Abstract
This contribution explores the design dimensions, the primary quality factors of a design, of secure embedded systems design. Design dimensions define the design space, and they enable a designer to distinguish a high-quality design from a low-quality design. Besides well-known dimensions such as performance and flexibility, secure embedded systems design introduces a new one: risk, or the potential for loss. Risk is on equal footing with flexibility and performance. The design challenges for risk cannot be met by optimizing for performance or flexibility alone. Hence, secure-embedded system design requires a trade-off between flexibility, performance, and risk. We illustrate this trade-off for each pair of factors through several driver applications, including parallel cryptography, integration of physical unclonable functions and side-channel countermeasures.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Aarestad, J., Ortiz, P., Acharyya, D., Plusquellic, J.: HELP: A Hardware-Embedded Delay PUF. IEEE Design Test 30(2), 17–25 (2013)
Anderson, R.J.: Security Engineering - A Guide to Building Dependable Distributed Systems, 2nd edn. Wiley (2008)
Aroms, E.: NIST Special Publication 800-39 Managing Information Security Risk. Create Space, Paramount, CA (2012)
Bhasin, S., Guilley, S., Souissi, Y., Graba, T., Danger, J.L.: Efficient Dual-Rail Implementations in FPGA Using Block RAMs. In: ReConFig, pp. 261–267 (2011), http://doi.ieeecomputersociety.org/10.1109/ReConFig.2011.32
Brocious, C.: My Arduino can beat up your hotel room lock. Black Hat 2012 (July 2012), http://demoseen.com/bhpaper.html
Chakraborty, R., Lamech, C., Acharyya, D., Plusquellic, J.: A Transmission Gate Physical Unclonable Function and on-chip Voltage-to-digital Conversion Technique. In: DAC, p. 59 (2013), http://doi.acm.org/10.1145/2463209.2488806
Chari, S., Jutla, C.S., Rao, J.R., Rohatgi, P.: Towards Sound Approaches to Counteract Power-Analysis Attacks. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 398–412. Springer, Heidelberg (1999), http://dx.doi.org/10.1007/3-540-48405-1_26
Chen, Z., Schaumont, P.: A Parallel Implementation of Montgomery Multiplication on Multicore Systems: Algorithm, Analysis, and Prototype. IEEE Trans. Computers 60(12), 1692–1703 (2011), http://doi.ieeecomputersociety.org/10.1109/TC.2010.256
Chen, Z., Sinha, A., Schaumont, P.: Using Virtual Secure Circuit to Protect Embedded Software from Side-Channel Attacks. IEEE Trans. Computers 62(1), 124–136 (2013), http://doi.ieeecomputersociety.org/10.1109/TC.2011.225
Helfmeier, C., Boit, C., Nedospasov, D., Seifert, J.P.: Cloning Physically Unclonable Functions. In: IEEE Int. Symposium on Hardware-Oriented Security and Trust, HOST (2013)
Coron, J.-S., Kizhvatov, I.: Analysis and Improvement of the Random Delay Countermeasure of CHES 2009. In: Mangard, S., Standaert, F.-X. (eds.) CHES 2010. LNCS, vol. 6225, pp. 95–109. Springer, Heidelberg (2010), http://dx.doi.org/10.1007/978-3-642-15031-9_7
Fan, J., Reparaz, O., Rozic, V., Verbauwhede, I.: Low-energy Encryption for Medical Devices: Security Adds an Extra Design Dimension. In: DAC 2013 (2013), http://doi.acm.org/10.1145/2463209.2488752
Fan, J., Sakiyama, K., Verbauwhede, I.: Elliptic Curve Cryptography on Embedded Multicore Systems. Design Autom. for Emb. Sys. 12(3), 231–242 (2008), http://dx.doi.org/10.1007/s10617-008-9021-3
Gajski, D.D., Abdi, S., Gerstlauer, A., Schirner, G.: Embedded System Design: Modeling, Synthesis and Verification, 1st edn. Springer Publishing Company, Incorporated (2009)
Gammel, B., Fischer, W., Mangard, S.: Generating a Session Key for Authentication and Secure Data Transfer. US Patent Application US 2010/0316217 (December 2010)
Gassend, B., van Dijk, M., Clarke, D.E., Torlak, E., Devadas, S., Tuyls, P.: Controlled Physical Random Functions and Applications. ACM Trans. Inf. Syst. Secur. 10(4) (2008), http://doi.acm.org/10.1145/1284680.1284683
Genelle, L., Prouff, E., Quisquater, M.: Thwarting Higher-Order Side Channel Analysis with Additive and Multiplicative Maskings. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 240–255. Springer, Heidelberg (2011), http://dx.doi.org/10.1007/978-3-642-23951-9_16
Gierlichs, B., Batina, L., Tuyls, P., Preneel, B.: Mutual Information Analysis. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 426–442. Springer, Heidelberg (2008), http://dx.doi.org/10.1007/978-3-540-85053-3_27
Giorgi, P., Imbert, L., Izard, T.: Parallel Modular Multiplication on Multi-core Processors. In: IEEE Symposium on Computer Arithmetic, pp. 135–142 (2013), http://doi.ieeecomputersociety.org/10.1109/ARITH.2013.20
Goodwill, G., Jun, B., Jaffe, J., Rohatgi, P.: A Testing Methodology for Side-channel Resistance Validation. In: NIAT (2011)
Gura, N., Patel, A., Wander, A., Eberle, H., Shantz, S.C.: Comparing elliptic curve cryptography and RSA on 8-bit CPUs. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 119–132. Springer, Heidelberg (2004), http://dx.doi.org/10.1007/978-3-540-28632-5_9
Henzler, S.: Time-to-digital converter basics. In: Time-to-Digital Converters. Springer Series in Advanced Microelectronics, vol. 29, pp. 5–18. Springer, Netherlands (2010), http://dx.doi.org/10.1007/978-90-481-8628-0_2
Hutter, M., Wenger, E.: Fast Multi-precision Multiplication for Public-Key Cryptography on Embedded Microprocessors. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 459–474. Springer, Heidelberg (2011), http://dx.doi.org/10.1007/978-3-642-23951-9_30
Kaihara, M.E., Takagi, N.: Bipartite Modular Multiplication Method. IEEE Trans. Computers 57(2), 157–164 (2008), http://doi.ieeecomputersociety.org/10.1109/TC.2007.70793
Koç, C.K., Acar, T., Kaliski, B.: Analyzing and Comparing Montgomery Multiplication Algorithms. IEEE Micro 16(3), 26–33 (1996)
Koç, C.K., Walter, C.D.: Montgomery Arithmetic. In: Encyclopedia of Cryptography and Security (2005), http://dx.doi.org/10.1007/0-387-23483-7_263
Kocher, P.C.: Complexity and the Challenges of Securing SoCs. In: Proceedings of the 48th Design Automation Conference, DAC 2011, pp. 328–331. ACM, New York (2011), http://doi.acm.org/10.1145/2024724.2024803
Kocher, P.C., Lee, R., McGraw, G., Raghunathan, A.: Security as a New Dimension in Embedded System Design. In: Proceedings of the 41st Annual Design Automation Conference, DAC 2004, pp. 753–760. ACM, New York (2004)
Kocher, P.C., Jaffe, J., Jun, B., Rohatgi, P.: Introduction to Differential Power Analysis. J. Cryptographic Engineering 1(1), 5–27 (2011), http://dx.doi.org/10.1007/s13389-011-0006-y
Maes, R., Verbauwhede, I.: Physically unclonable functions: A study on the state of the art and future research directions. In: Sadeghi, A.R., Naccache, D. (eds.) Towards Hardware-Intrinsic Security. Information Security and Cryptography, pp. 3–37. Springer, Heidelberg (2010), http://dx.doi.org/10.1007/978-3-642-14452-3_1
Maiti, A., Schaumont, P.: A Novel Microprocessor-intrinsic Physical Unclonable Function. In: FPL, pp. 380–387 (2012), http://dx.doi.org/10.1109/FPL.2012.6339208
Mangard, S., Oswald, E., Popp, T.: Power Analysis Attacks - Revealing the Secrets of Smart Cards. Springer (2007)
Merli, D., Schuster, D., Stumpf, F., Sigl, G.: Side-Channel Analysis of PUFs and Fuzzy Extractors. In: McCune, J.M., Balacheff, B., Perrig, A., Sadeghi, A.-R., Sasse, A., Beres, Y. (eds.) TRUST 2011. LNCS, vol. 6740, pp. 33–47. Springer, Heidelberg (2011), http://dx.doi.org/10.1007/978-3-642-21599-5_3
Montgomery, P.L.: Modular Multiplication without Trial Division. Mathematics of Computation 44(170), 519–521 (1985)
Moradi, A., Poschmann, A., Ling, S., Paar, C., Wang, H.: Pushing the Limits: A Very Compact and a Threshold Implementation of AES. In: Paterson, K.G. (ed.) EUROCRYPT 2011. LNCS, vol. 6632, pp. 69–88. Springer, Heidelberg (2011), http://dx.doi.org/10.1007/978-3-642-20465-4_6
Popp, T., Kirschbaum, M., Zefferer, T., Mangard, S.: Evaluation of the Masked Logic Style MDPL on a Prototype Chip. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 81–94. Springer, Heidelberg (2007), http://dx.doi.org/10.1007/978-3-540-74735-2_6
Rabaey, J.: Low Power Design Essentials, 1st edn. Springer Publishing Company, Incorporated (2009)
Regazzoni, F., Cevrero, A., Standaert, F.-X., Badel, S., Kluter, T., Brisk, P., Leblebici, Y., Ienne, P.: A Design Flow and Evaluation Framework for DPA-Resistant Instruction Set Extensions. In: Clavier, C., Gaj, K. (eds.) CHES 2009. LNCS, vol. 5747, pp. 205–219. Springer, Heidelberg (2009), http://dx.doi.org/10.1007/978-3-642-04138-9_15
Rivain, M., Prouff, E.: Provably Secure Higher-Order Masking of AES. IACR Cryptology ePrint Archive 2010, 441 (2010), http://eprint.iacr.org/2010/441
Rostami, M., Burleson, W., Koushanfar, F., Juels, A.: Balancing Security and Utility in Medical Devices? In: DAC 2013 (2013), http://doi.acm.org/10.1145/2463209.2488750
Rührmair, U., Sehnke, F., Sölter, J., Dror, G., Devadas, S., Schmidhuber, J.: Modeling attacks on physical unclonable functions. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, pp. 237–249. ACM, New York (2010), http://doi.acm.org/10.1145/1866307.1866335
Sakiyama, K., Knezevic, M., Fan, J., Preneel, B., Verbauwhede, I.: Tripartite Modular Multiplication. Integration 44(4), 259–269 (2011), http://dx.doi.org/10.1016/j.vlsi.2011.03.008
Schaumont, P.R.: A Practical Introduction to Hardware/Software Codesign, 2nd edn. Springer Publishing Company, Incorporated (2013)
Suh, G.E., O’Donnell, C.W., Devadas, S.: AEGIS: A single-chip secure processor. Inf. Sec. Techn. Report 10(2), 63–73 (2005), http://dx.doi.org/10.1016/j.istr.2005.05.002
Suzuki, D., Saeki, M., Shimizu, K., Satoh, A., Matsumoto, T.: A Design Methodology for a DPA-Resistant Circuit with RSL Techniques. IEICE Transactions 93-A(12), 2497–2508 (2010), http://search.ieice.org/bin/summary.php?id=e93-a_12_2497
Taha, M., Schaumont, P.: A Key Management Scheme for DPA-protected Authenticated Encryption. In: DIAC 2013: Directions in Authenticated Ciphers (August 2013)
Tiri, K., Hwang, D., Hodjat, A., Lai, B.-C., Yang, S., Schaumont, P., Verbauwhede, I.: Prototype IC with WDDL and Differential Routing - DPA Resistance Assessment. In: Rao, J.R., Sunar, B. (eds.) CHES 2005. LNCS, vol. 3659, pp. 354–365. Springer, Heidelberg (2005), http://dx.doi.org/10.1007/11545262_26
Verbauwhede, I., Schaumont, P.: Skiing the Embedded Systems Mountain. ACM Trans. Embedded Comput. Syst. 4(3), 529–548 (2005), http://doi.acm.org/10.1145/1086519.1086523
Wilson, P., Frey, A., Mihm, T., Kershaw, D., Alves, T.: Implementing Embedded Security on Dual-Virtual-CPU Systems. IEEE Design Test of Computers 24(6), 582–591 (2007)
Oren, Y., Sadeghi, A.-R., Wachsmann, C.: On the Effectiveness of the Remanence Decay Side-Channel to Clone Memory-based PUFs. In: Bertoni, G., Coron, J.-S. (eds.) CHES 2013. LNCS, vol. 8086, pp. 107–125. Springer, Heidelberg (2013)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Schaumont, P., Aysu, A. (2013). Three Design Dimensions of Secure Embedded Systems. In: Gierlichs, B., Guilley, S., Mukhopadhyay, D. (eds) Security, Privacy, and Applied Cryptography Engineering. SPACE 2013. Lecture Notes in Computer Science, vol 8204. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41224-0_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-41224-0_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-41223-3
Online ISBN: 978-3-642-41224-0
eBook Packages: Computer ScienceComputer Science (R0)