Affiliation:
1. Princeton University, Princeton, NJ
2. Purdue University, West Lafayette, IN
Abstract
Trusted platforms have been proposed as a promising approach to enhance the security of general-purpose computing systems. However, for many resource-constrained embedded systems, the size and cost overheads of a separate Trusted Platform Module (TPM) chip are not acceptable. One alternative is to use a software-based TPM, which implements TPM functions using software that executes in a protected execution domain on the embedded processor itself. However, since many embedded systems have limited processing capabilities and are battery-powered, it is also important to ensure that the computational and energy requirements for SW-TPMs are acceptable.
In this article, we perform an evaluation of the energy and execution time overheads for a SW-TPM implementation on a handheld appliance (Sharp Zaurus PDA). We characterize the execution time and energy required by each TPM command through actual measurements on the target platform. We observe that for most commands, overheads are primarily due to the use of 2,048-bit RSA operations that are performed within the SW-TPM. In order to alleviate SW-TPM overheads, we evaluate the use of Elliptic Curve Cryptography (ECC) as a replacement for the RSA algorithm specified in the Trusted Computing Group (TCG) standards. In addition, we also evaluate the overheads of using the SW-TPM in the context of various end applications, including trusted boot of the Linux operating system (OS), a secure VoIP client, and a secure Web browser. Furthermore, we analyze the computational workload involved in running SW-TPM commands using ECC. We then present a suite of hardware and software enhancements to accelerate these commands—generic custom instructions and exploitation of parallel processing capabilities in multiprocessor systems-on-chip (SoCs). We report results of evaluating the proposed architectures on a commercial embedded processor (Xtensa from Tensilica). Through uniprocessor and multiprocessor optimizations, we could achieve speed-ups of up to 5.71X for individual TPM commands.
Funder
National Science Foundation
Division of Computer and Network Systems
Publisher
Association for Computing Machinery (ACM)
Subject
Hardware and Architecture,Software
Reference38 articles.
1. ARM 2004. Secure extensions to the ARM architecture. http://www.arm.com/trustzone. ARM 2004. Secure extensions to the ARM architecture. http://www.arm.com/trustzone.
2. Broekman M. 2005. End-to-end application security using trusted computing. http://www.cs.ru.nl/onderwijs/afstudereninfo/scripties/2005/MichielBroekmanScriptie.pdf. Broekman M. 2005. End-to-end application security using trusted computing. http://www.cs.ru.nl/onderwijs/afstudereninfo/scripties/2005/MichielBroekmanScriptie.pdf.
3. Chair for System Security University of Bochum Germany 2005. GRUB TCG Patch to support Trusted Boot. http://trousers.sourceforge.net/grub.html. Chair for System Security University of Bochum Germany 2005. GRUB TCG Patch to support Trusted Boot. http://trousers.sourceforge.net/grub.html.
4. Computer Emergency Response Team (CERT). 2005. CERT research 2005 annual report. Carnegie Mellon University. http://www.cert.org/archive/pdf/cert_rsch_annual_rpt_2005.pdf. Computer Emergency Response Team (CERT). 2005. CERT research 2005 annual report. Carnegie Mellon University. http://www.cert.org/archive/pdf/cert_rsch_annual_rpt_2005.pdf.
Cited by
24 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. A Survey on Security and Privacy Issues in Modern Healthcare Systems;ACM Transactions on Computing for Healthcare;2021-07
2. Trusted Video Streaming on Edge Devices;2021 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events (PerCom Workshops);2021-03-22
3. TEE-based protection of cryptographic keys on embedded IoT devices;Annales Mathematicae et Informaticae;2021
4. NVM-Shelf: Secure Hybrid Encryption with Less Flip for Non-Volatile Memory;Electronics;2020-08-13
5. An Approach of Implementing SW-TPM in Real-Time Operating System;Communications in Computer and Information Science;2019