Crypto blaze 8 bit security microcontroller
This presentation is the property of its rightful owner.
Sponsored Links
1 / 21

Crypto Blaze : 8-Bit Security Microcontroller PowerPoint PPT Presentation


  • 84 Views
  • Uploaded on
  • Presentation posted in: General

Crypto Blaze : 8-Bit Security Microcontroller. Agenda. What is CryptoBlaze? KryptoKit GF(2 m ) Multiplier Customize CryptoBlaze Attacks CryptoBlaze Support. What is Crypto Blaze ?. A fully customizable soft microcontroller PicoBlaze 49 baseline16-bit instructions

Download Presentation

Crypto Blaze : 8-Bit Security Microcontroller

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Crypto blaze 8 bit security microcontroller

CryptoBlaze:8-Bit Security Microcontroller


Agenda

Agenda

  • What is CryptoBlaze?

  • KryptoKit

  • GF(2m) Multiplier

  • Customize CryptoBlaze

  • Attacks

  • CryptoBlaze Support


What is crypto blaze

What is CryptoBlaze?

  • A fully customizable soft microcontroller

    • PicoBlaze

    • 49 baseline16-bit instructions

    • 8 general-purpose 8-bit registers

  • Set of Cryptographic processor architecture extensions (“KryptoKit”)

    • Field operations

    • S-Boxes

    • LFSR extensions


Picoblaze

PicoBlaze


Picoblaze baseline instruction set

PicoBlaze Baseline Instruction Set


Kryptokit

KryptoKit

* irreducible polynomial in trinomial or pentanomial form


What is a galois field

What is a Galois Field?

  • Finite Field with binary operands

  • Has all the math properties for closure on addition, multiplication, commutivity, etc.

  • An extension field permits polynomial notation and algebraic manipulation

  • Commonly used to describe Linear Feedback Shift Registers

  • Very interesting properties appropriate to CPLDs


Finite field arithmetic

Finite Field Arithmetic

  • Field Arithmetic is cool

    • All operands ultimately the same number of bits

    • Suitable for fixed word size applications

      • Cryptography

      • Channel coding (Reed Solomon, BCH, Viterbi, etc.)

      • Digital signal processing

  • Addition for Galois Fields is just EX-OR

  • Multiplication can be done with Add/Shift

    • Needs polynomial “modulo” correction


Example gf 2 3 multiply

Example of 8 Bit Multiplication

8

4

3

57 * 83 = C1 (reduction polynomial = X

+ X

+ X

+ X + 1

= 100011011)

0101 0111 (57)

x 1000 0011

(83)

01010111

01010111

00000000

00000000

00000000

00000000

00000000

01010111_______

10101101111001 (answer, must be reduced)

EX-OR

100011011_____

00100000011001 (must be reduced again!)

EX-OR

100011011___

000011000001 = C1 (done! ie, stop when msb=1)

Example: GF(23) Multiply


Gf 2 m multiplier adder

GF(2m) Multiplier/Adder

  • Natural extension of Berlekamp-Massey structure

  • Based on work of Johannes Großschädl

  • Compiled & simulated

  • Works in serial or parallel modes

  • Can use DualEdge clocking for performance

  • Operates up to: 250+ MHz

  • Built up to 163 bits long in CoolRunner-II

  • App Note on GF(2m) Multiplier (Xapp 371)


Gf 2 4 multiplier

MULTIPLIER

RESULT = (A x B)mod P

Q

Q

Q

Q

D

D

D

D

A(3)

A(2)

A(1)

A(0)

MULTIPLICAND

MSB

Q

Q

Q

Q

MSB

B(3)

B(2)

B(1)

B(0)

D

D

D

D

R(3)

R(2)

R(1)

R(0)

Q

Q

Q

Q

RESULT

0

0

0

0

D

D

D

D

1

1

1

1

MSB

MPY/ADD

Q

Q

Q

Q

P(3)

P(2)

P(1)

P(0)

D

D

D

D

IRREDUCIBLE POLYNOMIAL

NOTE: CLOCKS & EXTERNAL DATA INPUT

CONNECTIONS ARE NOT SHOWN

GF(24) Multiplier


Crypto blaze 8 bit security microcontroller

Result = 0

The Flow

Loop = 3

Left shift Result (fill with 0)

Result = Result (A i AND B)

Loop = Loop -1

Yes

Subtract Polynomial

Loop = 0?

Done

No

Yes

Res. MS bit =1?

No


Crypto blaze picoblaze with field operations

CryptoBlaze =PicoBlaze with Field Operations

GF(23)

MPY


Applications

Applications

  • ECC-Error Channel Coding

    • Reed-Solomon

    • BCH operations

  • ECC-elliptic curve cryptography

  • RSA

  • Advanced Encryption Standard


Coolrunner ii enhanced security

CoolRunner-II Enhanced Security

  • Multiple security bits

  • Nonvolatile

  • Reconfigurable

  • Multiple metal layers

  • Difficult to reverse engineer

  • Double Data Rate Operation

  • DataGate


Design your own

Design Your Own

  • Start with baseline instrs. - delete unused ones

  • Add choice of elements from KryptoKit

  • Evaluate tradeoffs of S/W vs. H/W solutions

    • First identify bottlenecks

    • Second evaluate replacement H/W

  • Invent new instructions

  • Tune the processor to suit your requirements

  • Easy to add to VHDL and the assembler


Attacks

Attacks

  • Anything that can get a cryptographic module to reveal its “secret” is an attack

    • Brute force attack (lots of trials)

    • Chosen text attacks

    • Side channel

      • Timing attacks

      • Power analysis

      • Tempest attack

  • Usually targets the protocol


Power analysis kerckhoffs meets kirchoff

Power Analysis: Kerckhoffs meets Kirchoff

  • Looks at the current flow into a chip over time

  • Distinguishes “different” power behavior to reveal inner behavior of algorithm

  • Usually focuses on microprocessors, with knowledge of algorithm and instruction set

  • Easily identifies loop/branching behavior

    • loop behavior correlates to keystream bits

  • CryptoBlaze method permits tuning of the processor to increase difficulty of Power Analysis


Basic idea

-

+

input

output

Basic Idea


Power attack strategies

Power Attack Strategies

  • Loop behavior is identified with Power Analysis

  • Loop unrolling helps

  • Breaking up loops helps

  • Modifying instructions helps

  • Modifying hardware helps

    • bogus randomizing hardware

  • Homogenizing execution time helps

  • Main idea: changing the hardware helps!

  • Power tuning is possible


Crypto blaze conclusion

CryptoBlazeConclusion

  • Building specialized processors can improve:

    • Performance

    • Power consumption

    • Security

  • Development support available free from Xilinx

    • Basic reference design

    • Cross Assembler

    • Krypto Kit

  • Fully supported by Xilinx Design Software


  • Login