1 / 52

Novel Methods of Augmenting High Performance Processors with Security Hardware

Novel Methods of Augmenting High Performance Processors with Security Hardware. Jonathan Valamehr PhD Defense, UC Santa Barbara May 7, 2013 Committee: Prof. Timothy Sherwood (chair) Prof. Fred Chong Prof. Peter Michael Meliar-Smith Prof. Theodore Huffmire. Intro/Motivation.

quanda
Télécharger la présentation

Novel Methods of Augmenting High Performance Processors with Security Hardware

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Novel Methods of Augmenting High Performance Processors with Security Hardware Jonathan Valamehr PhD Defense, UC Santa Barbara May 7, 2013 Committee: Prof. Timothy Sherwood (chair) Prof. Fred Chong Prof. Peter Michael Meliar-Smith Prof. Theodore Huffmire

  2. Intro/Motivation Modern Microprocessors

  3. Intro/Motivation Modern Microprocessors • Commercial CPU tradeoffs: • Performance • Power • Area • Cost • Security

  4. Intro/Motivation Modern Microprocessors • Security • Confidentiality • Integrity • Availability

  5. Intro/Motivation Modern Microprocessors • Flurry of hardware attacks • Side channel attacks (Kocher 1996, Percival 2005, Bernstein 2005) • Power draw (Kocher et al. 1999, Jasper 2011) • EM analysis (Gandolfi et al. 2001 , Agrawal et al. 2002) • Physical tamper • Memory remanence (Soden et al. 1995, Halderman et al. 2008)

  6. Intro/Motivation Modern Microprocessors • High Assurance CPUs • High development costs • Small market share • Time-consuming to design • Commercial hardware still outperforms by 100x (and growing…)

  7. Intro/Motivation Modern Microprocessors High Assurance Processors (secure) Commercial Processors (high speed) The solution

  8. New Technology – 3D Integration 3D Crypto • 3D Integration • 2 or more dies stacked as one system • Foundry level option Second die L2 Cache (1x SRAM) CPU Base Processor CPU L1 CPU CPU L1

  9. Intro/Motivation Thesis Statement • The functionality of a processor can be extended after making minimal changes to its design. We introduce several novel methods of adding security to processors through the use of 3D Integration, resulting in secure processors that retain high performance.

  10. Outline 3D Crypto • Intro/Motivation -the what • 3D Crypto -the why • 3D Sec -the how • 3D Extensible ISAs -the what else • Conclusion

  11. 3D Crypto - Motivation 3D Crypto • Current Crypto Co-processors • Off-die co-processor, or utilizing core in CMPs • Prone to tamper, vulnerable to side-channels • Lower performance • IdealCrypto Co-processors • High integrity of data being processed • Tamper-proof and immune to attacks • High performance

  12. 3D Crypto Co-processor 3D Crypto Crypto Control Crypto Co-processor RNG AES D-H Dedicated Crypto Memory L2 Cache (1x SRAM) RSA DES RC4 MD5 CPU Main Processor CPU L1 CPU CPU L1

  13. Security Ramifications 3D Crypto • Threat Models (Valamehr et al. 2011) • Physical tamper • Memory remanence • Access-driven cache side-channel attacks • Time-driven cache side-channel attacks • Fault analysis • Electromagnetic analysis • Power analysis • Thermal analysis

  14. Perf/Power/Area/Cost 3D Crypto • Potential cost savings with 3D • Use of older technologies • Relationship between: • Performance • Power • Cost • Area

  15. Perf/Power/Area/Cost 3D Crypto

  16. Outline 3D Security • Intro/Motivation -the what • 3D Crypto -the why • 3D Sec -the how • 3D Extensible ISAs -the what else • Conclusion

  17. Current Trends 3D Security • Ideal: Fast and affordable high assurance systems • Resilient against attacks • Low cost • High performance

  18. Solution 3D Security • 3D Integration • Optional security layer Second die L2 Cache (1x SRAM) CPU Base Processor CPU L1 CPU CPU L1

  19. 3D-Sec: Idea 3D Security • Past Work: 3D Passive Monitors (Mysore et al. 2006) • Analyze data from base processor • Our Contribution – 3D Active Monitors (Valamehr et al. 2010) • Information flow control • Arbitration of communication • Partitioning of resources

  20. 3D-Sec: Idea 3D Security • Benefits with 3D Integration

  21. 3D-Sec: Idea 3D Security • Challenge • Normal operation if 3D layer absent • Security functions if 3D layer present

  22. 3D Security Layer – Circuit Level Primitives 3D Security • Circuit-level primitives for an active monitor (a) Tapping (b) Re-routing (c) Overriding (d) Disabling = 3D layer connections = Signal flow

  23. 3D Security Layer – Tapping 3D Security • Tapping sends requested signal to the 3-D control plane Tapping

  24. 3D Security Layer – Disabling 3D Security • Disabling effectively blocks the transmission of signals X Disabling

  25. 3D Security Layer – Disabling 3D Security • Theoretical 3-D Application: Mutual Trust Shared Bus Protocols Core 0 Core 1 = Post to the 3-D control plane = Signal flow L1 $ L1 $ ... … Shared Bus Shared L2 $

  26. 3D Security Layer – Re-routing 3D Security • Re-routing sends requested signals to 3-D plane, and blocks their original transmission X Re-routing

  27. 3D Security Layer – Re-routing 3D Security 1. • Theoretical 3-D Application: Crypto Co-processor Crypto Control Unit AES RSA DES 3-D Control Plane … … 1. Crypto Instruction 2. Result 2. Standard Execution Pipeline Computation Plane … … Reg File INST L1 $

  28. 3D Security Layer – Overriding 3D Security • Overriding blocks transmission of signal, while simultaneously injecting a new value Overriding

  29. 3D Security Layer – Gate Level Primitives 3D Security • Gate-level primitives in out out in Rerouting Tapping in out in out Disabling Overriding

  30. 3D Security Layer – General Primitive 3D Security • General primitive

  31. 3D Security 3D Security • Area overhead of general primitive(s) 4.5% increase

  32. Background – Side-Channel Attacks 3D Security • Access-driven cache attack (Percival 2005) Victim Process Shared Cache Attacker Process

  33. 3D Security Layer – Example Application 3D Security • 3-D Cache Eviction Monitor • Keep trusted process cache lines locked • Maintain secrecy of the private key

  34. 3D Security Layer – Example Application 3D Security • 3D Cache Eviction Monitor

  35. 3D Security Layer – Example Application 3D Security • Cache Performance

  36. Outline 3D Extensible ISAs • Intro/Motivation -the what • 3D Crypto -the why • 3D Sec -the how • 3D Extensible ISAs -the what else • Conclusion

  37. 3D Extensible ISAs - Idea 3D Extensible ISAs • 3D layer that implements new instructions • Connects to control unit on existing processor • May have new functional units • Extends the ISA of processor • Allows reuse of fast processor • Examples • Multimedia • Crypto • Other ISAs

  38. 3D Extensible ISAs - Approach 3D Extensible ISAs • Use circuit-level primitives • Find hook points • What data does the 3D layer need? • Which signals does the 3D need to change? • Design Control unit with free opcodes • Set aside a set of opcodes as available – NoOPs on base layer • Stall signal (for “asynchronous” execution)

  39. Circuit-Level Primitives 3D Extensible ISAs • Tapping • Rerouting • Overriding

  40. Hook Points 3D Extensible ISAs If opcode isn’t covered: NoOP Replace data (Override) 3-D instruction module Read opcode and register addresses (Tap) Route register values if shared with 3-D layer (Reroute)

  41. Control Unit Design 3D Extensible ISAs • Design Control unit with free opcodes • Set aside a set of opcodes as available • NoOPson base layer • Ensure they are explicitly defined • Increase writeback mux size

  42. Proof-Of-Concept 3D Extensible ISAs

  43. Results 3D Extensible ISAs • 5-stage pipelined CPU • Tested benchmarks for verification and execution time • 5-stage + AES core • Tested benchmarks for verification and execution time – matched 5-stage by itself • Insert Crypto instructions in benchmark • AES core executes and writes back correctly

  44. 3D Extensible ISAs 3D Extensible ISAs • Area overhead of general primitive(s) 3.7% increase

  45. Outline Conclusion • Intro/Motivation -the what • 3D Crypto -the why • 3D Sec -the how • 3D Extensible ISAs -the what else • Conclusion

  46. Future Directions Conclusion • Practical extensions • Sets of general hook points • 3DSec applications • 3D ISA - heterogeneous architectures • Physical realizations • 3DSec chip • Test functions

  47. Publications Conclusion • A 3D Split Manufacturing Approach to Trustworthy System DevelopmentJonathan Valamehr, Timothy Sherwood, Ryan Kastner, David Marangoni-Simonsen, Ted Huffmire, Cynthia Irvine, and Timothy Levin. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems (TCAD), Special Section on Three-dimensional Integrated Circuits and Microarchitectures, Vol. 32, No. 4, Pages 611-615. • A Qualitative Security Analysis of a New Class of 3-D Integrated Crypto Co-processorsJonathan Valamehr, Ted Huffmire, Cynthia Irvine, Ryan Kastner, Cetin Kaya Koc, Timothy Levin, and Timothy Sherwood. Festschrift Jean-Jacques Quisquater, to appear, D. Naccache, editor, LNCS Nr. 6805, Springer, 2011. • Hardware Assistance for Trustworthy Systems through 3-D IntegrationJonathan Valamehr, Mohit Tiwari, and Timothy Sherwood, Ryan Kastner, Ted Huffmire, Cynthia Irvine and Timothy Levin. Proceedings of the Annual Computer Security Applications Conference (ACSAC), December 2010. Austin, Texas. • Hardware Trust Implications of 3-D IntegrationTed Huffmire, Timothy Levin, Michael Bilzor, Cynthia Irvine, Jonathan Valamehr, MohitTiwari, Timothy Sherwood, and Ryan Kastner. Workshop on Embedded Systems Security (WESS), October 2010. Scottsdale, Arizona. • Trustworthy System Security through 3-D Integrated HardwareTed Huffmire, Jonathan Valamehr, Timothy Sherwood, Ryan Kastner, Timothy Levin, Thuy D. Nguyen, and Cynthia Irvine. Proceedings of the 2008 IEEE International Workshop on Hardware-Oriented Security and Trust (HOST-2008) June 2008. Anaheim, CA. • High-Assurance System Support through 3-D IntegrationTheodore Huffmire, Tim Levin, Cynthia Irvine, Thuy Nguyen, Jonathan Valamehr, Ryan Kastner, and Tim Sherwood. NPS Technical Report NPS-CS-07-016, November 2007.

  48. Publications Conclusion • Inspection Resistant Memory ArchitecturesJonathan Valamehr, Andrew Putnam, Daniel Shumow, Melissa Chase, Seny Kamara, VinodVaikuntanathan, and Timothy Sherwood. IEEE Micro: Micro's Top Picks from Computer Architecture Conferences (IEEE Micro - top pick), May-June 2013. • Inspection Resistant Memory: Architectural Support for Security from Physical ExaminationJonathan Valamehr, Andrew Putnam, Daniel Shumow, Melissa Chase, Seny Kamara, VinodVaikuntanathan, and Timothy Sherwood. Proceedings of the International Symposium of Computer Architecture. (ISCA), June 2012. Portland, Oregon. • Crafting a Usable Microkernel, Processor, and I/O System with Strict and Provable Information Flow SecurityMohit Tiwari, Jason Oberg, Xun Li, Jonathan Valamehr, Timothy Levin, Ben Hardekopf, Ryan Kastner, Frederic T Chong, and Timothy Sherwood. in Proceedings of the International Symposium of Computer Architecture (ISCA), June 2011. San Jose, CA. • A Small Cache of Large Ranges: Hardware Methods for Efficiently Searching, Storing, and Updating Big Dataflow TagsMohit Tiwari, Banit Agrawal, Shashidhar Mysore, Jonathan Valamehr, and Timothy Sherwood. Proceedings of the International Symposium on Microarchitecture (Micro), November 2008. Lake Como, Italy. • Designing Secure Systems on Reconfigurable HardwareTed Huffmire, Brett Brotherton, Nick Callegari, Jonathan Valamehr, Jeff White, Ryan Kastner, and Tim Sherwood. ACM Transactions on Design Automation of Electronic Systems (TODAES) Vol 13 No 3, July 2008. • Opportunities and Challenges of using Plasmonic Components in Nanophotonic Architectures Hassan Wassel, Daoxin Dai, Luke Theogarajan, Jennifer Dionne, Mohit Tiwari, Jonathan Valamehr, Frederic Chong, and Timothy Sherwood. IEEE Journal on Emerging and Selected Topics in Circuits and Systems (JETCAS) To appear • Towards Chip-Scale Plasmonic InterconnectsHassan M. G. Wassel, Mohit Tiwari, Jonathan Valamehr, Luke Theogarajan, Jennifer Dionne, Frederic T. Chong, and Timothy Sherwood. Workshop on the Interaction between Nanophotonic Devices and Systems (WINDS) December 2010. Atlanta, Georgia.

  49. Acknowledgements Conclusion • Labmates • Committee members • Collaborators at NPS, UCSD, MSR, GA Tech • Janet Kayfetz

  50. What’s next? Conclusion • Start up in Palo Alto, CA

More Related