FPGAs for Trusted Cloud Computing
Traditional Servers Datacenter Cloud Servers Datacenter Cloud Manager Client Client Control Client Client Control 2
Existing cloud systems cannot offer strong security guarantees Cloud administrator access liability Availability & co-tenancy malware & sidechannel attacks Cloud administrators have full access! 3
Existing cloud systems cannot offer strong security guarantees Cloud administrator access liability Availability & co-tenancy malware & sidechannel attacks Cloud is open to everyone! 4
Network bandwidth/ latency CPU time Storage allotment/ latency Minimum uptime Security 5
1% to 10% of information/transactions deal with sensitive data Isolate only sensitive computations on trusted compute nodes Client Application Unsecured Part Secured Part 6
Independent administration Management!= full access Cloud operator is not part of root of trust Physically secure High performance Generality Flexibility 7
Independent administration Physically secure Store keys Decrypt & authenticate binaries and data Execute application exactly as prescribed High performance Generality Flexibility 8
Independent administration Physically secure High performance Generality Flexibility 9
Requirements Independent administration Physically secure High performance Generality Flexibility X Platform Options Commodity servers Local/cloud hybrids High security commodity servers Secure co-processors Homomorphic crypto Dedicated hardware HSMs FPGAs 10
Requirements Independent administration Physically secure High performance Generality Flexibility X X X Platform Options Commodity servers Local/cloud hybrids High security commodity servers Secure co-processors Homomorphic crypto Dedicated hardware HSMs FPGAs 11
Requirements Independent administration Physically secure High performance Generality Flexibility X X Platform Options Commodity servers Local/cloud hybrids High security commodity servers Secure co-processors Homomorphic crypto Dedicated hardware HSMs FPGAs 12
Requirements Independent administration Physically secure High performance Generality Flexibility X X Platform Options Commodity servers Local/cloud hybrids High security commodity servers Secure co-processors Homomorphic crypto Dedicated hardware HSMs FPGAs 13
Requirements Independent administration Physically secure High performance Generality Flexibility Platform Options Commodity servers Local/cloud hybrids High security commodity servers Secure co-processors Homomorphic crypto Dedicated hardware HSMs FPGAs 14
FPGA Platform Board Dedicated FPGA Resources Key Mem. Boot. Logic Programmable Logic Region 15
Trusted Authority Bitstream Key FPGA Platform Board FPGA Key Mem. Boot. Logic 16
Untrusted Cloud Machine FPGA Platform Board FPGA Key Mem. 8x PCIe Boot. Logic 17
Trusted Authority Bitstream Key Untrusted Cloud Machine Platform Memory FPGA Platform Board FPGA Key Mem. Boot. Logic Customer Application Customer 18
Untrusted Cloud Machine FPGA Platform Board FPGA Key Mem. Encrypted & Signed Bitstream Boot. Logic 19
Untrusted Cloud Machine FPGA Platform Board FPGA Key Mem. Encrypted & Signed Bitstream Boot. Logic Client Application Client Application Request Loaded Application 20
Remove TA involvement? Trusted Authority Bitstream Key Customer Application Customer Remove per FPGA bitstream? Untrusted Cloud Machine Platform Memory FPGA Platform Board FPGA Key Mem. Boot. Logic 21
Sensitive vs. non-sensitive data Client App Data Stream Sensitive Data? Results Data Mining 22
Sensitive vs. non-sensitive data Separate, tokenize & encrypt sensitive fields Trusted Computing Node Client App Results Data Stream Bulk Cloud Servers Data Mining Non-Sensitive Plaintext Identify sensitive fields Tokenized Data Anonymization 23
PCI-Express Controller Prototype cloud server & FPGA architecture Untrusted Cloud Servers Session Key Exch. Infrastructure RSA & SHA FPGA privatek fb Client App Data Transfer Data Mining sessionk fb User Application Sensitive Plaintext AES & AES SHA Non-Sensitive Plaintext Encrypted & Tokenized Data 24
On an ML605 (V6 LX 240T) LUTs FF BRAM DSP Full system 18.1% 9% 6.9% 0.5% Infrastructure (RSA, SHA, PCIe, DDR3) Tokenization (AES, AES + SHA) 14.8% 8.6% 5.2% 0.5% 3.3% 0.3% 0.7% 0.0% 25
On an ML605 (V6 LX 240T) 200MHz clock Initiate 13+ RSA secure session key exchanges per second Decrypt AES at 572MB/s Tokenize with SHA-256 at 12MB/s Gb Ethernet is 125MB/s 1-10% of the incoming data was sensitive 26
Security is paramount to the cloud Existing server are insufficient FPGAs provide native support for secure boot and secure operation This represents a brand new market for FPGAs 27