Lightweight secure-boot architecture for RISC-V System-on-Chip
Securing thousands of connected, resource-constrained computing devices is a major challenge nowadays. Adding to the challenge, third party service providers need regular access to the system. To ensure the integrity of the system and authenticity of the software vendor, secure boot is supported by...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Other Authors: | |
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
2020
|
| Subjects: | |
| Online Access: | https://hdl.handle.net/10356/143198 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Nanyang Technological University |
| Language: | English |
| id |
sg-ntu-dr.10356-143198 |
|---|---|
| record_format |
dspace |
| spelling |
sg-ntu-dr.10356-1431982020-09-01T06:51:14Z Lightweight secure-boot architecture for RISC-V System-on-Chip Haj-Yahya, Jawad Wong, Ming Ming Pudi, Vikramkumar Bhasin, Shivam Chattopadhyay, Anupam School of Computer Science and Engineering 20th International Symposium on Quality Electronic Design (ISQED) Institute of Microelectronics, A*STAR Engineering::Computer science and engineering Secure Boot Physical Unclonable Function Securing thousands of connected, resource-constrained computing devices is a major challenge nowadays. Adding to the challenge, third party service providers need regular access to the system. To ensure the integrity of the system and authenticity of the software vendor, secure boot is supported by several commercial processors. However, the existing solutions are either complex, or have been compromised by determined attackers. In this scenario, open-source secure computing architectures are poised to play an important role for designers and white hat attackers. In this manuscript, we propose a lightweight hardware-based secure boot architecture. The architecture uses efficient implementation of Elliptic Curve Digital Signature Algorithm (ECDSA), Secure Hash Algorithm 3 (SHA3) hashing algorithm and Direct Memory Access (DMA). In addition, the architecture includes Key Management Unit, which incorporates an optimized Physical Unclonable Function (PUF) for providing keys to the security blocks of the System on Chip (SoC), among which, secure boot and remote attestation. We demonstrated the framework on RISC-V based SoC. Detailed analysis of performance and security for the platform is presented. National Research Foundation (NRF) Accepted version This research is supported by NRF-BICSAF project (Project ID: NRF2016NCR-NCR001-006). 2020-08-12T04:42:01Z 2020-08-12T04:42:01Z 2019 Conference Paper Haj-Yahya, J., Wong, M. M., Pudi, V., Bhasin, S., & Chattopadhyay, A. (2019). Lightweight secure-boot architecture for RISC-V System-on-Chip. Proceedings of the 20th International Symposium on Quality Electronic Design (ISQED), 216-223. doi:10.1109/ISQED.2019.8697657 978-1-7281-0393-8 https://hdl.handle.net/10356/143198 10.1109/ISQED.2019.8697657 2-s2.0-85065164064 216 223 en © 2019 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. The published version is available at: https://doi.org/10.1109/ISQED.2019.8697657. application/pdf |
| institution |
Nanyang Technological University |
| building |
NTU Library |
| country |
Singapore |
| collection |
DR-NTU |
| language |
English |
| topic |
Engineering::Computer science and engineering Secure Boot Physical Unclonable Function |
| spellingShingle |
Engineering::Computer science and engineering Secure Boot Physical Unclonable Function Haj-Yahya, Jawad Wong, Ming Ming Pudi, Vikramkumar Bhasin, Shivam Chattopadhyay, Anupam Lightweight secure-boot architecture for RISC-V System-on-Chip |
| description |
Securing thousands of connected, resource-constrained computing devices is a major challenge nowadays. Adding to the challenge, third party service providers need regular access to the system. To ensure the integrity of the system and authenticity of the software vendor, secure boot is supported by several commercial processors. However, the existing solutions are either complex, or have been compromised by determined attackers. In this scenario, open-source secure computing architectures are poised to play an important role for designers and white hat attackers. In this manuscript, we propose a lightweight hardware-based secure boot architecture. The architecture uses efficient implementation of Elliptic Curve Digital Signature Algorithm (ECDSA), Secure Hash Algorithm 3 (SHA3) hashing algorithm and Direct Memory Access (DMA). In addition, the architecture includes Key Management Unit, which incorporates an optimized Physical Unclonable Function (PUF) for providing keys to the security blocks of the System on Chip (SoC), among which, secure boot and remote attestation. We demonstrated the framework on RISC-V based SoC. Detailed analysis of performance and security for the platform is presented. |
| author2 |
School of Computer Science and Engineering |
| author_facet |
School of Computer Science and Engineering Haj-Yahya, Jawad Wong, Ming Ming Pudi, Vikramkumar Bhasin, Shivam Chattopadhyay, Anupam |
| format |
Conference or Workshop Item |
| author |
Haj-Yahya, Jawad Wong, Ming Ming Pudi, Vikramkumar Bhasin, Shivam Chattopadhyay, Anupam |
| author_sort |
Haj-Yahya, Jawad |
| title |
Lightweight secure-boot architecture for RISC-V System-on-Chip |
| title_short |
Lightweight secure-boot architecture for RISC-V System-on-Chip |
| title_full |
Lightweight secure-boot architecture for RISC-V System-on-Chip |
| title_fullStr |
Lightweight secure-boot architecture for RISC-V System-on-Chip |
| title_full_unstemmed |
Lightweight secure-boot architecture for RISC-V System-on-Chip |
| title_sort |
lightweight secure-boot architecture for risc-v system-on-chip |
| publishDate |
2020 |
| url |
https://hdl.handle.net/10356/143198 |
| _version_ |
1681058915935059968 |