Novel Methods of Augmenting High Performance Processors with Security Hardware Jonathan Valamehr PhD...
-
Upload
lukas-beverly -
Category
Documents
-
view
217 -
download
0
Transcript of Novel Methods of Augmenting High Performance Processors with Security Hardware Jonathan Valamehr PhD...
1
Novel Methods of Augmenting High Performance Processors with Security Hardware
Jonathan ValamehrPhD Defense, UC Santa Barbara
May 7, 2013
Committee:Prof. Timothy Sherwood (chair)
Prof. Fred ChongProf. Peter Michael Meliar-Smith
Prof. Theodore Huffmire
2
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Modern MicroprocessorsIntro/Motivation
3
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Modern MicroprocessorsIntro/Motivation
Commercial CPU tradeoffs:PerformancePowerAreaCost
Security
4
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Modern MicroprocessorsIntro/Motivation
SecurityConfidentiality IntegrityAvailability
5
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Modern Microprocessors
Flurry of hardware attacksSide channel attacks (Kocher 1996, Percival 2005, Bernstein 2005)
Power draw (Kocher et al. 1999, Jasper 2011)
EM analysis (Gandolfi et al. 2001 , Agrawal et al. 2002)
Physical tamperMemory remanence (Soden et al. 1995, Halderman et al. 2008)
Intro/Motivation
6
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Modern MicroprocessorsIntro/Motivation
High Assurance CPUsHigh development costsSmall market shareTime-consuming to
design Commercial hardware
still outperforms by 100x (and growing…)
7
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Modern MicroprocessorsIntro/Motivation
Commercial Processors
(high speed)
High Assurance Processors
(secure)
The solution
8
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
New Technology – 3D Integration
3D Integration2 or more dies stacked as one systemFoundry level option
Base Processor
CPUCPU
CPUCPU
L2 Cache(1x
SRAM)
L1
L1
Second die
3D Crypto
9
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Thesis Statement
The functionality of a processor can be extended after making minimal changes to its design. We introduce several novel methods of adding security to processors through the use of 3D Integration, resulting in secure processors that retain high performance.
Intro/Motivation
10
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Outline
Intro/Motivation -the what 3D Crypto -the why 3D Sec -the how 3D Extensible ISAs -the what else Conclusion
3D Crypto
11
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
3D Crypto - Motivation
Current Crypto Co-processorsOff-die co-processor, or utilizing core in CMPsProne to tamper, vulnerable to side-channels Lower performance
Ideal Crypto Co-processorsHigh integrity of data being processedTamper-proof and immune to attacksHigh performance
3D Crypto
12
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
3D Crypto Co-processor
Main Processor
CPUCPU
CPUCPU
L2 Cache(1x
SRAM)
L1
L1
Crypto Co-processor
Dedicated
Crypto M
emory
Crypto Control
AESRSA
RNGD-HDESM
D5RC4
3D Crypto
13
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Security Ramifications
Threat Models (Valamehr et al. 2011)
Physical tamperMemory remanenceAccess-driven cache side-channel attacksTime-driven cache side-channel attacksFault analysisElectromagnetic analysisPower analysisThermal analysis
3D Crypto
14
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Perf/Power/Area/Cost
Potential cost savings with 3DUse of older technologies
Relationship between:PerformancePowerCostArea
3D Crypto
15
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Perf/Power/Area/Cost3D Crypto
16
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Outline
Intro/Motivation -the what 3D Crypto -the why 3D Sec -the how 3D Extensible ISAs -the what else Conclusion
3D Security
17
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Current Trends
Ideal: Fast and affordable high assurance systemsResilient against attacks Low costHigh performance
3D Security
18
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Solution
3D IntegrationOptional security layer
Base Processor
CPUCPU
CPUCPU
L2 Cache(1x
SRAM)
L1
L1
Second die
3D Security
19
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
3D-Sec: Idea
Past Work: 3D Passive Monitors (Mysore et al. 2006)
Analyze data from base processor
Our Contribution – 3D Active Monitors (Valamehr et al. 2010)
Information flow controlArbitration of communicationPartitioning of resources
3D Security
20
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
3D-Sec: Idea
Benefits with 3D Integration
Security Architecture Performance Access to internal signals
Security separate
Off-chip coprocessor Low No Yes
On-chip High Yes No
3D layer High Yes Yes
3D Security
21
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
3D-Sec: Idea
ChallengeNormal operation if 3D layer absentSecurity functions if 3D layer present
3D Security
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
22
3D Security Layer – Circuit Level Primitives
Circuit-level primitives for an active monitor
(a) Tapping (b) Re-routing (c) Overriding (d) Disabling= 3D layer connections = Signal flow
3D Security
23
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
3D Security Layer – Tapping
Tapping sends requested signal to the 3-D control plane
Tapping
3D Security
24
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
3D Security Layer – Disabling
Disabling effectively blocks the transmission of signals
Disabling
X
3D Security
25
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
3D Security Layer – Disabling
Theoretical 3-D Application: Mutual Trust Shared Bus Protocols
Shared L2 $
Core 1
L1 $
Core 0
L1 $
Shared Bus
= Post to the 3-D control plane
= Signal flow
... …
3D Security
26
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
3D Security Layer – Re-routing
Re-routing sends requested signals to 3-D plane, and blocks their original transmission
Re-routing
X
3D Security
27
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
3D Security Layer – Re-routing
Theoretical 3-D Application: Crypto Co-processor
Standard Execution Pipeline
AES3-D
Control Plane
1. Crypto Instruction 2. Result
Reg File
L1 $
Crypto Control Unit
1.
2.
Computation Plane
RSA DES… …
… …
INST
3D Security
28
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
3D Security Layer – Overriding
Overriding blocks transmission of signal, while simultaneously injecting a new value
Overriding
3D Security
29
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Gate-level primitives
3D Security Layer – Gate Level Primitives
in outin
out
inout
in out
Tapping Rerouting
DisablingOverriding
3D Security
30
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
3D Security Layer – General Primitive
General primitive
3D Security
31
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
3D Security
Area overhead of general primitive(s)
Design Area of design (90nm Library Area Units)
1 General Primitive 84.1
128 General Primitives 10764.8
5-Stage MIPS Pipelined Processor 240,000
4.5% increase
3D Security
32
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Background – Side-Channel Attacks
Access-driven cache attack (Percival 2005)
Victim Process
Shared Cache
Attacker Process
3D Security
33
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
3D Security Layer – Example Application
3-D Cache Eviction MonitorKeep trusted process cache lines lockedMaintain secrecy of the private key
3D Security
34
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
3D Security Layer – Example Application
3D Cache Eviction Monitor
3D Security
35
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
3D Security Layer – Example Application
Cache Performance
3D Security
36
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Outline
Intro/Motivation -the what 3D Crypto -the why 3D Sec -the how 3D Extensible ISAs -the what else Conclusion
3D Extensible ISAs
37
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
3D Extensible ISAs - Idea
3D layer that implements new instructionsConnects to control unit on existing processorMay have new functional unitsExtends the ISA of processorAllows reuse of fast processor
ExamplesMultimediaCryptoOther ISAs
3D Extensible ISAs
38
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
3D Extensible ISAs - Approach
Use circuit-level primitives Find hook points
What data does the 3D layer need?Which signals does the 3D need to change?
Design Control unit with free opcodesSet aside a set of opcodes as available – NoOPs on
base layer Stall signal (for “asynchronous” execution)
3D Extensible ISAs
39
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Circuit-Level Primitives
Tapping
Rerouting
Overriding
3D Extensible ISAs
40
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Hook Points
Read opcode and register addresses (Tap)
If opcode isn’t covered: NoOP
Route register values if shared with 3-D layer (Reroute)
Replace data (Override)
3D Extensible ISAs
3-D instruction module
41
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Control Unit Design
Design Control unit with free opcodesSet aside a set of opcodes as availableNoOPs on base layerEnsure they are explicitly defined
Increase writeback mux size
3D Extensible ISAs
42
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Proof-Of-Concept 3D Extensible ISAs
43
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Results
5-stage pipelined CPUTested benchmarks for verification and execution time
5-stage + AES coreTested benchmarks for verification and execution time
– matched 5-stage by itself Insert Crypto instructions in benchmarkAES core executes and writes back correctly
3D Extensible ISAs
44
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
3D Extensible ISAs
Area overhead of general primitive(s)Design Area of design
(90nm Library Area Units)
1 General Primitive 84.1
105 General Primitives 8831
AES core 34,870
5-Stage MIPS Pipelined Processor 240,000
3.7% increase
3D Extensible ISAs
45
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Outline
Intro/Motivation -the what 3D Crypto -the why 3D Sec -the how 3D Extensible ISAs -the what else Conclusion
Conclusion
46
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Future Directions
Practical extensionsSets of general hook points3DSec applications3D ISA - heterogeneous architectures
Physical realizations3DSec chipTest functions
Conclusion
47
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Publications
• A 3D Split Manufacturing Approach to Trustworthy System DevelopmentJonathan Valamehr, Timothy Sherwood, Ryan Kastner, David Marangoni-Simonsen, Ted Huffmire, Cynthia Irvine, and Timothy Levin. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems (TCAD), Special Section on Three-dimensional Integrated Circuits and Microarchitectures, Vol. 32, No. 4, Pages 611-615.
• A Qualitative Security Analysis of a New Class of 3-D Integrated Crypto Co-processorsJonathan Valamehr, Ted Huffmire, Cynthia Irvine, Ryan Kastner, Cetin Kaya Koc, Timothy Levin, and Timothy Sherwood. Festschrift Jean-Jacques Quisquater, to appear, D. Naccache, editor, LNCS Nr. 6805, Springer, 2011.
• Hardware Assistance for Trustworthy Systems through 3-D IntegrationJonathan Valamehr, Mohit Tiwari, and Timothy Sherwood, Ryan Kastner, Ted Huffmire, Cynthia Irvine and Timothy Levin. Proceedings of the Annual Computer Security Applications Conference (ACSAC), December 2010. Austin, Texas.
• Hardware Trust Implications of 3-D IntegrationTed Huffmire, Timothy Levin, Michael Bilzor, Cynthia Irvine, Jonathan Valamehr, Mohit Tiwari, Timothy Sherwood, and Ryan Kastner. Workshop on Embedded Systems Security (WESS), October 2010. Scottsdale, Arizona.
• Trustworthy System Security through 3-D Integrated HardwareTed Huffmire, Jonathan Valamehr, Timothy Sherwood, Ryan Kastner, Timothy Levin, Thuy D. Nguyen, and Cynthia Irvine. Proceedings of the 2008 IEEE International Workshop on Hardware-Oriented Security and Trust (HOST-2008) June 2008. Anaheim, CA.
• High-Assurance System Support through 3-D IntegrationTheodore Huffmire, Tim Levin, Cynthia Irvine, Thuy Nguyen, Jonathan Valamehr, Ryan Kastner, and Tim Sherwood. NPS Technical Report NPS-CS-07-016, November 2007.
Conclusion
48
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Publications
• Inspection Resistant Memory ArchitecturesJonathan Valamehr, Andrew Putnam, Daniel Shumow, Melissa Chase, Seny Kamara, Vinod Vaikuntanathan, and Timothy Sherwood. IEEE Micro: Micro's Top Picks from Computer Architecture Conferences (IEEE Micro - top pick) , May-June 2013.
• Inspection Resistant Memory: Architectural Support for Security from Physical ExaminationJonathan Valamehr, Andrew Putnam, Daniel Shumow, Melissa Chase, Seny Kamara, Vinod Vaikuntanathan, and Timothy Sherwood. Proceedings of the International Symposium of Computer Architecture. (ISCA), June 2012. Portland, Oregon.
• Crafting a Usable Microkernel, Processor, and I/O System with Strict and Provable Information Flow SecurityMohit Tiwari, Jason Oberg, Xun Li, Jonathan Valamehr, Timothy Levin, Ben Hardekopf, Ryan Kastner, Frederic T Chong, and Timothy Sherwood. in Proceedings of the International Symposium of Computer Architecture (ISCA), June 2011. San Jose, CA.
• A Small Cache of Large Ranges: Hardware Methods for Efficiently Searching, Storing, and Updating Big Dataflow TagsMohit Tiwari, Banit Agrawal, Shashidhar Mysore, Jonathan Valamehr, and Timothy Sherwood. Proceedings of the International Symposium on Microarchitecture (Micro), November 2008. Lake Como, Italy.
• Designing Secure Systems on Reconfigurable HardwareTed Huffmire, Brett Brotherton, Nick Callegari, Jonathan Valamehr, Jeff White, Ryan Kastner, and Tim Sherwood. ACM Transactions on Design Automation of Electronic Systems (TODAES) Vol 13 No 3, July 2008.
• Opportunities and Challenges of using Plasmonic Components in Nanophotonic Architectures Hassan Wassel, Daoxin Dai, Luke Theogarajan, Jennifer Dionne, Mohit Tiwari, Jonathan Valamehr, Frederic Chong, and Timothy Sherwood. IEEE Journal on Emerging and Selected Topics in Circuits and Systems (JETCAS) To appear
• Towards Chip-Scale Plasmonic InterconnectsHassan M. G. Wassel, Mohit Tiwari, Jonathan Valamehr, Luke Theogarajan, Jennifer Dionne, Frederic T. Chong, and Timothy Sherwood. Workshop on the Interaction between Nanophotonic Devices and Systems (WINDS) December 2010. Atlanta, Georgia.
Conclusion
49
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Acknowledgements
Labmates Committee members Collaborators at NPS, UCSD, MSR, GA Tech Janet Kayfetz
Conclusion
50
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Start up in Palo Alto, CA
What’s next?Conclusion
51
3-D Security
Thank you!
52
Intro/Motivation 3D Crypto 3D Security 3D Extensible ISAs Conclusion
Thesis Statement
The functionality of a processor can be extended after making minimal changes to its design. We introduce several novel methods of adding security to processors through the use of 3D Integration, resulting in secure processors that retain high performance.
Intro/Motivation