Three Challenges of Secure Embedded System Design:
Performance, Battery life and Robustness
Nachiketh Potlapally
Department of Electrical Engineering
Princeton University
Princeton, NJEmail: [email protected]
Embedded System Applications Require Security
E-walletPortfolio management usingMicrosoft money
Server
RFID tag1.28-1.92 MHz,
128-512 bit ROM,32-128 bit RAM,
10000 gate logic,Battery (active)
Smart card66 MHz, 240 KB ROM,
16 KB RAM, 912 KB EEPROM
Crypto co-processor,Battery (active)
Cell-phone/PDA200 MHz,16MB RAM,
64MB Flash,Crypto co-processor,
Battery
Network
Sensitive embedded system applications need security protocols to provide confidentiality, integrity and authentication
E-passport
Cryptographic algorithms
Confidentiality, Integrity and Authentication
Confidentiality Integrity Authentication
- Table lookup- Permutations- Multiplication- Modular addition- Modular multiplication- Fixed shift/rotate- Variable shift/rotate
- Multiplication- Addition- Logical operations- Fixed shift/rotate
- Modular exponentiation- Point multiplication on Elliptic curves
Symmetric algorithms(DES, AES, 3DES, RC5)
Asymmetric algorithms(RSA, ECC, DH, ECDH)
Hash algorithms(MD4, HMAC, SHA-1)
Security protocols
Security objectives
Crypto algorithms arecomputationally
intensive
Challenges in Implementing Security on Embedded Systems
Embedded systems- Low-end processors- Battery energy supply
Security protocols
Reduced performance
Shorter batterylife
3DES and SHA require 130 MIPS @ 2 Mbps
(Intel SA-1100 delivers 150 MIPS at 133 MHz )
Sensoria WINS nodeneeds 21.5 mJ/bit to
transmit. RSA imposesoverhead of 42 mJ/bit
Susceptibility toside-channel attacks
Infer cryptographic keysfrom non-invasive probing
of implementation characteristics
Objectives in design of secure embedded systems: Good performance, long battery life and
robustness to attacks
My Research Experience
1. “Algorithm Exploration for Efficient Public-Key Security Processing for Wireless Handsets”, DATE022. “Optimizing Public-key Encryption”, ICC023. “System-level Design methodologies for a Wireless Security Processing Platform”, DAC024. “Analyzing the Energy Consumption of Security Protocols”, ISLPED035. “Impact of Configurability and Extensibility on IPSec Protocol Execution on Embedded Processors”, VLSID066. “Satisfiability-based Framework for Enabling Side-channel Attacks on Cryptographic Software”, DATE067. “A Study of the Energy Consumption Characteristics of Cryptographic Algorithms and Security Protocols”, IEEE Transactions on Mobile Computing, February 20068. “Aiding Side-channel Attacks on Cryptographic Software with Satisfiability-based Analysis”,
IEEE Transactions on VLSI Systems, April 20069. “Configuration and Extension of Embedded Processors to Optimize IPSec Protocol Execution”, IEEE Transactions on VLSI Systems. (To appear)10. “Verifying Data Integrity with Few Queries to Untrusted Memory”, (In Submission)
1. Optimizing public-key algo. software performance [1,2]2. Custom instruction design for public-key algo. [3]3. Accelerating symmetric and hash algo. through custom instructions [5,9]4. Optimizing IPSec protocol performance [5,9]5. Reducing performance overhead of memory checking [10]
1. Analyzing energy consumption of cryptographic algorithms [4,7]2. Optimize energy consumption of SSL protocol [4,7]3. Reduce energy consumed by memory bus in memory integrity checking [10]
1. Satisfiability-based framework for enabling side-channel attacks on embedded cryptographic software [6,8]
Performance
Battery life
Robustness
Publications:
Design ofsecure
embeddedsystems
Outline
• Part 1: Robustness of secure embedded systems– Satisfiability-based side-channel attacks on
cryptographic software
• Part 2: Battery life of secure embedded systems– Analyze energy consumption of cryptographic
algorithms and security protocols
• Future work
Part 1: RobustnessSatisfiability-based Side-channel
Attacks on Cryptographic Software
Logical Inferences on Leaked Intermediate Values Can Expose Secret Key
Memory bus
On-chipsecure memory
Cryptographic algorithm software
Plaintext
Ciphertext
Secretkey
Intermediatevariables
Logicalinferences
Protect theseVariables too!
Robustness: Talk Outline
• Information leakage in software implementations– Active and passive leakage
• Logical cryptanalysis framework– Satisfiability (SAT) solver– Proposed cryptanalysis flow
• Experimental setup• Results: DES, 3DES, and AES
– Sensitive intermediate variables
Cryptanalysis: Theoretical View
BlackBox
Cryptographic algorithmimplementation
Plaintext
Ciphertext
Secret key
Secure storage
Cryptographic algorithms are provably secureagainst mathematical cryptanalysis under the
black-box assumption
Applications
Cryptanalysis: Software Leakage
Operating system
System library
Hardware
System calls
System calls
Library calls
Machine instructions
Persistence ofswapped data
(Garfinkel & Shelat, S&P 03)
Memory busmonitoring
(Anderson & Kuhn, USENIX 96)
Sensitive residualdata in buffers
(Chow et al., USENIX 04)
Proactive cacheprobing
(C. Percival, Tech. Rep.)
Sensitive datain core dumps
(Broadwell et al., USENIX 03)
Hacking run-timestack
(V. Paretsky, Dr. Dobbs 05)
Software
Plaintext
CiphertextOn-chip
secure memory
Cryptanalysis Using Leaked Intermediate Values
1
2
3
4
5
Data-flow graph of a crypto function
Exposed intermediate computation
Hidden computation
Implied computation
Implication path
Exposure of intermediate values may aidcomputation of protected secret key bits
via logical implications
V1
V2V3
V5
V4
V6
V7V8
Secret key
Plaintext
Ciphertext
V9
V10
V11 6
Key is protected from exposure
7
Logical Cryptanalysis Framework
Plaintext P
Ciphertext C
Constraints
Known plaintext +Known ciphertext +Exposed variables
Circuit description
Logical Analysis/Implication
Engine
Theorem prover,Satisfiabilitysolver, ….
Secret key K
Secret Key
Satisfiability (SAT) Solvers
• SAT solver finds satisfying Boolean assignment to variables in a conjunctive normal form (CNF) formula– Gives a proof if no such assignment exists
• SAT solver has a powerful logical implication engine in the form of Boolean constraint propagation (BCP)
• Circuits can be converted to CNF in linear time
x
yz
(z+x) (z+y) (z+x+y)
x
yz
(z+x) (z+y) (z+x+y)
x
yz
(z+x+y) (z+x+y) (z+x+y) (z+x+y)
AND OR XOR
CNF CNF CNF
SAT-based Cryptanalysis Framework
(z+x+y) (z+x+y) (z+x+y) (z+x+y)(z+x) (z+y) (z+x+y)
….
(z+x) (z+y) (z+x+y)Ψ (P, C, K)
CNF formula ofcryptographic
algorithm,
Plaintext P Secret key K
Ciphertext C
CNF conversion
Ψ(P, C, K)
Set plaintext and ciphertext
values inΨ(P, C, K)
SATsolver
K’ = 110..1(consistent with the values set)
Timeout
Set values of exposed variables inΨ (P, C, K)
Constraints
CNF conversion : DES
Li
Li+1
Ri
Ri+1
Ki
P E
S1
S2
S7
S8…
Converting z=F(x,y) to CNF
z = F(x,y)(z F(x,y)) (F(x,y) z)
(z + F(x,y)) (F(x,y) + z)
≡
≡
Algorithm Clauses Literals
DES
3DES 20328 104928
6904 35232
....
Round 1
Round 2
Round i
Round 16
Plaintext
Ciphertext
K1
K2
Ki
K16
K
Secretkey
Keysetup
......
32 32
48
Experimental Setup
CNF generator
Cryptographic algorithm software
Plaintext,Ciphertext
Exposedvariable values
Xtensa ISS
RTLgenerator
xt-gcccompiler
Memory trafficanalyzer
MiniSAT solver
Secret key &Sensitive variables
Results: DES & 3DESLi Ri
Ri +1Li +1
F
Ki
Li Ri
Ri +1Li +1
Li +2 Ri +2
F
F
Ki
Ki +1
Li Ri
Ri +1Li +1
Li +2
Li +3
Li +4
Ri +2
Ri +3
Ri +4
F
F
F
F
Ki
Ki +1
Ki +2
Ki +3
Sensitive variable set
1
Sensitive variable set
2
Sensitivevariable set
3
Results: DES and 3DES
0
200
400
600
800
1000
1200
1400
1 2 4 8 16 32
0
5
10
15
20
25
30
2 4 8 16 32Plaintext-ciphertext pairs Plaintext-ciphertext pairs
Tim
e ta
ken
by
SA
T s
olv
er(s
eco
nd
s)
Tim
e ta
ken
by
SA
T s
olv
er(s
eco
nd
s)
Sensitive variable set 1 Sensitive variable set 3
DES
3DES
1. Sensitive variable sets 1 and 2: 1165 seconds (on average) with four plaintext-ciphertext pairs and corresponding intermediate variable values2. Sensitive variable set 3: 750 seconds (on average) with four plaintext-ciphertext pairs and corresponding intermediate variable values
Results: AES
Algorithm Literals Clauses
AES 10240 542432
Rounds
10
5 seconds (on average) to get the 128-bit AES key with one plaintext-ciphertext pair and 128-bit input and
output of any one round
CNF conversion
Results of side-channel cryptanalysis
Conclusions
• Presented a SAT-based framework for cryptanalysis
• Identified the set of sensitive intermediate variables in DES, 3DES and AES
• Future work:– Improve analysis techniques to reduce the
size of sensitive variable set– Combine with traditional side-channel attacks
Part 2: Battery LifeAnalyzing the Energy Consumption
of Cryptographic Algorithms andSecurity Protocols
Impact of Security Processing on Battery Life: Battery Gap
• Security processing is computationally intensive• Drains battery faster
0 100 200No. of Transactions
Battery runsout of power
Battery runsout of power
Mobile Node• Motorola DragonBall MC68328• Sensoria WINS NG RF Subsystem
( 10 Kbps, 10mW power )• Sensoria WINS NG Battery Pack
( 7.2 V supplying 26 kJ)
Source: Network Associates Inc.
There is a need for energy-efficient security protocols
Battery life: Outline
• Experimental setup• Analysis of energy consumption of
cryptographic algorithms– Symmetric algorithms– Public-key algorithms
• Analysis of energy consumption of SSL security protocol
• Discussion: Optimizing SSL• Conclusions
Dataacquisition card
Client
Powermeasurement
system
LabVIEW programmingenvironment
Serial
Senseresistor
Labpowersupply
TCP
IP
SSLHTTPS
Linux
IPSec Wireless
LAN/WAN
Server
iPAQ H3670SA-1100 StrongARM
@206MHz64MB RAM, 16MB ROM
SCB-68I/O connector
Experimental Set-up
Battery life: Outline
• Experimental setup• Analysis of energy consumption of
cryptographic algorithms– Symmetric algorithms– Public-key algorithms
• Analysis of energy consumption of SSL security protocol
• Discussion: Optimizing SSL• Conclusions
Symmetric Algorithms
…
Round 1
Round 2
Round N
Plaintext P
Ciphertext C
Key setup
Secret keyK
K1
K2
KN
Implementsconfusion
and diffusionoperations
...Round i
Ki
....…
..
Energy Consumption Results: Impact of Symmetric Algorithm Parameters
Symmetric algorithm parameters influence system energy consumption- Number of rounds of execution
RC5
• Cipher parameters affect energy and security• Energy-security trade-offs possible in symmetric algos.
247 295 2119 > >Cryptanalytic difficulty
0.1
1
10
100
1000
10000
Key Setup
Enc/Dec
Key Setup 27.53 87.04 7.96 37.63 7.87 32.94 95.97 66.54 3166.3
Enc/Dec 2.08 6.04 1.47 1.47 1.21 1.73 3.93 0.79 0.81
DES 3DES IDEA CAST AES RC2 RC4 RC5BLOWFISH
Ene
rgy
cons
umpt
ion
(log
ari
thm
ic s
cale
)
(µJ)(µJ/byte)
Energy Consumption Results: Symmetric Algorithms
Symmetric algorithms have widely varying energy consumption values- BLOWFISH has the greatest key setup cost, but very low enc/dec cost- 3DES has the highest enc/dec cost
Symmetric Algorithm Block Cipher Modes
Symmetricalgorithm
Plaintext
Ciphertext
Symmetricalgorithm
Plaintext_0
Ciphertext_0
Initializationvector
Symmetricalgorithm
Ciphertext_1
Plaintext_1
….
ECB modes CBC mode
Symmetricalgorithm
Plaintext_0
Ciphertext_0
Symmetricalgorithm
Ciphertext_1
Plaintext_1
….
Key Key Key
Initializationvector
Key Key
OFB/CFB mode
128
192
256
En
erg
y c
on
su
mp
tio
n (
uJ
)
(uJ)(uJ/Byte)
2
4
6
8
10
12
Key setup ECB CBC CFB OFB
Key size
AES
Energy Consumption Results: Impact of Symmetric Algorithm Modes
Symmetric algorithm parameters influence system energy consumption- Key size- Cipher mode (ECB, CBC, CFB, OFB)
Energy Consumption Results:Impact of Table Lookups & Loop Unrolling
0
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
Zero One Four
Full unroll
No unroll
Partial unroll
En
erg
y c
on
su
mp
tio
n (
J)
Number of tables per round
Degree of unrolling
• Many tables and full loop unrolling increase the number of memory accesses• Optimal energy with one table and partial unrolling
Maximumenergy
Minimum energy
60KB file, 128-bit key AES
Energy Consumption Results:Processor vs. Memory Energy in AES
0
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
Zero One Four
Memory
Processor
En
erg
y c
on
su
mp
tio
n (
J)
Number of tables per round
• Table lookups replace arithmetic instructions with loads and stores• Energy consumption rises when tables affect caching behavior
Partial loop unrolling
60KB file, 128-bit key AES
• Constructed using trap-door one way functions– Computationally infeasible to invert without ‘trap-door’
information
• Security is based on hard mathematical problems– Integer factorization (RSA)– Discrete logarithm in Integer field (DH, DSA)– Discrete logarithm in Elliptic fields (ECDH)
• Two applications of public-key algorithms– Authentication using digital signatures– Key exchange for symmetric algorithms
Public-key Algorithms
0
100
200
300
400
500
600
RSA DSA ECDSA
Key Gen
Sign
Verify
En
erg
y co
nsu
mp
tio
n (
mJ)
(1024-bit) (1024-bit) (160-bit)
Energy Consumption Results: Public-key Algorithms (Digital Signature)
• RSA and ECDSA exhibit complementary energy consumption for sign and verify operations
Energy Consumption Results: Public-key Algorithms (Key Exchange)
0
200
400
600
800
1000
1200
DH DH ECDH
Key Gen
Key Exch
(1024-bit)
En
erg
y co
nsu
mp
tio
n (
mJ)
(160-bit)(512-bit)
• Increasing key size drastically affects the energy consumption• ECDH is more energy efficient than DH
Battery life: Outline
• Experimental setup• Analysis of energy consumption of cryptographic
algorithms– Symmetric algorithms– Public-key algorithms
• Analysis of energy consumption of SSL security protocol
• Discussion: Optimizing SSL• Conclusions
Secure Sockets Layer (SSL)
IP
TCP
SSL Record Protocol
SSLHand-shake
SSLChangeCipher SSL
Alert
Application data
Fragment
CompressedFragment
MAC trailer
Padding
Encrypteddata
SSL record
SSL header
Compression
Message Integrity
Padding
Encryption
SSL Record Assembly
Confidentiality, Integrity
Authentication,Key exchange
Protocol
Asymmetric
Symmetric
Hash
En
erg
y co
nsu
mp
tio
nb
reak
up
60%
40%
80%
20%
100%
1K 100K 1M
Transaction size (bytes)
0%
41% 44% 46%
Energy Break-up of SSL Processing
• For small transactions, asymmetric algorithm energy dominates• For large transactions, symmetric algorithm energy dominates• Non-crypto processing accounts for more than 40% of the energy
Battery life: Outline
• Experimental setup• Analysis of energy consumption of cryptographic
algorithms– Symmetric algorithms– Public-key algorithms
• Analysis of energy consumption of SSL security protocol
• Discussion: Optimizing SSL• Conclusions
0
200
400
600
800
1000
1200
RSA ECC RSA ECC
Client authenticationoverhead
No clientauthentication
Ene
rgy
cons
umpt
ion
(mJ)
Client operations
Server operations
Optimizing SSL Handshake
SSL Handshake Optimizations- Presence/absence of security services (such as client authentication)- Choice of asymmetric cipher (RSA vs ECC)
Optimizing the SSL Record Stage
SSL Record Optimizations- Choice of cipher suite (e.g., ECC-AES-MD5 vs. ECC-BLOWFISH-MD5) is influenced by the size of the data transmitted.- Choice of cipher parameters (key size, number of rounds)
Key
setup
Enc/
Dec
AES 7.87 1.21
Blowfish 3167 0.81
Key
setup
Enc/
Dec
3DES 87 6.04
RC5 66.54 0.8
Conclusions
• Comprehensive analysis of energy consumption of cryptographic algorithms and security protocols
• Energy-security trade-offs possible in security protocols– Will tolerate lower security for reduced energy
consumption– Parameters identified include
• Symmetric algorithm used in record stage• Asymmetric algorithm used in handshake• Key-size of asymmetric algorithms• Number of rounds in symmetric algorithms• Size of data to be transmitted
Future Work
Future Research: Robust, Light-weight Security
Security objectives
Security protocols
Cryptographicalgorithms
Hardware-softwarearchitectures
Layered Security Implementation
Scalable security protocols with variable rounds and per round complexity - Scalable Fiat-Shamir identification protocol
1. Devise novel algorithms based on hard problems with simpler operations - Learning parity with noise2. Algorithms based on energy efficient operations - LFSR-based hashing - Polynomial arithmetic-based algorithms
1. Efficient embedded architectures for newer crypto algorithms - NTRU2. Low-cost architectures for side-channel attack resistance - Can leakage current provide side-channel information?3. Hardware measures to tackle malware (viruses, worms)
Acknowledgements
• Princeton University– Prof. Niraj Jha and Prof. Ruby Lee– Group members
• NEC Labs America– Dr. Anand Raghunathan– Dr. Srivaths Ravi
Thank you!