Servicios de seguridad en ambientes computacionales altamente restringidos - PowerPoint PPT Presentation

About This Presentation

Title:

Servicios de seguridad en ambientes computacionales altamente restringidos

Description:

Servicios de seguridad en ambientes computacionales altamente restringidos Francisco Rodr guez-Henr quez CINVESTAV-IPN Depto. de Ingenier a El ctrica – PowerPoint PPT presentation

Number of Views:177

Avg rating:3.0/5.0

Slides: 46

Provided by: anarodrig

Category:

more less

Transcript and Presenter's Notes

Title: Servicios de seguridad en ambientes computacionales altamente restringidos

1
Servicios de seguridad en ambientes
computacionales altamente restringidos
Francisco Rodríguez-Henríquez CINVESTAV-IPN Depto.
de Ingeniería Eléctrica Sección de Computación
2
Antecedents and Motivation
3
Security Systems by layers
Applications Secure e-mail, Digital Money, Smart
Cards, Firewalls, etc.
Communication Protocols SSL, TLS, WTLS, WAP,
etc.
Security Services Confidentiality, Data
Integrity, Data Authentication, Non-Repudiation
Crypto User Functions Encrypt/Decrypt,
Sign/verify
Public Key Crypto Algorithms RSA, ECC Symmetric
Crypto Algorithms AES, DES, RC4, etc.
Computer Arithmetic Addition, Squaring,
multiplication, inversion and exponentiation
4
Security Services

Confidentiality - protect info value
Authentication - protect info origin (sender)
Identification - ensure identity of users
Integrity - protect info accuracy
Non-repudiation - protect from deniability
Access control - access to info/resources
Availability - ensure info delivery

5
Some Practical Applications

"Any sufficiently advanced technology is
indistinguishable from magic.
Arthur C. Clarke.
secure mail
secure communications
network authentication
electronic voting
electronic notary
digital money (digital wallet)
data distribution

6
Characteristics of Traditional IT Applications

Mostly based on interactive ( traditional)
computers
One user one computer paradigm
Static networks
Large number of users per network
Q How will the IT future look?

7
The IT Future

Bridge sensors
Cleaning robots
Car with various IT services
Networked robots
Smart street lamps
Pets with electronic sensors
Smart windows

8
Characteristics of Ubiquitous Computing Systems

Embedded nodes (no traditional computers)
Connected through wireless, close-range network
(Pervasive networks)!
Ad-hoc networks Dynamic addition and deletion of
nodes
Power/computation/memory constrained!
Vulnerable

9
Examples for Ubiquitous Computing

PDAs, 3G cell phones, ...
Living spaces will be stuffed with nodes
So will cars
Wearable computers (clothes, eye glasses, etc.)
Household appliances
Smart sensors in infrastructure (windows, roads,
bridges, etc.)
Smart bar codes (autoID)
Smart Dust
...

10
Security and Economics of Ubiquitous Computing

One-user many-nodes paradigm (e.g. 102-103
processors per human)
Many new applications we dont know yet
Very high volume applications
Very cost sensitive
People wont be willing to pay for security per
se
People wont buy products without security

11
Where are the challenges for embedded security?

Designers worry about IT functionality, security
is ignored or an afterthought
Attacker has easy access to nodes
Security infrastructure (PKI etc.) is missing
Protocols???
Side-channel and tamper attacks
Computation/memory/power constrained

12
Will that ever become reality??

We dont know, but CPUs sold in 2000

13
Implementation Platforms
14
Platforms

Cryptographic algorithms can be implemented
through
Software
ASIC
FPGAs
Choice of platform depends upon
Algorithm performance
Cost
Flexibility

15
Platform Implementation for Cryptographic
Algorithms
16
Platform Comparison
ASIC
Processor
Reconfigurable Hardware
Performance
Flexibility
Unit Cost
Development Cost
17
Platform Features

Software
Maximum flexibility ? Low Performance
Low cost
ASIC
High performance ? No flexibility at all
? High cost
FPGAs
Reasonable flexibility
Low cost
High performance

18
Why Crypto-algorithms in Hardware

Two main reasons
Software implementations are too slow for some
applications (symmetric alg encryption rates
100 Mbit/sec public-key alg gt 10 msec)
Hardware implementations are intrinsically more
physically secure Key access and algorithm
modication is considerably harder.

19
But why reconfigurable hardware?

Potential advantages of crypto algorithms
implemented on reconfigurable platforms
Algorithm Agility
Algorithm Upgrade
Architecture Efficiency
Resource Efficient
Algorithm Modification
(Throughput relative to software)
(Cost Efficiency relative to ASICs)

20
Crypto and FPGAs Algorithm Agility

Observation Modern security protocols are
defined to
be algorithm independent
Encryption algorithm is negotiated on a
per-session basis.
Wide variety of ciphers can be required. Ex
IPsec-allowed algorithms DES, 3DES, Blow-Fish,
CAST, IDEA, RC4 and RC6, future extensions!
Same holds for public-key algorithms, e.g.,
Diffie-Hellman and ECDH.
Recall that ASIC solutions can provide
algorithm agility
only at high costs.

21
Crypto and FPGAs Algorithm Upgrade

Applications may need upgrade to a new algorithm
because
Current algorithms was broken (DES)
Standard expired (again DES)
New standard was created (AES)
Algorithm list of algorithm independent protocol
was extended
Upgrade of ASIC-implemented algorithm is
practically
infeasible if many devices are affected or in
applications
such as satellite communications.

22
Crypto and FPGAs Architecture Efficiency

In certain cases a hardware architecture can be
much more efficient if it is designed for a
specific set of parameters. Parameters for
cryptographic algorithms can be for example the
key, the underlying finite field, the coefficient
used (e.g., the specific curve of an ECC system),
and so on. Generally speaking, the more specific
an algorithm is implemented the more efficient it
can become.

23
Crypto and FPGAs Resource Efficiency

Observation The majority of security protocols
uses
private-key as well as public-key algorithms
during one session, but not simultaneous.
Same FPGA device can be used for both through run
time reconguration.

24
Crypto and FPGAs Algorithm Modification

Some applications require Public algorithms (such
as AES candidates) with proprietary modules,
e.g., proprietary S-boxes or permutations.
Change of modes of operations (feedback modes,
counter mode, etc.)
Crypto-analytical implementation, such as
key-search
machines, may use slightly altered version of the
algorithms.
With FPGAs, these changes can readily be
implemented.

25
FPGA Field programmable Gate Arrays
26
Configurable Logic Block
4
Combinational Logic
16x1 RAM
4
1-bit reg
1-bit reg
1-bit reg
1-bit reg
4
Combinational Logic
16x1 RAM
4
Logic Mode
Memory Mode
27
Virtex-II Pro
Feature/Product XC2VP2 XC2VP4 XC2VP7 XC2VP20 XC2VP30 XC2VP40 XC2VP50 XC2VP70 XC2VP100 XC2VP125
EasyPath cost reduction - - - - XCE2VP30 XCE2VP40 XCE2VP50 XCE2VP70 XCE2VP100 XCE2VP125
Logic Cells 3,168 6,768 11,088 20,880 30,816 43,632 53,136 74,448 99,216 125,136
Slices 1,408 3,008 4,928 9,280 13,696 19,392 23,616 33,088 44,096 55,616
BRAM (Kbits) 216 504 792 1,584 2,448 3,456 4,176 5,904 7,992 10,008
18x18 Multipliers 12 28 44 88 136 192 232 328 444 556
Digital Clock Management Blocks 4 4 4 8 8 8 8 8 12 12
Config (Mbits) 1.31 3.01 4.49 8.21 11.36 15.56 19.02 25.6 33.65 42.78
PowerPC Processors 0 1 1 2 2 2 2 2 2 4
Max Available Multi-Gigabit Transceivers 4 4 8 8 8 12 16 20 20 24
Max Available User I/O 204 348 396 564 644 804 852 996 1164 1200
1 Logic Cell (1) 4-input LUT (1) FF (1)
Carry Logic 1 CLB (4) Slices
http//www.xilinx.com/products/tables/fpga.htmv2p
28
Wireless Ad-Hoc Network
29
Smart Cards
30
Smart Cards
31
Smart Cards
32
Smart Cards
33
Multi-hop cellular

Set of base stations connected to a backbone
(like in cellular)
Potentially, multi-hop communication between the
mobile station and the base station (unlike in
cellular)

D
S
34
Multi-hop cellular

Advantages
Energy consumption of the mobile stations can be
reduced
Immediate side effect Reduced interference
Number of base stations (fixed antennas) can be
reduced
Coverage of the network can be increased
Closely located mobile stations can communicate
independently from the infrastructure (ad hoc
networking)
Disadvantages
Routing?
Synchronization?

35
A model

Multi-hop up-link
Single-hop down-link
Problem How to encourage the nodes to relay
packets for the benefit of other nodes?

D
S
36
Where are the challenges for embedded security?

Designers worry about IT functionality, security
is ignored or an afterthought
Attacker has easy access to nodes
Security infrastructure (PKI etc.) is missing
Protocols???
Side-channel and tamper attacks
Computation/memory/power constrained

37
Why do constraints matter?

Almost all ad-hoc protocols (even routing!)
require crypto ops for every hop
At least symmetric alg. are needed
Asymmetric alg. allow fancier protocols
Question What type of crypto can we do?

38
Security on Different Embedded Processors
39
Classification by Processor Power

Very rough classification of embedded processors
Class speed high-end Intel
Class 0 few 1000 gates ?
Class 1 8 bit ?P, ? 10MHz ? 1 103
Class 2 16 bit ?P, ? 50MHz ? 1 102
Class 3 32 bit ?P, ? 200MHz ? 1 10

40
Case Study Class 0 RFID
41
Case Study Class 0 RFID

Recall Class 0 no ?P, few 1000 gates
Goal RFID as bar code replacement
Cost goal 5 cent (!)
allegedly 500 x 109 bar code scans worldwide per
day (!!)
AutoID tag security with 1000 gates CHES 02
Ell. curves (asymmetric alg.) need gt 20,000 gates
DES (symmetric alg.) needs gt 5,000 gates
Lightweight stream ciphers might work

42
RFIDs Applications

Expired Milk Reported
Within two decades, the minuscule transmitters
are expected to replace the familiar product bar
codes
Alerting consumers
help you manage your inventory a lot better
tell you that a prescription is in the waiting
bin
provide details to marketers about a family's
eating
the technology raises privacy concerns

43
Status Quo Crypto for Class 1