Professional Documents
Culture Documents
PRESENTED
BY
VENKATESH YARLAGADDA
CWID:893345710
Cost considerations:
The cost of the system depends on the availability, performance and simplicity of management is
increased. In order to reduce the cost of the system device we need to develop a single
encryption device in dual fabric configurations.
Other Considerations:
Virtual Host considerations:
Virtual host have become ubiquitous in enterprise data level considerations. Virtual host are
assigned a unique virtual WWN that is different from the physical server. VM ware offer two
methods of presenting storage to the VM:
VMFS: Virtual Machine File System via data storage
RDM: Raw device using Raw device mapping.
Families of Crypto Processor:
Double Encryption:
The process of encrypting the already encrypted data once or twice using same or different
algorithms is known as double encryption. This is also known as multiple or cascade encryption.
It is used to protect the data and system. These have dedicated crypto blocks to encrypt the data.
Through this the throughput increases the amount of data that passes through the system
increases.
FPGA Implementation:
Towards achieving high security is provided by the cryptographic algorithm. It is flexible and
allows efficient algorithm operation and provides ASIC implementation. This very fast and low
power consumption.
Double Encryption:
This type of crypto processor protects the program running the data. Here the data and process
are encrypted. All the information is decrypted within the security of the processor and then
encrypted before the memory storage or input/output transmission. A barrier of encrypts and
decrypts are in between the processing elements, data elements and input-output elements.
ADVANTAGES:
It is very easy to design the gate level design and it is fast time to market ie no manufacturing
delay.It can also be used more like software which can fix design errors over time.
DISADVANTAGES:
This is very expensive the unit cost is more higher and it is also inefficient slower and more
power hungry.
PERFORMANCE OF FPGA:
The performance of fpga is mainly based on the following things:
Emphasized in literature
Less common in practice
Strengths
500x speedup
50% power reduction
Significant improvements over standard processors
Modular arithmetic, bit level manipulation
Uncommon length bit-vectors
Point multiplication performance comparison
66MHz FPGA: 0.36ms
2.6GHz dual-Xeon: 197ms
CRYPTOPROCESSOR ASIC:
ASIC is a function which is used in cryptoprocessor to faster the devices and to decrease the
power the main advantages can be seen in below table.
Optimized ASIC compared to FPGA performance
4x faster
97% area reduction
93% dynamic power reduction
May be unrealistic to see these gains
High volume applications
Speed necessary applications
e.g. network routers
Low power applications
e.g. RFID devices
SOFTWARE
FPGA
ASIC
PERFORMANC
E
LOW
MEDIUM
HIGH
POWER
CONSUMPTION
DEPENDS
VERY HIGH
LOW
LOGIC
INTEGRATION
LOW
LOW
HIGH
TEST
DEVELOPMENT
VERY LOW
VERY LOW
HIGH
DENSITY
HIGH
VERY LOW
HIGH
SIZE
SMALL
MEDIUM
LARGE
TIME TO
MARKET
SHORT
SHORT
HIGH
Invasive
Non-invasive
Semi-invasive
Remote attacks
Now let us discuss about these attacks:
Invasive Attacks:
Involve direct electrical access to internal components of crypto processor
Example: drilling into passivation layer and micro probing
IBM 4758 interior has been exposed in figure below.
Non-Invasive Attacks:
Observing or manipulating devices operation without breaking through packaging
Examples:
Power analysis of processor and correlating to computations to deduce crypto
keys
Glitching
Below graph shows the instruction fetch and processing,
SEMI-INVASIVE ATTACKS:
Involve access to the chips surface but doesnt require electrical contact or penetration of
passivation layer
Examples:
UV light allows attacker to read memory contents
Fault injection attacks
Low cost probing workstation using photoflash
Light causes transistor to conduct. Then able to set or reset any bit in SRAM
Below is the physical type photo flash device which is used to attacks devices.
REMOTE ATTACKS:
Not necessary to be near chip, just need to intercept encrypted traffic
Two well known attacks but arent specific to crypto processors
Cryptanalysis and protocol analysis
API analysis: specific to crypto processors
Top level s/w that governs its interactions with outside world
ATTACK ON IBM-4758 :
IBM 4758 is a cryptographic coprocessor which is used to hold the keys in banking security
systems .It is a high securied processor with out the perfect key we can open but this has been
hacked by using a simple fpga technique.
Rated at highest level of tamper-resistance
Certified at FIPS level 4, highest available level
Requires two security officials to update keys
Remote attack
Weakness in security protocols
A single official was able to learn all the keys
Took advantage of key handling routines to generate a key exporter
Only needed
20 minutes with device
Standard $995 FPGA
About 1 day of cracking time
4758 CCA
KEY IMPORT ATTACK
One of the simple attack has been performed on 4758 an unauthorized type cast using ibms preexclusive method.A typical case would be imporing a PIN derivation key as a data key,so
standard data ciphering commands could be used to calculate PIN numbers or to import a KEK
as a DATA key,to allow eaves dropping on future transmissions .The key import command
requires a KEK with permission to import the encrypted key to import .Attacker must have
necessary authorization in his acces control list to import to the destination type,but the original
key can have any type.with this attack all the in formation shared by another crypto processor is
open ro abuse,more suntle type changes are worthy of mention ,such as re-typing the right half of
a des key as a left half.
These are the key import attack keys,
Key Hierarchies:
Storage of large number of keys becomes necessary when used between multiple users for
enforcing protection. This is the common storage method and it provides effective key sharing.
Access can be granted to the key set by providing grant to the next level. By keeping the top
level keys in the tamper proofed environment we can increase the storage level capacity of the
crypto processor. The top layer contains master keys, the middle layer contains the transport
keys, the bottom level working keys and session keys together known as operational keys.
Ovals
representKEYS
MasterKey
Rectangles
representTYPES
Master
Keys
KEKMK
Transport
Keys
Operational
Keys
User
Data
DATAMK
KEKs
Incoming
SharedData
Outgoing
SharedData
WorkingKeys
UserData
Unauthorized Type-Casting:
Some type-casting is an unauthorized as the designer does not want it to be possible. In some
architecture it is not possible to judge whether the type-caste is a bug or a feature. If type-casting
is possible it should be regulated at all the stages by the function of access control. If the crypto
processor does not contain internal key structure it will not difficult in deleting the keys. If the
crypto processor lost the encrypted version key then it cannot prevent an attacker in saving his
own copy. By changing the master keys at the top of the hierarchy the deletion of the keys can be
effected.
Master
Keys
ZCMK
Transport
Keys
ZCMK
Op.
Keys
ZCMK_I
WK
TC
TMK/PIN
LP
TMK/PIN
User
Data
WK
TC
TMK_I
WK_I
TC_I
LP
Master
Keys
Transport
Keys
Op.
Keys
User
Data
MAC
MAC_I
KMxIMP
KMxIMP
IMPORTER
EXPORTER
PIN
PIN_I
DAT
DAT_I
MAC
MAC_I
PIN
PIN_I
KMxMAC
DAT
DAT_I
MAC
MAC_I
KMxPIN
PIN
PIN_I
KMxDAT
DAT
DAT_I
REFERENCES:
http://www.cl.cam.ac.uk/~mkb23/research/Survey.pdf
http://en.wikipedia.org/wiki/Secure_cryptoprocessor
http://www.brocade.com/downloads/documents/best_practice_guides/encryption-bestpractices.pdf
http://ieeexplore.ieee.org/xpl/login.jsp?tp=&arnumber=6815431&url=http%3A%2F
%2Fieeexplore.ieee.org%2Fxpls%2Fabs_all.jsp%3Farnumber%3D6815431
https://www.cis.upenn.edu/~milom/cse372-Spring06/lectures/02_fpgas.pdf