Abstract
Trusted platforms have been proposed as a promising approach to enhance the security of general-purpose computing systems. However, for many resource-constrained embedded systems, the size and cost overheads of a separate Trusted Platform Module (TPM) chip are not acceptable. One alternative is to use a software-based TPM, which implements TPM functions using software that executes in a protected execution domain on the embedded processor itself. However, since many embedded systems have limited processing capabilities and are battery-powered, it is also important to ensure that the computational and energy requirements for SW-TPMs are acceptable.
In this article, we perform an evaluation of the energy and execution time overheads for a SW-TPM implementation on a handheld appliance (Sharp Zaurus PDA). We characterize the execution time and energy required by each TPM command through actual measurements on the target platform. We observe that for most commands, overheads are primarily due to the use of 2,048-bit RSA operations that are performed within the SW-TPM. In order to alleviate SW-TPM overheads, we evaluate the use of Elliptic Curve Cryptography (ECC) as a replacement for the RSA algorithm specified in the Trusted Computing Group (TCG) standards. In addition, we also evaluate the overheads of using the SW-TPM in the context of various end applications, including trusted boot of the Linux operating system (OS), a secure VoIP client, and a secure Web browser. Furthermore, we analyze the computational workload involved in running SW-TPM commands using ECC. We then present a suite of hardware and software enhancements to accelerate these commands—generic custom instructions and exploitation of parallel processing capabilities in multiprocessor systems-on-chip (SoCs). We report results of evaluating the proposed architectures on a commercial embedded processor (Xtensa from Tensilica). Through uniprocessor and multiprocessor optimizations, we could achieve speed-ups of up to 5.71X for individual TPM commands.
- Argyroudis, P., Verma, R., Tewari, H., and O'Mahony, D. 2004. Performance analysis of cryptographic protocols on handheld devices. In Proceedings of the 3rd IEEE International Symposium Network Computing and Applications (NCA'04). IEEE, Los Alamitos, CA, 169--174. Google ScholarDigital Library
- ARM, 2004. Secure extensions to the ARM architecture. http://www.arm.com/trustzone.Google Scholar
- Broekman, M. 2005. End-to-end application security using trusted computing. http://www.cs.ru.nl/onderwijs/afstudereninfo/scripties/2005/MichielBroekmanScriptie.pdf.Google Scholar
- Chair for System Security, University of Bochum, Germany, 2005. GRUB TCG Patch to support Trusted Boot. http://trousers.sourceforge.net/grub.html.Google Scholar
- Computer Emergency Response Team (CERT). 2005. CERT research 2005 annual report. Carnegie Mellon University. http://www.cert.org/archive/pdf/cert_rsch_annual_rpt_2005.pdf.Google Scholar
- Daswani, N. and Boneh, D. 1999. Experimenting with electronic commerce on the palmpilot. In Proceedings of the 3rd International Conference Financial Cryptography (FC'99). Springer, Berlin, Germany, NY, 1--16. Google ScholarDigital Library
- Digium Inc. 2006. Asterisk—The Open Source PBX. http://www.asterisk.org.Google Scholar
- Fujitsu. 2004. LifeBook S7000 notebook. http://www.computers.us.fujitsu.com.Google Scholar
- Garfinkel, T., Pfaff, B., Chow, J., Rosenblum, M., and Boneh, D. 2003. Terra: A virtual machine-based platform for trusted computing. In Proceedings of the 19th ACM Symposium Operating Systems Principles (SOSP'03). ACM, New York, 193--206. Google ScholarDigital Library
- Großschädl, J. 2002. Instruction set extension for long integer modulo arithmetic on RISC-based smart cards. In Proceedings of the 14th International Symposium Computer Architecture and High Performance Computing (SBAC-HPC'02). IEEE, Los Alamitos, CA, 13--19. Google ScholarDigital Library
- Hankerson, D., Hernandez, J. L., and Menezes, A. 2000. Software implementation of elliptic curve cryptography over binary fields. In Proceedings of the 2nd International Workshop on Cryptographic Hardware and Embedded Systems (CHES'00). Springer, Berlin, Germany, 1--24. Google ScholarDigital Library
- IBM. 2006. TrouSerS - An open-source TCG software stack implementation. http://sourceforge.net/projects/trousers.Google Scholar
- IBM. 2004. IBM research report. https://www.trustedcomputinggroup.org/news/articles/rc23363.pdf.Google Scholar
- Lenovo. 2007. IBM thinkpad. http://www.pc.ibm.com/us/thinkpad.Google Scholar
- Linux Journal. 2004. Sharp Zaurus SL-5600. http://www.linuxjournal.com/article/6792.Google Scholar
- López, J. and Dahab, R. 1999. Fast multiplication on elliptic curves over GF(2m) without precomputation. In Proceedings of the 2nd International Workshop on Cryptographic Hardware and Embedded Systems (CHES '99). Springer, Berlin, Germany, 316--327. Google ScholarDigital Library
- López, J. and Dahab, R. 2000. An overview of elliptic curve cryptography. Tech. rep. Institute of Computing, State University of Campinas, Brasil.Google Scholar
- M. Matsumoto. 1997. Mersenne Twister random numbers generator. http://www.math.sci.hiroshima-u.ac.jp/m-mat/MT/ewhat-is-mt.html.Google Scholar
- M. Strasser. 2006. TPM Emulator. ETH, Zurich, Switzerland. http://developer.berlios.de/projects/tpm-emulator.Google Scholar
- National Institute of Standards and Technology. 2006. FIPS PUB 186-3: Digital signature standard (DSS). http://csrc.nist.gov/publications/drafts/fips_186-3/Draft-FIPS-186-3%20_March2006. pdf.Google Scholar
- National Institute of Standards and Technology. 2006. NIST 800-57: Recommendation for key management - Part 1: General. http://csrc.nist.gov/publications/nistpubs/800-57/SP800-57-Part1.pdf.Google Scholar
- OpenSSL. 2007. OpenSSL Project. http://www.openssl.org.Google Scholar
- Phillips, B. J. and Burgess, N. 2000. Implementing 1,024-bit RSA exponentiation on a 32-bit processor core. In Proceedings of the 11th IEEE International Conference Application-Specific Systems, Architectures, and Processors (ASAP'00). IEEE, Los Alamitos, CA, 127--137. Google ScholarDigital Library
- Potlapally, N. R., Ravi, S., Raghunathan, A., and Jha, N. K. 2006. A study of the energy consumption characteristics of cryptographic algorithms and security protocols. IEEE Trans. Mobile Comput. 5, 128--143. Google ScholarDigital Library
- Ravi, S., Raghunathan, A., Kocher, P., and Hattangady, S. 2004. Security in embedded systems: Design challenges. ACM Trans. Embed. Comput. Syst. 3, 461--491. Google ScholarDigital Library
- Sandhu, R. and Zhang, X. 2005. Peer-to-peer access control architecture using trusted computing technology. In Proceedings of the 10th ACM Symposium Access Control Models and Technologies (SACMAT '05). ACM, New York, NY, 147--158. Google ScholarDigital Library
- Shi, E., Perrig, A., and Doorn, L. V. 2005. BIND: A fine-grained attestation service for secure distributed systems. In Proceedings of the IEEE Symposium Security and Privacy (SP'05). IEEE, Los Alamitos, CA, 154--168. Google ScholarDigital Library
- Smith, S. W. 2005. Trusted Computing Platforms, Design and Applications. Springer. Google ScholarDigital Library
- Sun, F., Ravi, S., Raghunathan, A., and Jha, N. K. 2004. Custom-instruction synthesis for extensible-processor platforms. IEEE Trans. Comput. Aid. Design Integra. Circ. Syst. 23, 216--228.Google ScholarDigital Library
- Sun Microsystems. 2005. Sun's elliptic curve technology contribution to the OpenSSL. http://research.sun.com/projects/crypto/FrequenlyAskedQuestions.html.Google Scholar
- Tensilica Inc. 2001. Xtensa Application Specific Microprocessor Solutions - Overview Handbook. http://www.tensilica.com.Google Scholar
- Tillich, S. and Großschädl. 2004. A simple architectural enhancement for fast and flexible elliptic curve cryptography over binary finite fields GF(2m). In Proceedings of the 9th International Conference Asia-Pacific Computer Systems Architecture. 282--295.Google Scholar
- Trusted Computing Group. 2004. TCG Glossary. https://www.trustedcomputinggroup.org/groups/TCG_Glossary.pdf.Google Scholar
- Trusted Computing Group. 2004. TCG specification architecture overview. https://www.trustedcomputinggroup.org/specs/TPM.Google Scholar
- Trusted Mobile Platform. 2004. http://www.trusted-mobile.org.Google Scholar
- Weimerskirch, A., Stebila, D., and Shantz, S. C. 2003. Generic GF(2m) arithmetic in software and its application to ECC. In Proceedings of the 8th Australasian Conference Information Security and Privacy (ACISP'03). Springer, Berlin, Germany, NY, 79--92.Google Scholar
- Wollinger, T., Jardo, J. G., and Paar, C. 2003. Cryptography in embedded systems: An overview. In Proceedings of the Embedded World Conference. ACM, New York, NY, 735--744.Google Scholar
- Xu, G., Borcea, C., and Iftode, L. 2006. Satem: Trusted service code execution across transactions. In Proceedings of the IEEE International Symposium Reliable Distributed Systems (SRDS'06). IEEE, Los Alamitos, CA, 337--338. Google ScholarDigital Library
Index Terms
- Analysis and design of a hardware/software trusted platform module for embedded systems
Recommendations
Hybrid architectures for efficient and secure face authentication in embedded systems
In this paper, we propose an efficient and secure embedded processing architecture that addresses various challenges involved in using face-based biometrics for authenticating a user to an embedded system. Our paper considers the use of robust face ...
A tightly coupled finite field arithmetic hardware in an FPGA-based embedded processor core for elliptic curve cryptography
This work presents the implementation of a tightly-coupled hardware architectural enhancement to the Altera FPGA-based Nios II embedded processor. The goal is to accelerate finite field arithmetic operations in the binary fields of F<SUB align=right&...
Energy and execution time analysis of a software-based trusted platform module
DATE '07: Proceedings of the conference on Design, automation and test in EuropeTrusted platforms have been proposed as a promising approach to enhance the security of general-purpose computing systems. However, for many resource-constrained embedded systems, the size and cost overheads of a separate Trusted Platform Module (TPM) ...
Comments