Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
187 views13 pages

Security Adds An Extra Design Dimension: Ingrid Verbauwhede KU Leuven - COSIC Ucla - Ee

This document discusses security considerations for embedded systems and the Internet of Things. It makes three key points: 1. Past approaches to security focused on protecting communication channels and treating cryptographic operations as "black boxes", but attacks now target system endpoints and implementations require secure designs. 2. Designing for both efficiency and security is challenging as Moore's law both helps implement stronger cryptography but also empowers attackers. The diversity of IoT devices adds complexity. 3. Future challenges include post-quantum cryptography, hardware-entangled security, and generating true random numbers as the concept of "inside" vs. "outside" breaks down for immersed systems.

Uploaded by

nanoteraCH
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
187 views13 pages

Security Adds An Extra Design Dimension: Ingrid Verbauwhede KU Leuven - COSIC Ucla - Ee

This document discusses security considerations for embedded systems and the Internet of Things. It makes three key points: 1. Past approaches to security focused on protecting communication channels and treating cryptographic operations as "black boxes", but attacks now target system endpoints and implementations require secure designs. 2. Designing for both efficiency and security is challenging as Moore's law both helps implement stronger cryptography but also empowers attackers. The diversity of IoT devices adds complexity. 3. Future challenges include post-quantum cryptography, hardware-entangled security, and generating true random numbers as the concept of "inside" vs. "outside" breaks down for immersed systems.

Uploaded by

nanoteraCH
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 13

Security adds an extra

design dimension
Ingrid Verbauwhede
KU Leuven COSIC
UCLA EE
Acknowledgement:
current and former
PhD students

Past: security for Embedded system

Old attack model (simplified view):


-Attack on channel between communicating parties
-Encryption and cryptographic operations in black boxes
-Protection by strong mathematic algorithms and protocols

Past: design for efficiency


Efficiency, flexibility, power, energy efficiency
Similar to other fields
DES processor

[EuroAsic 1991]

Rijndael/AES

[JSSC 2003]

Current: security for embedded system

Modified Attack Model (also simplified view):


-Attack channel and endpoints
-Encryption and cryptographic operations in gray boxes
-Protection by strong mathematic algorithms and protocols
-Protection by secure implementation

Need secure implementations not only algorithms

Design for efficiency AND security


SEMA attack: Simple Electromagnetic Attack on Elliptic Curve
Public Key implementation.

[E. Demulder EUROCON 2005]

Crypto engines with DPA countermeasures


Efficient, low power, side-channel resistance
Elliptic Curve within budget of passive RFID tag

Secure
Secure

[CHES2005]

Insecure

[DAC201?]

Future: security for immersed system:


which model?

New Model (also simplified view):


-Attack on the System
-Firewalls? IOT: there is NO inside versus outside
-Encryption, trust, security immersed
-Devices cooperate to build up trust
-All old requirements still stand

Challenge 1: Moores law helps (and hurts)


Moores law helps to implement more complex algorithms
with larger key (and word) lengths.

Moores law also hurts: gives more power to the attacker.


Demands on key lengths:

Challenge 2: IOT - Crypto diversity


[Terabits,
Long lasting
Security]

[Lightweight
HW entangled]

[Mbits
Security]
9

[Source photograph: J. Rabaey: A Brand New Wireless Day]

Challenge 3: Post-quantum crypto

Mathematical foundation of
existing public key algorithms
disappears
Quest for novel post-quantum
secure public key algorithms.
Lattice based: dimension
from N=256 to 2^15

Challenge 4: HW entangled security


Hardware Enabled CrypTO and Randomness

PUF

Secure Sketch:
Helper Data
Algorithm
(HDA)

1000s of
PUF bits

Universal /
Cryptographic
HASH
128bit key

11

Lightweight
Crypto
Algorithm

Research on True Random Numbers

12

Conclusions
Combine design for low power, low energy with design for
security
Design for security: as strong as weakest link!
IoT: what is inside, what is outside?
For the last 20 years: design for low power
[Chandrakasan 1992: Low Power CMOS design]
For the next 20 years: design for security

You might also like