protection by strong mathematic algorithms and protocols -Protection by secure implementation Need secure implementations not only algorithms Design for efficiency AND security SEMA attack: Simple Electromagnetic Attack on Elliptic Curve Public Key implementation. 14 [E. Demulder EUROCON 2005] Darmstadt, June 10-11,

8 Insecure implementation Elliptic Curve Public Key Point Multiplication algorithm Top level description Loop Init In: point P, key k (W bits) Output: Q = k.p Return Q j < W Q = 2Q for j = 0 to W 1 Q = 2.Q /* double */ if (bit j of k) is 1 then Q = Q + P /* add */ Return Q Q = Q+P bit j of k = 1? 15 Timing Side-Channel j = j + 1 AES with DPA countermeasures AES, 2nd generation Regular & WDDL based implementation Standard cells 1 50MHz to MHz 50mW unprot to 200mW prot Secure Insecure 16 [CHES2005] Darmstadt, June 10-11,

9 Crypto within 1 micro Joule? DESIGN METHODS Example: Rijndael/AES round S S S S S S S S S S S S S S S S Key Schedule round round. round MixColumns S S S S MixColumns S S S S MixColumns S S S S MixColumns S S S S key length: 16/24/32 bytes 18 block length: 16/24/32 bytes Darmstadt, June 10-11,

10 Throughput Energy numbers AES 128bit key 128bit data 0.18um CMOS Throughput Power 3.84 Gbits/sec 350 mw Figure of Merit (Gb/s/W = Gb/J) 11 (1/1) FPGA [1] Intel ISA for AES [6] ASM StrongARM [2] Asm Pentium III [3] C Emb. Sparc [4] Java [5] Emb. Sparc 1.32 Gbit/sec 490 mw 2.7 (1/4) 32 Gbit/sec 95 W 0.34 (1/33) 31 Mbit/sec 240 mw 0.13 (1/85) 648 Mbits/sec 41.4 W (1/800) 133 Kbits/sec 120 mw (1/10.000) 450 bits/sec 120 mw (1/ ) [1] Amphion CS5230 on Virtex2 + Xilinx Virtex2 Power Estimator [2] Dag Arne Osvik: 544 cycles AES ECB on StrongArm SA-1110 [3] Helger Lipmaa PIII assembly handcoded + Intel Pentium III (1.13 GHz) Datasheet [4] gcc, Mhz Sparc assumes 0.25 u CMOS [5] Java on KVM (Sun J2ME, non-jit) on MHz Sparc assumes 0.25 u CMOS [6] Shay Gueron, Intel Design principle one: Match between algorithm & platform Application Close the gap: Dedicated HW: ASIC, SOC Programmable HW: FPGA Dedicated instructions, handcoded assembly Power Compiled code JAVA on virtual machine, compiled on a real machine Platform??? Cost ASIC Fixed 20 General Purpose Energy - flexibility trade-off Darmstadt, June 10-11,

11 Cost of crypto primitives Crypto for 1 micro-joule: Energy - flexibility trade-off 1 microjoule bits AES (optimized version) 3000 to 10K gates area = small 22 Darmstadt, June 10-11,

12 SHA3 evaluation: One size fits all HW - SHA 3 ASIC (90nm) synthesis Throughput Mbits (@250MHz) Gate (GE) SHA K 2 Blake K 2.5 Grøstl K 2.5 JH K 2 Keccak K 1 Skein K 6 Energy (pj/bit) 24 [slide input: Miroslav Knežević] Darmstadt, June 10-11,

13 Low Power Keccak in SW Keccak on ATtiny45 at 8MHz 540 microwatt at 1MHz (spec) 716 * 10^3 clock cycles to hash 500 Bytes Result: 100 pj/bit Energy-flexibility trade-off: SW is 100 times less energy efficient than HW J. Balasch, B. Ege, Th. Eisenbarth, B. Gérard, Z Gong, T Gu neysu, S Heyse, S Indesteege, S Kerckhof, F Koeune, T Nad, T Plos, T Po ppelman, F Regazzoni, F Standaert, G Van Assche, I von Maurich, L van Oldeneel Open Source Implementations of Hash Functions in an Atmel AtTiny45, ECRYPT. 1 microjoule [ bits lightweight algo, < 1000 gates] bits AES encryption, 3000 gates 1000 bits Keccak hash, 30K gates Public key?? Darmstadt, June 10-11,

14 Public key in 1 micro Joule DESIGN METHODS Security adds extra design dimension Typical design process for embedded medical device Design requirements Sensing & activation ation Security: privacy, authentication, Design Area, low power, low energy Security: attack resistant Measurements Evaluation Measure: area, power, time, latency, Security: attack & measure resistance Darmstadt, June 10-11,

15 Requirements Design requirements Sensing & activation ation Security: privacy, authentication, Medical devices, typical scenario Small embedded devices communicate over wireless link for sensing and actuation Goal: low energy Security goal: attack resistant IMEC: Human++ project Darmstadt, June 10-11,

16 Security goals medical device Functional requirements: control heart beat, monitor vital signs communicate with programmer Security requirements: Mutual Authentication Encryption: to protect medical data of patient Data Authentication: correct settings Location Privacy: to avoid tracking Location Privacy Protection against tracking OK for phone apps (if user gives consent) Not OK for patients with implants Ex: PH- identification protocol Need Public key Elliptic Curve Public Key Darmstadt, June 10-11,

17 Low Power, Low Energy PKC Goal: public key engine Suitable for RFID, sensor nodes, IoT, medical devices Low Power: cooling - temperature 1 C Low energy: battery life 10+ years With suitable set of countermeasures Design & Design methods Design Area, low power, low energy Security: attack resistant Darmstadt, June 10-11,

18 Design Methods: security pyramid System level: asymmetric protocol Algorithm level: identify crypto building blocks Architecture: security partitioning, HW/SW codesign Micro-architecture: finite field arithmetic Circuit level: RNG, sidechannel resistant design Countermeasures Timing and SPA resistant: o Montgomery power ladder o Constant execution time DPA resistant: o Random coordinate Circuit level: layout balancing Darmstadt, June 10-11,

19 Result 8bit micro-controller with ECC co-processor HW/SW co-design Full custom and standard cell based Evaluation Measurements Evaluation Measure: area, power, time, latency, Security: attack & measure resistance Darmstadt, June 10-11,

20 Measurements: Sasebo-R Efficiency results o 14K gates, o One point multiplication: 79K cycles per point multiplication 100 msec, 50 microw, 1V 5 microjoule Security results: o Timing, SPA resistant o DPA resistant with coordinate randomization Conclusion: 1 microjoule bits lightweight bits AES 2000 bits AES with WDDL 1000 bits Keccak hash 1/5 of one point multiplication 1/10 of one point mult WITH randomization 100% overhead for physical security Darmstadt, June 10-11,

21 Crypto algorithms in hardware? Future: Efficiency, security and immersed 41 Cyber Physical Future SwarmLab [Terabits, Long lasting Security] [Lightweight HW entangled] 42 [Mbits Security] [Source photograph: J. Rabaey: A Brand New Wireless Day] Darmstadt, June 10-11,

22 Security for immersed system: which model? 43 New Model (also simplified view): -Attack on the System -Firewalls? There is NO inside versus outside -Encryption, trust, security immersed -Devices cooperate to build up trust -All old requirements still stand General Conclusions Cyber physical system: o Real time: throughput and latency! o Low power/low energy Security = extra design dimension o Why: joint optimization of efficiency and security Design methods for security o Similar to design for low power o Meaning: address at tall abstraction bt ti layers o Different: weakest link decides security of chain Future: immersion of electronics: e-swarm 44 Darmstadt, June 10-11,

23 QUESTIONS? For a list of associated publications, please visit: Darmstadt, June 10-11,