Abstract
Isolated execution is a concept commonly used for increasing the security of a computer system. In the embedded world, ARM TrustZone technology enables this goal and is currently used on mobile devices for applications such as secure payment or biometric authentication. In this work, we investigate the security benefits achievable through the usage of ARM TrustZone on FPGA-SoCs. We first adapt Microsoft’s implementation of a firmware Trusted Platform Module (fTPM) running inside ARM TrustZone for the Zynq UltraScale+ platform. This adaptation consists in integrating hardware accelerators available on the device to fTPM’s implementation and to enhance fTPM with an entropy source derived from on-chip SRAM start-up patterns. With our approach, we transform a software implementation of a TPM into a hybrid hardware/software design that could address some of the security drawbacks of the original implementation while keeping its flexibility. To demonstrate the security gains obtained via the usage of ARM TrustZone and our hybrid-TPM on FPGA-SoCs, we propose a framework that combines them for enabling a secure remote bitstream loading. The approach consists in preventing the insecure usages of a bitstream reconfiguration interface that are made possible by the manufacturer and to integrate the interface inside a Trusted Execution Environment.
- [1] . 2016. ARM Security Technology - Build a Secure System using TrustZone Technology.
Issue D.c. https://developer.arm.com/documentation/PRD29-GENC-009492/c.Google Scholar - [2] . 2015. A Practical Guide to TPM 2.0: Using the Trusted Platform Module in the New Age of Security (1st ed.). Apress, USA. Google Scholar
Digital Library
- [3] . 2012. NIST Special Publication 800-90A (A Revision of SP 800-90) Recommendation for Random Number Generation Using Deterministic Random Bit Generators. https://csrc.nist.gov/publications/detail/sp/800-90a/rev-1/final.Google Scholar
- [4] . 2010. SP 800-22 Rev. 1a. A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications.
Technical Report . Gaithersburg, MD. Google ScholarDigital Library
- [5] . 2019. simTPM: User-centric TPM for mobile devices. In 28th USENIX Security Symposium (USENIX Security’19). USENIX Association, Santa Clara, CA, 533–550. Retrieved from https://www.usenix.org/conference/usenixsecurity19/presentation/chakraborty. Google Scholar
Digital Library
- [6] . 2016. Intel SGX explained. IACR Cryptol. ePrint Arch. 2016 (2016), 86.Google Scholar
- [7] . 2020. MLE OP-TEE for Zynq Ultrascale+ devices. Retrieved from https://www.missinglinkelectronics.com/security.Google Scholar
- [8] . 2020. The unpatchable silicon: A full break of the bitstream encryption of Xilinx 7-series FPGAs. In 29th USENIX Security Symposium (USENIX Security’20). USENIX Association, 1803–1819. Retrieved from https://www.usenix.org/conference/usenixsecurity20/presentation/ender. Google Scholar
Digital Library
- [9] . 2019. Security advisory: Xilinx ZU+ Encrypt Only Secure Boot bypass. Retrieved from https://github.com/ f-secure-foundry/advisories/blob/master/Security_Advisory-Ref_FSC-HWSEC-VR2019-0001-Xilinx_ZU+-Encrypt_ Only_Secure_Boot_bypass.txt.Google Scholar
- [10] . 2017. Voltage drop-based fault attacks on FPGAs using valid bitstreams. In 27th International Conference on Field Programmable Logic and Applications (FPL’17). 1–7.
DOI: https://doi.org/10.23919/FPL.2017.8056840Google ScholarCross Ref
- [11] . 2020. Remote side-channel attacks on heterogeneous SoC. In Smart Card Research and Advanced Applications, and (Eds.). Springer International Publishing, Cham, 109–125.Google Scholar
Cross Ref
- [12] . 2019. Breaking TrustZone memory isolation through malicious hardware on a modern FPGA-SoC. In Proceedings of the 3rd ACM Workshop on Attacks and Solutions in Hardware Security Workshop (ASHES’19). Association for Computing Machinery, New York, NY, 3–12.
DOI: https://doi.org/10.1145/3338508.3359568 Google ScholarDigital Library
- [13] . 2009. Lest we remember: Cold-boot attacks on encryption keys. Commun. ACM 52, 5 (
May 2009), 91–98.DOI: https://doi.org/10.1145/1506409.1506429Google ScholarDigital Library
- [14] . 2021. Side-channel analysis of the Xilinx Zynq UltraScale+ encryption engine. IACR Trans. Cryptogr. Hardw. Embed. Syst. 2021, 1 (2021), 279–304.
DOI: https://doi.org/10.46586/tches.v2021.i1.279-304Google Scholar - [15] . 2009. Power-up SRAM state as an identifying fingerprint and source of true random numbers. IEEE Trans. Comput. 58 (
10 2009), 1198–1210.DOI: https://doi.org/10.1109/TC.2008.212 Google ScholarDigital Library
- [16] . 2020. Recent trends in applying TPM to cloud computing. Secur. Priv. 3, 1 (2020), e93.
DOI: https://doi.org/10.1002/spy2.93Google Scholar - [17] . 2017. How to break secure boot on FPGA SoCs through malicious hardware. In Cryptographic Hardware and Embedded Systems – CHES 2017 (Lecture Notes in Computer Science), Vol. 10529. Springer, 425–442.
DOI: https://doi.org/10.1007/978-3-319-66787-4_21Google Scholar - [18] . 2016. AMD memory encryption. White Paper (2016). https://developer.amd.com/wordpress/media/2013/12/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf.Google Scholar
- [19] . 2021. Utilizing and extending trusted execution environment in heterogeneous SoCs for a pay-per-device IP licensing scheme. IEEE Trans. Inf. Forens. Secur. 16 (2021), 2548–2563.
DOI: https://doi.org/10.1109/TIFS.2021.3058777Google ScholarCross Ref
- [20] . 2014. Flipping bits in memory without accessing them: An experimental study of DRAM disturbance errors. In ACM/IEEE 41st International Symposium on Computer Architecture. IEEE Computer Society, 361–372.
DOI: https://doi.org/10.1109/ISCA.2014.6853210 Google ScholarDigital Library
- [21] . 2019. hTPM: Hybrid implementation of trusted platform module. 3–10.
DOI: https://doi.org/10.1145/3338511.3357348Google Scholar - [22] . 2018. FPGAhammer: Remote voltage fault attacks on shared FPGAs, suitable for DFA on AES. IACR Trans. Cryptog. Hardw. Embed. Syst. 2018, 3 (
Aug. 2018), 44–68.DOI: https://doi.org/10.13154/tches.v2018.i3.44-68Google ScholarCross Ref
- [23] . 2012. Efficient implementation of true random number generator based on SRAM PUFs. In Cryptography and Security: From Theory to Applications: Essays Dedicated to Jean-Jacques Quisquater on the Occasion of His 65th Birthday, David Naccache (Eds.). Springer Berlin Heidelberg, 300–318.
DOI: 10.1007/978-3-642-28368-0_20Google Scholar - [24] . 2020. OP-TEE: Open Portable Trusted Execution Environment. Retrieved from https://github.com/OP-TEE.Google Scholar
- [25] . 2011. A Systematic Method to Evaluate and Compare the Performance of Physical Unclonable Functions. Cryptology ePrint Archive, Report 2011/657. Retrieved from https://eprint.iacr.org/2011/657.Google Scholar
- [26] . 2020. MS TPM 2.0 Reference Implementation. Retrieved from https://github.com/microsoft/ms-tpm-20-ref.Google Scholar
- [27] . 2020. TPM-FAIL: TPM meets timing and lattice attacks. In 29th USENIX Security Symposium (USENIX Security’20). USENIX Association, Boston, MA. Retrieved from https://www.usenix.org/conference/usenixsecurity20/presentation/moghimi. Google Scholar
Digital Library
- [28] . 2011. On the vulnerability of FPGA bitstream encryption against power analysis attacks: Extracting keys from Xilinx Virtex-II FPGAs. In 18th ACM Conference on Computer and Communications Security. 111–124. Google Scholar
Digital Library
- [29] . 2018. Introduction to Trusted Execution Environments. https://globalplatform.wpengine.com/resource-publication/introductionto-trusted-execution-environments/.Google Scholar
- [30] . 2015. fTPM: A Firmware-based TPM 2.0 Implementation.
Technical Report MSR-TR-2015-84. Microsoft Research. Retrieved from https://www.microsoft.com/en-us/research/publication/ftpm-a-firmware-based-tpm-2-0-implementation/.Google Scholar - [31] . 2012. Comparative analysis of SRAM memories used as PUF primitives. In Design, Automation, and Test in Europe Conference (
DATE’12 ). EDA Consortium, San Jose, CA, USA, 1319–1324. Google ScholarDigital Library
- [32] . 2018. eTPM: A trusted cloud platform enclave TPM scheme based on Intel SGX technology. Sensors 18 (
11 2018), 3807.DOI: https://doi.org/10.3390/s18113807Google ScholarCross Ref
- [33] . 2017. On the power of optical contactless probing: Attacking bitstream encryption of FPGAs. In ACM SIGSAC Conference on Computer and Communications Security. 1661–1674. Google Scholar
Digital Library
- [34] . 2014. Secure, remote, dynamic reconfiguration of FPGAs. ACM Trans. Reconfig. Technol. Syst. 7, 4 (2014), 1–19. Google Scholar
Digital Library
- [35] . 2019. SACHa: Self-attestation of configurable hardware. In Design, Automation Test in Europe Conference (DATE). 746–751.
DOI: https://doi.org/10.23919/DATE.2019.8714775Google ScholarCross Ref
- [36] . 2014. Enabling SRAM-PUFs on Xilinx FPGAs. In 24th International Conference on Field Programmable Logic and Applications (FPL’14). 1–4.Google Scholar
Cross Ref
- [37] . 2018. Developing Tamper-resistant Designs with Zynq UltraScale+ Devices.
XAPP1323 (v1.1). https://www.xilinx.com/support/documentation/application_notes/xapp1323-zynq-usp-tamper-resistant-designs.pdf.Google Scholar - [38] . 2019. Accelerating Cryptographic Performance on the Zynq UltraScale+MPSoC.
WP512 (v1.0). https://www.xilinx.com/support/documentation/white_papers/wp512-accelcrypto.pdf.Google Scholar - [39] . 2019. Measured Boot of Zynq UltraScale+ devices.
XAPP1342 (v1.0). https://www.xilinx.com/support/documentation/application_notes/xapp1342-measured-boot.pdf.Google Scholar - [40] . 2020. Solution ZynqMP PL Programming. Retrieved from https://xilinx-wiki.atlassian.net/wiki/spaces/A/pages/18841847/Solution+ZynqMP+PL+Programming.Google Scholar
- [41] . 2018. External Secure Storage Using the PUF.
XAPP1333 (v1.0). https://www.xilinx.com/support/documentation/application_notes/xapp1333-external-storage-puf.pdf.Google Scholar - [42] . 2016. TruSpy: Cache Side-Channel Information Leakage from the Secure World on ARM Devices. Cryptology ePrint Archive, Report 2016/980. Retrieved from
DOI:
https://eprint.iacr.org/2016/980.Google Scholar
- [43] . 2018. FPGA-based remote power side-channel attacks. In IEEE Symposium on Security and Privacy (SP’18). 229–244.
DOI: https://doi.org/10.1109/SP.2018.00049Google Scholar - [44] . 2014. Providing root of trust for ARM TrustZone using on-chip SRAM. In 4th International Workshop on Trustworthy Embedded Devices (TrustED’14). Association for Computing Machinery, New York, NY, 25–36.
DOI: https://doi.org/10.1145/2666141.2666145Google Scholar
Index Terms
Enhancing the Security of FPGA-SoCs via the Usage of ARM TrustZone and a Hybrid-TPM
Recommendations
RusTEE: Developing Memory-Safe ARM TrustZone Applications
ACSAC '20: Annual Computer Security Applications ConferenceIn the past decade, Trusted Execution Environment (TEE) provided by ARM TrustZone is becoming one of the primary techniques for enhancing the security of mobile devices. The isolation enforced by TrustZone can protect the trusted applications running ...
Breaking TrustZone Memory Isolation through Malicious Hardware on a Modern FPGA-SoC
ASHES'19: Proceedings of the 3rd ACM Workshop on Attacks and Solutions in Hardware Security WorkshopFPGA-SoCs are heterogeneous computing systems consisting of reconfigurable hardware and high performance processing units. This combination enables a flexible design methodology for embedded systems. However, the sharing of resources between these ...
Demystifying ARM TrustZone TEE Client API using OP-TEE
SMA 2020: The 9th International Conference on Smart Media and ApplicationsRecently, sensitive information such as financial data and electronic payment systems have been stored in mobile devices. To protect important data, TEE technology has emerged, a trusty and safe execution environment. In particular, ARM TrustZone ...






Comments