Power-friendly Countermeasures · Boston University Slideshow Title Goes Here Hardware Security Research & Development ! Hardware-assisted security (NSF CAREER 2009-2014) " Processor

Boston University Slideshow Title Goes Here

Yunsi Fei, Professor Department of Electrical and Computer Engineering

Northeastern University Energy-efficient and

Secure System Lab (NUEESS)

Power-friendly Countermeasures Preventing Software Side-channel Attacks

NSF I/UCRC on Energy-smart Electronic Systems Planning


Security vs. Energy Efficiency

2

Security Energy Efficiency


Energy-efficiency Research Spanning processor computer architecture, embedded systems, sensor networks, and cyber-physical systems q Energy-efficient application-specific processor (ASIP) design (NSF 2006 – 2010)

Ø In-core accelerator – architecture and application co-generation

q Energy-efficient networking protocols for underwater sensor networks (ONR 2010 – 2015)

Ø Routing and MAC, machine-learning optimization and prediction q Management and optimization in cyber-physical systems: microgrids and PHEVs

Ø Co-management of energy demand, alternative energy generation, and storage

3


Hardware Security Research & Development q Hardware-assisted security (NSF CAREER 2009-2014)

Ø Processor augmentation for software security – code and data integrity, and memory controller to mitigate denial-of-service (DoS) attack – availability

q Hardware-exacerbated security: side-channel leakage (NSF SaTC, SRC, ADI, 2009 - current) Ø Attack: analysis of power, timing, and fault Ø Countermeasures: automated software countermeasures Ø Metrics, modeling, and security evaluation Ø Testbed - TeSCASE

4


Interaction: Security and Energy Efficiency q Notion 1: many existing techniques for performance

(energy efficiency) present challenges for security Ø E.g., unbalanced branches, GPU on-chip coalescing unit, multiple

banks for GPU shared memory

q Notion 2: security countermeasures have to be low-power and lightweight, especially for embedded systems, mobile systems, and IoT devices

5


Resistance Against Side-channel Attacks on GPUs

q Multi-level Protection Ø Software obfuscation

Ø Power balancing threads in a warp

Ø Compiler-assisted modification Ø Register allocation for hiding power signals Ø Register preloading with random values Ø Temporary power hiding with random dummy instructions

Ø Hardware (microarchitecture) techniques to add side-channel noise Ø Temporal coalescing – randomizing the window size Ø Randomize warp dispatching

6


Proposed Project q Lightweight hardware primitives for security at the edge of IoT Ø Power analysis attack resistant security engines for IoT

v Focus on power supply – voltage regulator v Low-power v Area efficient v Scalable

7


Preliminary Results

8


TeSCASE – Testbed for Side-Channel Analysis and Security Evaluation

9

TeSCASE Software

DUT Interface Control

Acquisition Library

Tools/Sim Interface Analysis Library

Control Board Interface to DUT

TeSCASE Hardware

Acquisition

System Specification:

Software cipher, HDL, Netlist, Layout

Device under Test

(DUT) User-supplied Equipment & System

q NSF Major Research Instrumentation (2013 - 2018)

http://tescase.coe.neu.edu


Hardware Platform q Various target systems: FPGAs (SASEBO-GII board),

smart card (SASEBO-W board), DSP, GPUs q Lab equipment

Ø Riscure test set Ø High-speed oscilloscope

v LeCroy WaveRunner 640 Zi (4GHz, 40GS/s) v Agilent MSO 4104A (1GHz)

Ø Electro-magnetic probes

10


NSF I/UCRC – Center for Hardware and Embedded Systems Security and Trust (CHEST)

Ø Partnership between NU, U. of Connecticut, University of Virginia, Wright State U., UT Dallas, and George Mason U.

Ø Fei is PI of the Northeastern I/UCRC site. Faculty members across ECE and CCIS – Kaeli, Kim, Noubir, Oprea, and Nita-Rotaru.

11


Acknowledgments q Collaborators

Ø NU: Adam Ding, Dave Kaeli, Thomas Wahl, Aatmesh Shrivastava, Miriam Leeser

Ø WPI: Thomas Eisenbarth

12

Miriam LeeserECE

David KaeliECE

Adam DingMathematics

Thomas WahlCCIS

Thomas EisenbarthWPI ECE

Aatmesh Shrivastava

ECE


Acknowledgments q Students

Ø PhD students: Konstantinos Athanasiou, Rasit Mete Esrefoglu, Ritesh Gupta, Zhen Hang Jiang, Chao Luo, Saoni Mukherjee, Majid Sabbagh, Ziyue Zhang

Ø Alumni: Qiasi Luo, Juan Carlos Martinez Santos, Pei Luo, Liwei Zhang, Bingnan Jiang, Yu Han, Xuan Guan, Hai Lin, Xin Fang

Ø Undergraduate students: Louie Liu, Neel Shah, Tushar Swamy, Harrison Dimmig

13


Acknowledgments q Security Funding

1.  NSF/SRC STARSS: Side-channel analysis and resilience targeting accelerators (2016 – 2019)

2.  NSF SaTC TWC: Medium: Automating countermeasures and security evaluation against software side-channel attacks (2016 – 2019)

3.  NSF SaTC TWC: Medium: A unified statistics-based framework for side-channel attack analysis and security evaluation of cryptosystems (2013 – 2017)

4.  NSF MRI: Development of a testbed for side-channel analysis and security evaluation –TeSCASE (2013 – 2018)

5.  NSF CAREER: Architectural enhancement and design methodology for secure processing (2009 – 2014)

6.  Analog Devices: Embedded hardware-based security and side channel analysis (2014 – current)

14


Acknowledgments q Energy-efficiency Funding

1.  NSF CCF: A multi-level/multi-faceted framework for energy-efficient application specific instruction set professor synthesis (2006 – 2010)

2.  ONR: ARTS: Adaptive, RobusT, and Sustainable networking for undersea distributed sensor systems (2010 – 2015)

15

Documents

Power-friendly Countermeasures · Boston University Slideshow Title Goes Here Hardware Security Research & Development ! Hardware-assisted security (NSF CAREER 2009-2014) " Processor