وبلاگ بلیان

Trustworthy Reconfigurable Systems [recurso electrónico] Enhancing the Security Capabilities of Reconfigurable Hardware Architectures

معرفی کتاب «Trustworthy Reconfigurable Systems [recurso electrónico] Enhancing the Security Capabilities of Reconfigurable Hardware Architectures» نوشتهٔ Thomas Feller (auth.)، منتشرشده توسط نشر Vieweg+Teubner Verlag در سال 2014. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.

Thomas Feller sheds some light on trust anchor architectures for trustworthy reconfigurable systems. He is presenting novel concepts enhancing the security capabilities of reconfigurable hardware. Almost invisible to the user, many computer systems are embedded into everyday artifacts, such as cars, ATMs, and pacemakers. The significant growth of this market segment within the recent years enforced a rethinking with respect to the security properties and the trustworthiness of these systems. The trustworthiness of a system in general equates to the integrity of its system components. Hardware-based trust anchors provide measures to compare the system configuration to reference measurements. Reconfigurable architectures represent a special case in this regard, as in addition to the software implementation, the underlying hardware architecture may be exchanged, even during runtime. Contents Trustworthy Systems, Reconfigurable Architectures FPGA Design Security, Authenticated Encryption Physical Attack Resistance, System Security Target Groups Researchers and students in the field of reconfigurable hardware architectures with an emphasis on secure and trustworthy systems Practitioners using reconfigurable architectures and need to provide a high level of protection against overproduction and counterfeiting. The Author Thomas Feller finished his doctoral thesis at the Center of Advanced Security Research (CASED) and the department of Integrated Circuits and Systems Lab, Technische Universität Darmstadt, under the supervision of Prof. Dr.-Ing. Sorin A. Huss Abstract 6 Kurzfassung 7 Acknowledgements 9 Contents 11 List of Figures 15 List of Tables 17 1 Introduction 19 1.1 Reconfigurable Computing 20 1.2 Trustworthy Reconfiguration 22 1.3 Summary of Contributions 24 1.4 Limitations 24 1.5 Remainder of this Thesis 25 2 Trustworthy Computing 27 2.1 The Meaning of Trustworthiness 29 2.2 Trusted Computing Group 31 2.2.1 Trusted Computing Limitations 31 2.2.2 Trusted Platform Module Specification 32 2.2.3 Platform Integrity Measurements 37 2.2.4 Measured Boot 39 2.2.5 Secure Boot 40 2.2.6 Authentication Protocols 40 2.2.7 System Integrity Reporting 41 2.3 Supporting Multiple Stakeholders 43 2.3.1 Reference Integrity Metric Certificates 44 2.4 Beyond TCG Specifications and Related Products 45 2.4.1 Intel Trusted Execution Technology 47 2.4.2 ARM TrustZone 48 2.4.3 Texas Instruments M-Shield 49 2.5 Trustworthy Systems using FPGAs 49 2.5.1 Software-based Attestation 50 2.5.2 Hardware-based Attestation 51 3 Requirements for Trustworthiness 52 3.1 Key Storage and Certificate Management 53 3.1.1 Cryptographic Memories 55 3.1.2 Storing Cryptographic Secrets 57 3.1.3 Certificate Management 61 3.2 Identification and Authentication 64 3.2.1 Requirements for Cryptographic Keys 65 3.2.2 Device Identifiers 66 3.2.3 Physically Unclonable Functions 66 3.3 A Notion of Time 69 3.4 Measurements for Security 70 3.4.1 The Orange Book 71 3.4.2 Common Criteria for IT Security Evaluation 72 3.4.3 NIST-FIPS 140-2 75 4 Design Security and Cyber-Physical Threats 78 4.1 Design Security Goals 80 4.2 Vendor Specific Design Security 83 4.2.1 Tamper Protection 88 4.3 Generic IP-Protection 88 4.4 Cyber-Physical Threats 89 4.4.1 Cloning, Overbuilding and Counterfeiting 91 4.4.2 Physical Attacks 92 4.5 Common Security Scenarios 99 4.5.1 Trusted Computing Group 99 4.5.2 FPGA Vendor 99 4.6 TPM Specific Attacks 100 5 Towards Trustworthy Cyber-Physical Systems 102 5.1 Reconfigurable System Challenges 104 5.1.1 Storage of Security-Sensitive Data 104 5.2 Trustworthy Reconfigurable Systems 105 5.2.1 The Use of Partial Reconfiguration 107 5.2.2 System State Reporting 108 5.2.3 Freshness of Configuration Data 109 5.2.4 TinyTPM Architecture 110 5.2.5 Life-Cycle 113 5.2.6 Bootstrapping 114 5.2.7 Update Protocol 116 5.2.8 Proof-Of-Concept Implementation 119 5.2.9 Evaluation 120 5.3 TinyTPM Optimizations 127 5.3.1 Authenticated Encryption 127 5.3.2 Partial Reconfiguration Performance 135 5.4 Physical Attack Resistance 137 5.4.1 Side-Channel Aware TinyTPM Architecture 137 5.4.2 Evaluation 138 5.4.3 Tamper Protection 138 5.5 Supporting Multiple Stakeholders 140 5.5.1 Dynamic Context Management Concept 141 5.5.2 dcTPM Proof-of-Concept 146 5.5.3 Context Authorization Protocol 150 5.5.4 dcTPM-Commands 151 5.5.5 Multi-Context Trust/Live Migration 152 6 Application Scenarios 154 6.1 IP-Protection for Partial Reconfiguration 154 6.1.1 Trustworthy Reconfiguration enforcing IP-Protection 155 6.1.2 Configuration Management 158 6.2 Hard Disk Encryption 158 6.2.1 Proof-of-Concept Implementation 159 6.2.2 Multi-User Environments 162 6.3 Pay TV Content Protection 163 6.3.1 Reconfigurable Security 164 6.3.2 Proof-of-Concept Implementation 166 7 Summary 168 A Cryptographic Primitives 171 A.1 Selection of Algorithms 171 A.1.1 Providing Integrity 173 A.1.2 Providing Authenticity 173 A.1.3 Providing Confidentiality 174 A.1.4 Providing Non-Repudiation 174 A.1.5 Providing Long-Term Security 174 A.2 Secure Hash Algorithm 175 A.3 Advanced Encryption Standard 176 A.3.1 Low Latency AES Implementation 176 A.3.2 Sub-Bytes Implementations 177 A.4 Message Authentication Codes (MAC) 179 A.4.1 Hash-based Message Authentication Codes (HMACs) 180 A.5 Authenticated Encryption 180 A.5.1 AES Counter Mode with CBC-MAC – AES-CCM 181 A.5.2 Hardware Implementation 182 A.6 Random Number Generators 184 B FPGA Technology 187 B.1 Configuration Technologies 187 B.2 Partial Reconfiguration 188 B.2.1 Workflow 189 List of Publications 191 List of Supervised Theses 193 Bibliography 195 Thomas Feller sheds some light on trust anchor architectures for trustworthy reconfigurable systems. He is presenting novel concepts enhancing the security capabilities of reconfigurable hardware. Almost invisible to the user, many computer systems are embedded into everyday artifacts, such as cars, ATMs, and pacemakers. The significant growth of this market segment within the recent years enforced a rethinking with respect to the security properties and the trustworthiness of these systems. The trustworthiness of a system in general equates to the integrity of its system components. Hardware-based trust anchors provide measures to compare the system configuration to reference measurements. Reconfigurable architectures represent a special case in this regard, as in addition to the software implementation, the underlying hardware architecture may be exchanged, even during runtime. Contents Trustworthy Systems, Reconfigurable Architectures FPGA Design Security, Authenticated Encryption Physical Attack Resistance, System Security Target Groups Researchers and students in the field of reconfigurable hardware architectures with an emphasis on secure and trustworthy systems Practitioners using reconfigurable architectures and need to provide a high level of protection against overproduction and counterfeiting. The Author Thomas Feller finished his doctoral thesis at the Center of Advanced Security Research (CASED) and the department of Integrated Circuits and Systems Lab, Technische Universität Darmstadt, under the supervision of Prof. Dr.-Ing. Sorin A. Huss Front Matter....Pages I-XX Introduction....Pages 1-8 Trustworthy Computing....Pages 9-33 Requirements for Trustworthiness....Pages 35-60 Design Security and Cyber-Physical Threats....Pages 61-84 Towards Trustworthy Cyber-Physical Systems....Pages 85-136 Application Scenarios....Pages 137-150 Summary....Pages 151-153 Back Matter....Pages 155-212
دانلود کتاب Trustworthy Reconfigurable Systems [recurso electrónico] Enhancing the Security Capabilities of Reconfigurable Hardware Architectures