Topics in Secure Embedded System Design
Pervasive networks have led to widespread use of embedded systems, like cell phones, PDAs, RFIDs etc., in increasingly diverse applications. Many of these embedded system appli- cations handle sensitive data (e.g., credit card information on a mobile phone/PDA) or perform critical functions (e.g., medical devices or automotive electronics), and the use of security protocols is imperative to maintain condentiality, integrity and authentication of these applications. Typically embedded systems have low computing power and nite energy supply based on a battery, and these factors are at odds with the computationally intensive nature of the cryptographic algorithms underlying many security protocols. In addition, secure embedded systems are vulnerable to attacks, like physical tampering, malware and side-channel attacks. Thus, design of secure embedded systems is guided by the following factors: small form factor, good performance, low energy consumption (and, thus,longer battery life), and robustness to attacks. This thesis presents our work on tackling three issues in the design of secure embedded systems: energy consumption, performance and robustness to side-channel attacks. First, we present our work on optimizing the energy consumption of the widely employed secure sockets layer (SSL) protocol running on an embedded system. We discuss results of energy analysis of various cryptographic algorithms, and the manner in which this information can be used to adapt the operation of SSL protocol to save energy. Next, we present results of our experiments on optimizing the performance of Internet protocol security (IPSec) protocol on an embedded processor. Depending on the mode of operation, the IPSec computation is dominated by cryptographic or non-cryptographic processing. We demonstrate how both these components of the IPSec protocol can be optimized by leveraging the extensible and congurable features of an embedded processor. Next, we introduce a satisfability-based framework for enabling side-channel attacks on cryptographic software running on an embedded processor. This framework enables us to identify variables in the software implementations which result in the disclosure of the secret key used. Thus, security of software implementations can be improved by better protection of these identified variables. Finally, we conclude by introducing a novel memory integrity checking protocol that has much lower communication complexity than existing Merkle tree-based protocols while incurring a modest price in computation on the processor. This scheme is based on Toeplitz matrices, and can be very efficiently realized on embedded systems with hardware extensions for bit matrix operations.
Time in Wireless Embedded System
Wireless embedded networks have matured beyond academic research as industry now considers the advantages of using wireless sensors. With this growth, reliability and real-time demands increase, thus timing becomes more and more relevant. In this dissertation, we focus on the development of highly stable, low-power clock systems for wireless embedded systems. Wireless embedded networks, due to their wire-free nature, present one of the most extreme power budget design challenges in the field of electronics. Improvements in timing can reduce the energy required to operate an embedded network. However, the more accurate a time source is, the more power it consumes. To comprehensively address the time and power problems in wireless embedded systems, this dissertation studies the exploitation of dual-crystal clock architectures to combat effects of temperature induced frequency error and high power consumption of high-frequency clocks. Combining these architectures with the inherent communication capabilities of wireless embedded systems, this dissertation proposes two new technologies; (1) a new time synchronization service that automatically calibrates a local clock to changes in temperature; (2) a high-low frequency timer that allows a duty-cycled embedded system to achieve ultra low-power sleep, while keeping fine granularity time resolution offered only by high power, high frequency clocks.
Time in Wireless Embedded System
Wireless embedded networks have matured beyond academic research as industry now considers the advantages of using wireless sensors. With this growth, reliability and real-time demands increase, thus timing becomes more and more relevant. In this dissertation, we focus on the development of highly stable, low-power clock systems for wireless embedded systems. Wireless embedded networks, due to their wire-free nature, present one of the most extreme power budget design challenges in the field of electronics. Improvements in timing can reduce the energy required to operate an embedded network. However, the more accurate a time source is, the more power it consumes. To comprehensively address the time and power problems in wireless embedded systems, this dissertation studies the exploitation of dual-crystal clock architectures to combat effects of temperature induced frequency error and high power consumption of high-frequency clocks. Combining these architectures with the inherent communication capabilities of wireless embedded systems, this dissertation proposes two new technologies; (1) a new time synchronization service that automatically calibrates a local clock to changes in temperature; (2) a high-low frequency timer that allows a duty-cycled embedded system to achieve ultra low-power sleep, while keeping fine granularity time resolution offered only by high power, high frequency clocks.
Topics in Secure Embedded System Design
Pervasive networks have led to widespread use of embedded systems, like cell phones, PDAs, RFIDs etc., in increasingly diverse applications. Many of these embedded system appli- cations handle sensitive data (e.g., credit card information on a mobile phone/PDA) or perform critical functions (e.g., medical devices or automotive electronics), and the use of security protocols is imperative to maintain condentiality, integrity and authentication of these applications. Typically embedded systems have low computing power and nite energy supply based on a battery, and these factors are at odds with the computationally intensive nature of the cryptographic algorithms underlying many security protocols. In addition, secure embedded systems are vulnerable to attacks, like physical tampering, malware and side-channel attacks. Thus, design of secure embedded systems is guided by the following factors: small form factor, good performance, low energy consumption (and, thus,longer battery life), and robustness to attacks. This thesis presents our work on tackling three issues in the design of secure embedded systems: energy consumption, performance and robustness to side-channel attacks. First, we present our work on optimizing the energy consumption of the widely employed secure sockets layer (SSL) protocol running on an embedded system. We discuss results of energy analysis of various cryptographic algorithms, and the manner in which this information can be used to adapt the operation of SSL protocol to save energy. Next, we present results of our experiments on optimizing the performance of Internet protocol security (IPSec) protocol on an embedded processor. Depending on the mode of operation, the IPSec computation is dominated by cryptographic or non-cryptographic processing. We demonstrate how both these components of the IPSec protocol can be optimized by leveraging the extensible and congurable features of an embedded processor. Next, we introduce a satisfability-based framework for enabling side-channel attacks on cryptographic software running on an embedded processor. This framework enables us to identify variables in the software implementations which result in the disclosure of the secret key used. Thus, security of software implementations can be improved by better protection of these identified variables. Finally, we conclude by introducing a novel memory integrity checking protocol that has much lower communication complexity than existing Merkle tree-based protocols while incurring a modest price in computation on the processor. This scheme is based on Toeplitz matrices, and can be very efficiently realized on embedded systems with hardware extensions for bit matrix operations.