Aimee Coughlin, Greg Cusack, Jack Wampler, Eric Keller, Eric Wustrow

Slides:



Advertisements
Similar presentations
Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.
Advertisements

Microsoft ® Official Course First Look Clinic Overview of Windows 8 By Ragowo Riantory, S.Kom, MCP.
Vpn-info.com.
1 SECURE-PARTIAL RECONFIGURATION OF FPGAs MSc.Fisnik KRAJA Computer Engineering Department, Faculty Of Information Technology, Polytechnic University of.
Cloakware Corporation, 260 Hearst Way, Suite 311, Kanata, Ontario, Canada K2L 3H1 Spencer Cheng Trusting DRM Software Presentation.
Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.
Trusted Design In FPGAs Steve Trimberger Xilinx Research Labs.
 Max Planck Institute for Software Systems Towards trusted cloud computing Nuno Santos, Krishna P. Gummadi, and Rodrigo Rodrigues MPI-SWS.
CMSC 414 Computer and Network Security Lecture 12 Jonathan Katz.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
Trusted Disk Loading in the Emulab Network Testbed Cody Cutler, Mike Hibler, Eric Eide, Rob Ricci 1.
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Three.
Transaction Processing IS698 Min Song. 2 What is a Transaction?  When an event in the real world changes the state of the enterprise, a transaction is.
Trusted Computing Platform Alliance – Introduction and Technical Overview – Joe Pato HP Labs MIT 6.805/ October 2002.
Linux Cryptography overview and How-to’s using OpenSSL
Understanding Android Security Yinshu Wu William Enck, Machigar Ongtang, and PatrickMcDaniel Pennsylvania State University.
Hands-On Microsoft Windows Server 2008
Bootstrapping Trust in Commodity Computers Bryan Parno, Jonathan McCune, Adrian Perrig 1 Carnegie Mellon University.
Patterns for Secure Boot and Secure Storage in Computer Systems By: Hans L¨ohr, Ahmad-Reza Sadeghi, Marcel Winandy Horst G¨ortz Institute for IT Security,
Trusted Computing BY: Sam Ranjbari Billy J. Garcia.
Week #7 Objectives: Secure Windows 7 Desktop
Copyright © 2011 EMC Corporation. All Rights Reserved. MODULE – 6 VIRTUALIZED DATA CENTER – DESKTOP AND APPLICATION 1.
MANAGEMENT ANTIMALWARE PLATFORM Microsoft Malware Protection Center Dynamic Signature Svc Available only in Windows 8 Endpoint Protection Management.
Architecture for Protecting Critical Secrets in Microprocessors Ruby Lee Peter Kwan Patrick McGregor Jeffrey Dwoskin Zhenghong Wang Princeton Architecture.
Hardware Support for Trustworthy Systems Ted Huffmire ACACES 2012 Fiuggi, Italy.
Virtual Workspaces Kate Keahey Argonne National Laboratory.
Module 6: Designing Security for Network Hosts
An Introduction to Trusted Platform Technology Siani Pearson Hewlett Packard Laboratories, UK
Trusted Computing and the Trusted Platform Module Bruce Maggs (with some slides from Bryan Parno)
Trusted? 05/4/2016 Charles Sheehe, CCSDS Security Working Group GRC POC All information covered is from public sources 1.
IoT Cooperation Strategy
Trusted? 05/4/2016 Charles Sheehe, CCSDS Security Working Group GRC POC All information covered is from public sources.
Hardware-rooted Trust for Secure Key Management & Transient Trust
LAS16-203: Platform Security Architecture for embedded devices
Trusted Computing and the Trusted Platform Module
Understanding Android Security
Protecting Network Equipment
Hardware security: The use of a Trusted Platform Module
Windows Server 2016 Secure IaaS Microsoft Build /1/2018 4:00 AM
Operating System Structure
4. NCdisk SP-based SoC Architecture 5. NCdisk Security Protocol
ABYSS : An Architecture for Software Protection
Trusted Computing and the Trusted Platform Module
Outline What does the OS protect? Authentication for operating systems
Chapter 2: System Structures
Hardware Cryptographic Coprocessor
Radius, LDAP, Radius used in Authenticating Users
Outline What does the OS protect? Authentication for operating systems
TERRA Authored by: Garfinkel, Pfaff, Chow, Rosenblum, and Boneh
Identity Processor Secures IoT Systems
Building hardware-based security with a Trusted Platform Module (TPM)
TPM, TEE, SGX Technologies
User-mode Secret Protection (SP) architecture
IoT Security – fel vagyunk rá készülve?
E-Lock ProSigner ProSigner means “Professional Signer” signifying the software that can apply legally enforceable Advanced electronic signatures to electronic.
Platform Architecture
Sai Krishna Deepak Maram, CS 6410
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Kriti shreshtha.
Intel Active Management Technology
Shielding applications from an untrusted cloud with Haven
Securing Android Apps using Trusted Execution Environment (TEE) - 07/08/14 Presented by: Mike Hendrick VP Product Sequitur Labs.
Understanding Android Security
TPM, UEFI, Trusted Boot, Secure Boot
Erica Burch Jesse Forrest
Bruce Maggs (with some slides from Bryan Parno)
Bruce Maggs (with some slides from Bryan Parno)
Stefano Tempesta Secure Machine Learning with SQL Server Always Encrypted with Secure Enclaves.
What is needed in the Next Generation Cloud trusted platform?
Presentation transcript:

Aimee Coughlin, Greg Cusack, Jack Wampler, Eric Keller, Eric Wustrow Breaking the Trust Dependence on Third Party Processes for Reconfigurable Secure Hardware Aimee Coughlin, Greg Cusack, Jack Wampler, Eric Keller, Eric Wustrow

What is secure hardware? Hardware that protects against other parts of the system Implemented such that you can trust its functionality Useful for defending against untrusted software Can defend against some kinds of physical threats

Trusted Platform Modules Secure coprocessor that provides cryptographic functions and key storage Most popularly used for disk encryption

Secure Boot Ensures that only trusted system software can boot by checking the signature of the software before it boots

Trusted Execution Environments App 1 App 2 Isolated App Operating System CPU TEE Isolated Memory Memory

Problem: Only Manufacturers Make Decisions What features to include When and if patches are available

What if Developers Could Make These Decisions? Processor Operating System Application Secure Hardware define

Enter FPGAs Leverage programmability of FPGAs to enable reconfigurable secure hardware Expose programmability to developers

The Downside of Programmability Immutable nature of silicon is a basis for the guarantees of secure hardware Programmability compromises security properties Desired Config Secure HW Function FPGA

The Downside of Programmability Attacker Immutable nature of silicon is a basis for the guarantees of secure hardware Programmability compromises security properties Desired Config Attacker’s Function FPGA

Bitstream Protection (widely available) Desired Config Encrypt Bitstream Decrypt bitstream Secure HW Function FPGA

Bitstream Protection – can’t attack the device Attacker Desired Config Encrypt Bitstream Decrypt bitstream Secure HW Function FPGA

Bitstream Protection – CAN attack the process Attacker Desired Config Encrypt Bitstream Encrypt Bitstream Decrypt bitstream Insecure HW Function FPGA

Breaking the Trust Dependence on Third Party Processes for Reconfigurable Secure Hardware

High-level Idea Self-provisioning Policy-controlled update system Key creation and maintenance is internal to device Policy-controlled update system Decrypt bitstream Secure HW Function Update System Desired Config FPGA

Defining some Roles FPGA Manufacturer System Manufacturer System Provisioner <= loads an initial FPGA configuration Application Developer <= loads secure hardware configuration User <= operates the device (roles may be overlap)

Self-provisioning Start with empty device self Secure Storage config Secure Storage Secure Boot Initial config FPGA

Self-provisioning Start with empty device self Secure Storage config Secure Storage Secure Boot Initial config Can only be read by specific hardware FPGA

Self-provisioning Start with empty device self Secure Storage config Secure Storage Secure Boot Initial config Stores a public key the device will only load an image generated with the corresponding key FPGA

Self-provisioning (1) – Generate Key Pair Special self-provisioning config used by system provisioner self Provision config Secure Storage Secure Boot self Provision system (1) Generate a key pair (2) Store the secret key in secure storage. (3) Program the public key to the secure boot system on the device. Initial config FPGA

Self-provisioning (1) – Generate Key Pair Special self-provisioning config used by system provisioner self Provision config Secure Storage Secure Boot self Provision system (1) Generate a key pair (2) Store the secret key in secure storage. (3) Program the public key to the secure boot system on the device. (4) Sign/encrypt the initial FPGA configuration with secret key. Initial config Initial Config (Signed) FPGA

Self-provisioning (2) – Load Initial Config Only this specific configuration can be loaded onto the FPGA (next power cycle) Secure Storage Secure Boot Initial Config (Signed) Update System (w/ INITIAL policy) Initial policy could include a one-time use key FPGA

Loading Secure HW App (1) – verify policy The user initiates the loading of a new config Secure Storage Secure Boot Initial Config (Signed) (1) Receive an update. (2) Verify that the update conforms to the update security policy. Update System (w/ INITIAL policy) Desired Secure HW App FPGA

Loading Secure HW App (1) – verify policy The user initiates the loading of a new config Secure Storage Secure Boot Initial Config (Signed) (1) Receive an update. (2) Verify that the update conforms to the update security policy. (3) Use secret key to sign/encrypt the update (using embedded encryption hw) Update System (w/ INITIAL policy) Desired Secure HW App Desired Secure HW App (signed) FPGA

Loading Secure HW App (2) – Load Desired Config The secure HW App is then loaded Secure Storage Secure Boot Secure HW App Update System (w/ NEW policy) Desired Secure HW App (signed) FPGA

Update Policies: Implemented by the loaded config Flexibility to use a variety of means to protect the update (including multiple-factors) User inputs, key maintained by trusted dev, key maintained by user, etc. Flexibility to implement a variety of policies Trust once (initially unprotected) One time key (protected by shared key) 2 factor (signed by trusted dev and user input PIN) No updates allowed

Isolated Execution Environment Implementation Self-provisioning, secure update, secure storage on Xilinx Zynq Ultrascale+ Application: TEE (like SGX but with custom root of trust) Remote client ARM CPU Remote Attestation Server endpoint Enclave driver Enclave libraries FPGA Fabric Enclave Logic Secure RNG ECDSA Enclave Loader / Verifier config Isolated Execution Environment

SDK for the TEE Enclave Applications: SHA512 Password manager Enclave library User created Enclave Applications: SHA512 Password manager Just copy-in / copy-out Contact Matcher (like Signal) libenc.h interface.json libenc.c arm.c enclave.c SDK Selected Option SW Enc HW enc HW config w/ MicroBlaze and executable HLS Generated HW config ARM binary

Conclusion Main Take Away: We don’t need to trust the system provisioner to maintain keys Our system protects the most important key (self-provisioning) provides flexibility to determine how updates happen (policy)

Thank you Eric.Keller@Colorado.edu

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.