Abstract
Instruction Set Extensions (ISEs) supplement a host processor with special-purpose, typically fixed-function hardware components and instructions to utilize them. For cryptographic use-cases, this can be very effective due to the demand for non-standard or niche operations that are not supported by general-purpose architectures. However, one disadvantage of fixed-function ISEs is inflexibility, contradicting a need for “algorithm agility.” This paper explores a new approach, namely the provision of re-configurable mechanisms to support dynamic (run-time changeable) ISEs. Our results, obtained using an FPGA-based LEON3 prototype, show that this approach provides a flexible general-purpose platform for cryptographic ISEs with all known advantages of previous work, but relies on careful analysis of the associated security issues.
Chapter PDF
Similar content being viewed by others
References
Amano, H.: A survey on dynamically reconfigurable processors. IEICE Tran. Comm. E89-B(12), 3179–3187 (2006)
Banakar, R., Steinke, S., Lee, B.-S., Balakrishnan, M., Marwedel, P.: Scratchpad memory: design alternative for cache on-chip memory in embedded systems. In: CODES, pp. 73–78 (2002)
Canivet, G., Maistri, P., Leveugle, R., Clédière, J., Valette, F., Renaudin, M.: Glitch and laser fault attacks onto a secure AES implementation on a SRAM-based FPGA. J. Cryptology 24(2), 247–268 (2011)
Koç, Ç.K., Acar, T., Kaliski, B.S.: Analyzing and comparing Montgomery multiplication algorithms. IEEE Micro 16(3), 26–33 (1996)
Chan, H., Schaumont, P., Verbauwhede, I.: Process isolation for reconfigurable hardware. In: ERSA, pp. 164–170 (2006)
Dales, M.W.: Managing a reconfigurable processor in a general purpose workstation environment. PhD thesis, University of Glasgow (2003)
Desmedt, Y.G., Quisquater, J.-J.: Public-key systems based on the difficulty of tampering. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 111–117. Springer, Heidelberg (1987)
Flynn, M.J., McLaren, M.D.: Microprogramming revisited. In: Proc. of the 22nd ACM National Conference, pp. 457–464 (1967)
Gonzalez, I., Gómez-Arribas, F.: Ciphering algorithms in MicroBlaze-based embedded systems. Computers and Digital Techniques 153(2), 87–92 (2006)
Grabher, P., Großschädl, J., Page, D.: Light-weight instruction set extensions for bit-sliced cryptography. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 331–345. Springer, Heidelberg (2008)
Großschädl, J., Tillich, S., Szekely, A.: Performance evaluation of instruction set extensions for long integer modular arithmetic on a SPARC V8 processor. In: DSD, pp. 680–689 (2007)
Hadžić, I., Udani, S., Smith, J.M.: FPGA viruses. In: Lysaght, P., Irvine, J., Hartenstein, R.W. (eds.) FPL 1999. LNCS, vol. 1673, pp. 291–300. Springer, Heidelberg (1999)
Hines, S.R., Green, J., Tyson, G., Whalley, D.: Improving program efficiency by packing instructions into registers. In: ISCA, pp. 260–271 (2005)
Hodjat, A., Verbauwhede, I.: Interfacing a high speed crypto accelerator to an embedded CPU. In: Asilomar Conference on Signals, Systems, and Computers, vol. 1, pp. 488–492 (2004)
Hoerder, S., Wójcik, M., Tillich, S., Page, D.: An evaluation of hash functions on a power analysis resistant processor architecture. In: Ardagna, C. (ed.) WISTP 2011. LNCS, vol. 6633, pp. 160–174. Springer, Heidelberg (2011)
Huffmire, T., Irvine, C., Nguyen, T.D., Levin, T., Kastner, R., Sherwood, T.: Handbook of FPGA Design Security. Springer, Heidelberg (2010)
Juliato, M., Gebotys, C.: Tailoring a reconfigurable platform to SHA-256 and HMAC through custom instructions and peripherals. In: ReConFig, pp. 195–200 (2009)
Kastner, R., Levin, T., Nguyen, T., Irvine, C., Brotherton, B., Wang, G., Sherwood, T., Huffmire, T.: Moats and drawbridges: An isolation primitive for reconfigurable hardware based systems. In: IEEE Security and Privacy, pp. 281–295 (2007)
Kluter, T., Brisk, P., Ienne, P., Charbon, E.: Way stealing: cache-assisted automatic instruction set extensions. In: DAC, pp. 31–36 (2009)
Kocher, P.C., Lee, R.B., McGraw, G., Raghunathan, A.: Security as a new dimension in embedded system design. In: DAC, pp. 753–760 (2004)
Lysecky, R., Stitt, G., Vahid, F.: Warp processors. TODAES 11(3), 659–681 (2006)
Malik, N., Eickemeyer, R.J., Vassiliadis, S.: Interlock collapsing ALU for increased instruction-level parallelism. SIGMICRO Newsletter 23(1-2), 149–157 (1992)
Miller, J.E., Agarwal, A.: Software-based instruction caching for embedded processors. In: ASPLOS, pp. 293–302 (2006)
Moore, C.R., Balser, D.M., Muhich, J.S., East, R.E.: IBM single chip RISC processor (RSC). In: ICCD, pp. 200–204 (1991)
Pothineni, N., Brisk, P., Ienne, P., Kumar, A., Paul, K.: A high-level synthesis flow for custom instruction set extensions for application-specific processors. In: ASP-DAC, pp. 707–712 (2010)
Ravi, S., Raghunathan, A., Kocher, P.C., Hattangady, S.: Security in embedded systems: Design challenges. TECS 3(3), 461–491 (2004)
Schaumont, P., Sakiyama, K., Hodjat, A., Verbauwhede, I.: Embedded software integration for coarse-grain reconfigurable systems. In: IPDPS, pp. 137–142 (2004)
Segars, S.: Low power design techniques for microprocessors (tutorial session). In: ISSCC (2001)
Taylor, R.R., Goldstein, S.C.: A high-performance flexible architecture for cryptography. In: Koç, Ç.K., Paar, C. (eds.) CHES 1999. LNCS, vol. 1717, pp. 231–245. Springer, Heidelberg (1999)
Tillich, S., Großschädl, J.: A simple architectural enhancement for fast and flexible elliptic curve cryptography over binary finite fields GF(2m). In: Yew, P.-C., Xue, J. (eds.) ACSAC 2004. LNCS, vol. 3189, pp. 282–295. Springer, Heidelberg (2004)
Tillich, S., Großschädl, J.: Instruction set extensions for efficient AES implementation on 32-bit processors. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 270–284. Springer, Heidelberg (2006)
Tucker, A.B., Flynn, M.J.: Dynamic microprogramming: processor organization and programming. CACM 14(4), 240–250 (1971)
Vejda, T., Page, D., Großschädl, J.: Instruction set extensions for pairing-based cryptography. In: Takagi, T., Okamoto, T., Okamoto, E., Okamoto, T. (eds.) Pairing 2007. LNCS, vol. 4575, pp. 208–224. Springer, Heidelberg (2007)
VeriSign.: An evaluation of new processor instructions for accelerating selected cryptographic algorithms (2010)
Wang, Z., Lee, R.B.: Covert and side channels due to processor architecture. In: ACSAC, pp. 473–482 (2006)
Wollinger, T., Paar, C.: How secure are FPGAs in cryptographic applications? In FPL. In: Y. K. Cheung, P., Constantinides, G.A. (eds.) FPL 2003. LNCS, vol. 2778, pp. 91–100. Springer, Heidelberg (2003)
Wu, L., Weaver, C., Austin, T.: CryptoManiac: a fast flexible architecture for secure communication. In: ISCA, pp. 110–119 (2001)
Xilinx. Partial reconfiguration user guide (UG702) v12.1 (2010), http://www.xilinx.com/support/documentation/sw_manuals/xilinx12_1/ug702.pdf
Yang, B., Wu, K., Karri, R.: Scan based side channel attack on dedicated hardware implementations of data encryption standard. In: ITC, pp. 339–344 (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 International Association for Cryptologic Research
About this paper
Cite this paper
Grabher, P. et al. (2011). An Exploration of Mechanisms for Dynamic Cryptographic Instruction Set Extension. In: Preneel, B., Takagi, T. (eds) Cryptographic Hardware and Embedded Systems – CHES 2011. CHES 2011. Lecture Notes in Computer Science, vol 6917. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-23951-9_1
Download citation
DOI: https://doi.org/10.1007/978-3-642-23951-9_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-23950-2
Online ISBN: 978-3-642-23951-9
eBook Packages: Computer ScienceComputer Science (R0)