Partitioned security processor architecture on FPGA platform

Paul, Rourab; Shukla, Sandeep K.

doi:10.1049/iet-cdt.2017.0178

Cited by 11 publications

(11 citation statements)

References 35 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The architecture with blockchain to protect severe key threats consumes 95k logic cells which is around 45% of the total logic cells available in Artix-7 FPGA. As shown in Table I articles [5], [8] and [6] proposed dedicated secret key memories which are completely isolated from processor area to prevent software threats but this architecture does not prevent incorrect use, insecure movement and non-destructions issues of keys. If any spoofing IPs or dishonest probes already exist inside the architectures of [5], [8] and [6] and try to read secret key stored in dedictaed key memory, the system will allow the key transaction to those malicious nodes.…”

Section: Implementation and Resultsmentioning

confidence: 99%

“…As shown in Table I articles [5], [8] and [6] proposed dedicated secret key memories which are completely isolated from processor area to prevent software threats but this architecture does not prevent incorrect use, insecure movement and non-destructions issues of keys. If any spoofing IPs or dishonest probes already exist inside the architectures of [5], [8] and [6] and try to read secret key stored in dedictaed key memory, the system will allow the key transaction to those malicious nodes. Though the dedicated key memories proposed in these article are physically isolated but can not prevent said incorrect and insecure movement of secret keys.…”

Section: Implementation and Resultsmentioning

confidence: 99%

“…In this architecture we have partitioned three areas such (i) processor area, (II) crypto area and (iii)confidential area. The whole architectural details is stated in [6]. The partitioned and isolated confidential area to store secret keys assures that the secret key never come in the processor area because the processor area is very much vulnerable for various software threats.…”

Section: E Incorrect Use Of Keysmentioning

confidence: 99%

See 2 more Smart Citations

The Blockchain Based Auditor on Secret key Life Cycle in Reconfigurable Platform

Paul,

Ghosh,

Chakrabarti

et al. 2020

Preprint

Self Cite

View full text Add to dashboard Cite

The growing sophistication of cyber attacks, vulnerabilities in high computing systems and increasing dependency on cryptography to protect our digital data make it more important to keep secret keys safe and secure. Few major issues on secret keys like incorrect use of keys, inappropriate storage of keys, inadequate protection of keys, insecure movement of keys, lack of audit logging, insider threats and non-destruction of keys can compromise the whole security system dangerously. In this article, we have proposed and implemented an isolated secret key memory which can log life cycle of secret keys cryptographically using blockchain (BC) technology. We have also implemented a special custom bus interconnect which receives custom crypto instruction from Processing Element (PE). During the execution of crypto instructions, the architecture assures that secret key will never come in the processor area and the movement of secret keys to various crypto core is recored cryptographically after the proper authentication process controlled by proposed hardware based BC. To the best of our knowledge, this is the first work which uses blockchain based solution to address the issues of the life cycle of the secret keys in hardware platform. The additional cost of resource usage and timing complexity we spent to implement the proposed idea is very nominal. We have used Xilinx Vivado EDA tool and Artix 7 FPGA board.

show abstract

Section: Implementation and Resultsmentioning

confidence: 99%

Section: Implementation and Resultsmentioning

confidence: 99%

Section: E Incorrect Use Of Keysmentioning

confidence: 99%

See 1 more Smart Citation

The Blockchain Based Auditor on Secret key Life Cycle in Reconfigurable Platform

Paul,

Ghosh,

Chakrabarti

et al. 2020

Preprint

Self Cite

View full text Add to dashboard Cite

show abstract

“…Efficient implementations of these protocols as embedded cryptosystems can be problematic, since the target devices are usually very limited in terms of power, resources and timing. Several TLS/SSL embedded cryptosystem implementations have been proposed in the literature [12][13][14][15][16][17]. OpenSSL [18,19] is the most deployed library for TLS/SSL applications through software implementations of basic cryptographic functions.…”

Section: Introductionmentioning

confidence: 99%

“…For only-software TLS/SSL implementations [17,20], servers can be overloaded with heavy cryptographic operations, which results in long response times. To alleviate this bottleneck, dedicated hardware coprocessors [12][13][14][15][16][17]21] have been proposed, as Network Security Processors (NSP), as a solution to free these severs from cryptographic operations for flexible management. Nevertheless, although effective efforts have been made [10] for the acceleration of encryption methods, NSPs can provoke an overhead of hardware resources utilization [12,16] to achieve high-performance, due to the required intensive computations within cryptographic algorithms.…”

Section: Introductionmentioning

confidence: 99%

Efficient Implementation on Low-Cost SoC-FPGAs of TLSv1.2 Protocol with ECC_AES Support for Secure IoT Coordinators

et al. 2019

View full text Add to dashboard Cite

Security management for IoT applications is a critical research field, especially when taking into account the performance variation over the very different IoT devices. In this paper, we present high-performance client/server coordinators on low-cost SoC-FPGA devices for secure IoT data collection. Security is ensured by using the Transport Layer Security (TLS) protocol based on the TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 cipher suite. The hardware architecture of the proposed coordinators is based on SW/HW co-design, implementing within the hardware accelerator core Elliptic Curve Scalar Multiplication (ECSM), which is the core operation of Elliptic Curve Cryptosystems (ECC). Meanwhile, the control of the overall TLS scheme is performed in software by an ARM Cortex-A9 microprocessor. In fact, the implementation of the ECC accelerator core around an ARM microprocessor allows not only the improvement of ECSM execution but also the performance enhancement of the overall cryptosystem. The integration of the ARM processor enables to exploit the possibility of embedded Linux features for high system flexibility. As a result, the proposed ECC accelerator requires limited area, with only 3395 LUTs on the Zynq device used to perform high-speed, 233-bit ECSMs in 413 µs, with a 50 MHz clock. Moreover, the generation of a 384-bit TLS handshake secret key between client and server coordinators requires 67.5 ms on a low cost Zynq 7Z007S device.

show abstract

Hardware acceleration design of the SHA-3 for high throughput and low area on FPGA

Sideris,

Sanida,

Dasygenis

2023

J Cryptogr Eng

View full text Add to dashboard Cite

In sensitive communications, the cryptographic hash function plays a crucial role, including in the military, healthcare, and banking, ensuring secure transmission by verifying data integrity and carrying out other vital tasks. Compared to other cryptographic hash algorithms, such as SHA-1 and SHA-2, the Keccak hash function (SHA-3) boasts superior hardware performance and is more resilient to modern cryptanalysis techniques. Nonetheless, hardware performance enhancements, such as boosting speed or reducing area usage, are constantly required. This research focuses on increasing the Keccak hash algorithm’s throughput rate by introducing a novel architecture that reduces the total number of clock cycles required to obtain the result of a hash function. Additionally, the new simplified structure of the round constant (RC) generator design assures a reasonably low area and achieves the highest throughput and efficiency. Thus, when implemented, it achieved the highest throughput of 19.515 Gbps, 24.428 Gbps, 33.393 Gbps, and 36.358 Gbps on FPGA devices with the Virtex-5, Artix-7, Virtex-6, and Virtex-7, respectively. Finally, our approach is compared to recently published designs.

show abstract

Partitioned security processor architecture on FPGA platform

Cited by 11 publications

References 35 publications

The Blockchain Based Auditor on Secret key Life Cycle in Reconfigurable Platform

The Blockchain Based Auditor on Secret key Life Cycle in Reconfigurable Platform

Efficient Implementation on Low-Cost SoC-FPGAs of TLSv1.2 Protocol with ECC_AES Support for Secure IoT Coordinators

Hardware acceleration design of the SHA-3 for high throughput and low area on FPGA

Contact Info

Product

Resources

About