Skip to main content
SpringerLink
Log in
Book cover

International Conference on Trusted Computing

Trust 2008: Trusted Computing - Challenges and Applications pp 60–74Cite as

Embedded Trusted Computing with Authenticated Non-volatile Memory

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4968))

Abstract

Trusted computing is an emerging technology to improve the trustworthiness of computing platforms. The Trusted Computing Group has proposed specifications for a Trusted Platform Module and a Mobile Trusted Module. One of the key problems when integrating these trusted modules into an embedded system-on-chip design, is the lack of on-chip multiple-time-programmable non-volatile memory. In this paper, we describe a solution to protect the trusted module’s persistent state in external memory against non-invasive attacks. We introduce a minimal cryptographic protocol to achieve an authenticated channel between the trusted module and the external non-volatile memory. A MAC algorithm has to be added to the external memory to ensure authenticity. As a case study, we discuss trusted computing on reconfigurable hardware. In order to make our solution applicable to the low-end FPGA series which has no security measures on board, we present a solution that only relies on the reverse engineering complexity of the undocumented bitstream encoding and uses a physically unclonable function for one-time-programmable key storage. Clearly, this solution is also applicable to high-end series with special security measures on board. Our solution also supports field updates of the trusted module.

The work described in this document has been partly financially supported by the IAP Programme P6/26 BCRYPT of the Belgian State (Belgian Science Policy), by the IBBT (Interdisciplinary institute for BroadBand Technology) of the Flemish Government, by the FWO project BBC G.0300.07, and in part by the European Commission through the IST Programme under Contract IST-027635 OPEN_TC.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   69.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ekberg, J.E., Kylänpää, M.: Mobile Trusted Module (MTM) - an introduction (November 2007), http://research.nokia.com/files/NRCTR2007015.pdf

  2. Dietrich, K.: An Integrated Architecture for Trusted Computing for Java enabled Embedded Devices. In: 2nd ACM workshop on Scalable Trusted Computing – STC 2007, pp. 2–6. ACM, New York (2007)

    Chapter  Google Scholar 

  3. Wilson, P., Frey, A., Mihm, T., Kershaw, D., Alves, T.: Implementing Embedded Security on Dual-Virtual-CPU Systems. IEEE Design and Test of Computers 24(6), 582–591 (2007)

    Article  Google Scholar 

  4. Khan, M.H., Seifert, J.P., Wheeler, D.M., Brizek, J.P.: A Platform-level Trust-Architecture for Hand-held Devices. In: ECRYPT Workshop, CRASH – CRyptographic Advances in Secure Hardware, Leuven, Belgium, p. 16 (2005)

    Google Scholar 

  5. Berger, S., Cáceres, R., Goldman, K.A., Perez, R., Sailer, R., van Doorn, L.: vTPM: Virtualizing the Trusted Platform Module. In: Proceedings of the 15th USENIX Security Symposium, Berkeley, CA, USA, p. 21. USENIX Association (2006)

    Google Scholar 

  6. Zhang, X., Acıiçmez, O., Seifert, J.P.: A Trusted Mobile Phone Reference Architecture via Secure Kernel. In: 2nd ACM workshop on Scalable Trusted Computing – STC 2007, pp. 7–14. ACM, New York (2007)

    Chapter  Google Scholar 

  7. Kasper, M.: Virtualisation of a SIM-Card using Trusted Computing. Master’s thesis, Private Fernfachhochschule Darmstadt (2007)

    Google Scholar 

  8. Kursawe, K., Schellekens, D., Preneel, B.: Analyzing trusted platform communication. In: ECRYPT Workshop, CRASH – CRyptographic Advances in Secure Hardware, Leuven, Belgium, p. 8 (2005)

    Google Scholar 

  9. De Vries, A., Ma, Y.: A logical approach to NVM integration in SOC design. EDN Magazine (2) (January 2007), http://www.impinj.com/pdf/EDN_NVMinSoC.pdf

  10. Eisenbarth, T., Güneysu, T., Paar, C., Sadeghi, A.R., Schellekens, D., Wolf, M.: Reconfigurable Trusted Computing in Hardware. In: 2nd ACM workshop on Scalable Trusted Computing – STC 2007, pp. 15–20. ACM, New York (2007)

    Chapter  Google Scholar 

  11. Sadeghi, A.R., Selhorst, M., Stüble, C., Wachsmann, C., Winandy, M.: TCG inside? A Note on TPM Specification Compliance. In: 1st ACM workshop on Scalable Trusted Computing – STC 2006, pp. 47–56. ACM, New York (2006)

    Chapter  Google Scholar 

  12. Alves, T., Rudelic, J.: ARM Security Solutions and Intel Authenticated Flash (2007), http://www.arm.com/pdfs/Intel_ARM_Security_WhitePaper.pdf

  13. Guajardo, J., Kumar, S.S., Schrijen, G.J., Tuyls, P.: FPGA Intrinsic PUFs and Their Use for IP Protection. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 63–80. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  14. Drimer, S.: Volatile FPGA design security – a survey (December 2007), http://www.cl.cam.ac.uk/~sd410/papers/fpga_security.pdf

  15. Baetoniu, C., Sheth, S.: FPGA IFF Copy Protection Using Dallas Semiconductor/Maxim DS2432 Secure EEPROMs (August 2005), http://www.xilinx.com/support/documentation/application_notes/xapp780.pdf

  16. Gassend, B., Clarke, D.E., van Dijk, M., Devadas, S.: Silicon Physical Unknown Functions. In: Atluri, V. (ed.) ACM Conference on Computer and Communications Security – CCS 2002, pp. 148–160. ACM, New York (2002)

    Chapter  Google Scholar 

  17. Linnartz, J.P.M.G., Tuyls, P.: New Shielding Functions to Enhance Privacy and Prevent Misuse of Biometric Templates. In: Kittler, J., Nixon, M.S. (eds.) AVBPA 2003. LNCS, vol. 2688, pp. 393–402. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  18. Dodis, Y., Reyzin, L., Smith, A.: Fuzzy Extractors: How to Generate Strong Keys from Biometrics and Other Noisy Data. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 523–540. Springer, Heidelberg (2004)

    Google Scholar 

  19. Suh, G.E., Clarke, D.E., Gassend, B., van Dijk, M., Devadas, S.: Efficient Memory Integrity Verification and Encryption for Secure Processors. In: 36th Annual International Symposium on Microarchitecture, pp. 339–350. ACM/IEEE (2003)

    Google Scholar 

  20. Handschuh, H., Trichina, E.: Securing Flash Technology. In: Breveglieri, L., Gueron, S., Koren, I., Naccache, D., Seifert, J.P. (eds.) 4th International Workshop on Fault Diagnosis and Tolerance in Cryptography – FDTC 2007, pp. 3–17. IEEE Computer Society, Los Alamitos (2007)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. ESAT-SCD/COSIC, Katholieke Universiteit Leuven, Belgium

    Dries Schellekens, Pim Tuyls & Bart Preneel

  2. Philips Research Laboratories, Eindhoven, The Netherlands

    Pim Tuyls

Authors
  1. Dries Schellekens
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Pim Tuyls
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bart Preneel
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Peter Lipp Ahmad-Reza Sadeghi Klaus-Michael Koch

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Schellekens, D., Tuyls, P., Preneel, B. (2008). Embedded Trusted Computing with Authenticated Non-volatile Memory. In: Lipp, P., Sadeghi, AR., Koch, KM. (eds) Trusted Computing - Challenges and Applications. Trust 2008. Lecture Notes in Computer Science, vol 4968. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-68979-9_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-68979-9_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-68978-2

  • Online ISBN: 978-3-540-68979-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation