1 / 27

LIGHTWEIGHT CRYPTOGRAPHIC TECHNIQUES

LIGHTWEIGHT CRYPTOGRAPHIC TECHNIQUES. Horace Yuen, Alan Sahakian Northwestern University Agnes Chan Northeastern University Majid Sarrafzadeh UCLA. PROBLEMS. Information security in microsensor networks authentication encryption key management. identification. data integrity.

navid
Download Presentation

LIGHTWEIGHT CRYPTOGRAPHIC TECHNIQUES

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. LIGHTWEIGHT CRYPTOGRAPHIC TECHNIQUES Horace Yuen, Alan Sahakian Northwestern University Agnes Chan Northeastern University Majid SarrafzadehUCLA

  2. PROBLEMS • Information security in microsensor networks • authentication • encryption • key management identification data integrity • Performance Measures: • Security level • Power consumption • Encryption/decryption rate • Complexity/cost

  3. Tasks: • Novel Stream Ciphers • New Spread Signal (SSi) Cryptography • Power Efficient Cryptoalgorithms

  4. Encryption Secrecy Mod • K’ not observable – no known-plaintext attack can be launched against the stream cipher; exponential search needed to find K • Protect against known-plaintext attack for the above SSischeme via Data Randomization– use two systems with inputs X and X + X , X random ~ ~

  5. UNDERLYING MECHANISM • Error prob Pe ~ exp { –SNR / 2 } • in additive white Gaussian noise • SNR signal-to-voice ratio • SNRB = E0/N0 for Babe • SNR1 = E1/N1 for Eve if basis known SNRM = if basis unknown • Can utilize deliberate randomization in lieu of channel noise

  6. M-ARY PHASE SHIFT KEYING (BPSK) 2  = — M d2 1 0  d1 (II) 1 0 (I) • basis I or II or . . . (M/2) known to users A and B as BPSK • basis unknown to eavesdropper E Adam Babe Eve

  7. Task C: Power Efficient Cryptoalgorithms • Predictability Driven Low Power Design Methodology • Improving the design tolerance to uncertainties

  8. Predictability Driven Design Flow • Definition: Quantified value of (in)accuracy is defined as (un)predictability. • Causes: • Downstream Optimizations: The correct position of a node on the power/delay, power/area curve is not known at high level causing unpredictability • Input Trace: The application that runs on the design can greatly effect the power estimate • Unawareness of module architecture • Other sources: Physical Design, glitch etc.

  9. Predictability Driven Design Flow • Why is Predictability Important? A More Predictable Design would mean more accurate and meaningful estimates Enables the development of a system that has accuracy/design quality tradeoff

  10. Predictability Driven Design Flow • The table indicates the variation of power for different optimization scripts of design compiler for two different architectures • It indicates that even though arch2 dissipates more power, it has higher predictability Tradeoff Between Design Quality and Predictability

  11. Predictability Driven Design Flow • This table indicates the variation in the power dissipation for different architecture and different optimization options • Hence if we don’t know the architecture that implements a computation that can also lead to unpredictability

  12. Predictability Driven Binding • Low Power Binding Problem has been optimally solved using Min-Cost flow methodology (or ILP formulations) • It Minimizes the sum the switched capacitance of all the edges used in the compatibility graph to form the binded solution Cij Compatibility Graph: All edges have costs that indicate the associated switching activity Binded Solution

  13. Predictability Driven Design Flow • Let us assume each edge cost of the compatibility graph has an associated unpredictability. These unpredictabilities are represented as % variation from the base cost value • The objective is to minimize the unpredictability of the binded solution • Objective Functions: • Average of the unpredictability of the edges in the binded solution is minimized • Maximum unpredictability in the binded solution is minimized

  14. Predictability Driven Design Flow Some Experimental Results • Benchmarks: Mediabench (C) • SUIF was used to generate DFGs which were scheduled with a path based scheduler. • The DFG was then characterized for switched capacitance and unpredictability using synopsis D.C. • It was then binded using different objective functions: Mincost (Minimum switched capacitance), Min Average Unpredictability and Min Max Unpredictability

  15. Predictability Driven Binding: Experimental Results • We see that an unpredictability driven binding methodology greatly improves the level of accuracy as compared to a Mincost solution (Minimum power solution)

  16. Uncertainty Driven Design Flow • The idea is to have a high level specification of the design which allows a lot of freedom to low level optimizations • This freedom can be generated by exploiting the concept of slack in high level designs • More slack would make the design robust to uncertainties • More slack will enable better design space exploration by low level optimizations

  17. Slack Oriented Design Flow 1 2 • Operation 2 can be scheduled in either clock step 1 or 2 • This extra slack can be used by delaying operation 2, hence gaining in area/power/runtime. It makes the design tolerant to uncertainties. • Experiments with synopsis design compiler shows that this extra slack can make logic synthesis 50% faster. 3

  18. Slack Oriented Design Flow Scheduling Scheduling for more slack, Independent Set Based Algorithm Budgeting Delay Budgeting for Maximum Slack Utilization: Optimally Solvable Binding operations for generatingresources with high slack Binding

  19. Slack Oriented Design Flow • Experimental results showed that for some typical benchmarks generated from the Mediabench Suite, we could generate a binded solution with resoureces having relaxed delay constraints due to higher slacks • These relaxed delay constraints could be used by the low level logic optimization tools to improve the design quality and runtime.

  20. Benchmarking: Cryptography • VHDL/ C implementations of Crypto-algorithms are being studied for power/security tradeoffs. • Emphasis on sensor network kind of applications where power needs to be saved keeping some degree of security. Or, to tradeoff security/power/cost • Study of predictability issues in crypto-hardware

  21. Power Efficient Cryptoalgorithms Task A,B RTL VHDL Input Parser Builds CDFG Resource characterize Resource library Behavioral synthesis (Schedule, Allocate, floorplan) Behavioral power estimator Logic synthesis (global factoring local resizing) Logic power estimate (deterministic, prob. stochastic) Netlist of gates with power control Power models

  22. Power Driven High Level Design Flow Simulation VSS Behavioral Simulator • The Power values were obtained by doing an RTL simulation of the design and extracting the switching activity. This activity was annotated to the binder which solves the problem Behavioral Specification VHDL/Verilog/C Scheduling Timing Constrained Simulation Resource Allocation & Binding RTL Netlist

  23. Power Driven At RT-Level and Gate Level (Synopsis DC) Simulation VSS RTL Simulator RTL Specification VHDL/ Output of BC Compile Synthesize of minimum area and delay Simulation VSS Gate Level Simulator Gate Level Netlist

  24. Crypto-motion tracking/estimation

  25. Example

  26. FUTURE WORK • Tradeoff of the various performance measures and system parameters for different modulation/encryption formats • Quantify security levels, via Eve’s probabilities of successful estimating the data and the key, as functions of system parameters • Complete security proofs

More Related