Projects:2019s1-165 Implementation of Cryptography on RISC-V processors

From Projects
Revision as of 01:50, 10 April 2019 by A1668977 (talk | contribs) (Created page with "Category:Projects Category:Final Year Projects 165 Abstract here == Introduction == This project will be centred around extending the RISC-V proces...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Abstract here

Introduction

This project will be centred around extending the RISC-V processor design (ISA) to allow for security applications to run on it more effectively (Cryptography). The extensions made will be focused around adding new instructions to the processor. The means measuring effectiveness will be in both speed and security. It should be noted that although this project is aimed around the functionality of hardware, it will be completely simulated in software. Models and results will be derived from such simulations. Using simulations in this project rather then building physical hardware allows rapid prototyping and development.

Project team

Project students

  • Matthew Theiley
  • Vu (Kelly) Hoang

Supervisors

  • Dr. Matthew Sorell
  • Dr. Yuval Yarom

Advisors

Objectives

  • Add Custom Instructions to RISC V ISA.
  • Add Custom Tooling to Allow for Compiling C/C++ Into New Instructions.
  • Compare Speed and Security of New ISA Extension with Standard RISC V ISA

Background

RISC V

What is an ISA

RISC V is an ISA (Instruction Set Architecture). An ISA is a design for a computer. It covers what the computer does and how it does it, but only on a functional level. This means that exact circuitry and hardware are not specified. The ISA typically includes details such as the instructions that can be run on the computer, the memory structure of the computer and how the computer handles undefined or error behaviour (exceptions) along with external interfaces (Interrupts). When an ISA is simulated in software, that simulation is called an ISS (Instruction Set Simulation). Computers like those derived from the RISC V ISA are not just used for personal computers, but also are extensively used in embedded applications like phones, house appliances and cars. ISSs are used to test and simulate the computer design on a function level before the hardware is actually created. Verilog can then be used to create a more hardware accurate model once the functional model is created, but this is outside the scope of this project.

RISC V & RISC V Foundation

RISC V is a relatively new ISA with the RISC V foundation only being founded in 2015 and RISC V being developed around 2011. The RISC V foundation exists to aid development of RISC V and provides free and open access to the RISC V ISA along with free tooling such as testing suites and their own simulators. They also provide a GNU compiler to compile C and C++ code. RISC V is constantly undergoing change and evolving. It was originally created for the intended purpose of being an educational tool to teach and aid in research of ISA design. However, during its development, it became a not only relevant in academia but also in industry. The RISC V ISA is defined in the RISC V Instruction Set Manual, User-Level ISA and Privileged Architecture documents.

RISC V Instruction Set

Its design is intentionally left simplistic with less than 50 instructions when using the base instruction set with no extensions. In this sense it its ISA and specification documents are quite small compared to other ISAs like power PC and ARM. A great deal of effort is made to keep its design simple, easy to comprehend and avoid redundancy. RISC V is also designed to be extendable with many extensions currently existing and many more currently in development.

Cryptography

Basic Definition

Cryptography is the art of obscuring information from direct view to keep the information secret. The obscuring of the information is called encryption. Reversing this process so that the information is able to be seen again is called decryption. There are many ways in which information can be obscured from view. When encrypting code, a number called a key is used to alter the data pertaining to a specific algorithm. A key, (potentially the same key depending on the algorithm) is then used to undo the process and decrypt the code when the data is sent to the other party. When the same key is used it’s called a symmetric key algorithm. When a different key is used for encryption and decryption it’s called an asymmetric key algorithm. It is possible to have algorithms which use a combination of both symmetric key and asymmetric keys.

Project Specific Algorithms

AES

AES uses several rounds of encryption to obscure data. Each round uses a key which is derived from an initial key. The data is broken up into manageable chunks. Each round the data chunks are operated on using a combination of XORing, Substitution, Cycling and modular operations. Substitution is performed by swapping out elements within the data and replacing them according to a set table of values. Cycling occurs by shifting data and wrapping overflowing data back to the beginning of the data chunk. Modular operations are operations like addition or multiplication which wrap around when a certain value is reached. Time is a good example of modular arithmetic as it wraps around when it reaches a certain value. The keys in AES are kept private and are symmetric.

RSA

RSA uses modular exponentiation in order encrypt and decrypt data. A public key is used for the encryption and contains components required for the modular exponentiation used in encryption. A private key holds the information required to decrypt the data using an inverse modular exponentiation method. Even though it is possible to calculate the private key using the public key by finding the inverse calculation for the exponentiation it is extremely difficult. This is what makes it suitable for a means of obscuring data. Since RSA uses two different keys it is an asymmetric algorithm.

PGP

PGP uses both a symmetric key pair (session key) and an asymmetric key pair to be able to encrypt and decrypt data. When using PGP, a random session key is created to encrypt the data. This session key is then also encrypted, but using a public key instead. The encrypted data and session key are sent. The receiver uses their private key to decrypt the session key. The session key then is used to decrypt the message. Theoretically any combination of symmetric key and asymmetric key algorithms could potentially be used in this setup. For simplicity this project AES will be used for the symmetric key algorithm and RSA will be used for the asymmetric key algorithm.

Weaknesses and Flaws

For all methods of cryptography there are weaknesses and exploits that can be used to access the hidden data. No known system is known to perfect or immune to this, although some of them have algorithms which should theoretically take a very long time to break into. Not all exploits target the algorithm to find a fault, but many target the system running the algorithm in what is known as side channel attacks. Side channel attacks use properties of the system to deduce information about the algorithms being performed within. By monitoring these system properties like power usage, timing and memory it is possible to get access to the keys used for encryption and decryption.


Method

Results

Conclusion

References

[1] M. Calderbank, "The RSA Cryptosystem: History, Algorithm, Primes", Math.uchicago.edu, 2007. [Online]. Available: http://www.math.uchicago.edu/~may/VIGRE/VIGRE2007/REUPapers/FINALAPP/Calderbank.pdf. [Accessed: 09- Mar- 2019].

[2] "Announcing the ADVANCED ENCRYPTION STANDARD (AES).", Nvlpubs.nist.gov, 2001. [Online]. Available: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf. [Accessed: 11- Mar- 2019].

[3] "ARM Architecture Reference Manual", Static.docs.arm.com, 2018. [Online]. Available: https://static.docs.arm.com/ddi0487/da/DDI0487D_a_armv8_arm.pdf?_ga=2.120333960.1489961675.1551855755-943608715.1551855755. [Accessed: 13- Mar- 2019].

[4] A. Waterman, K. Asanovi´ and S. Inc, "The RISC-V Instruction Set Manual, Volume I: User-Level ISA", Content.riscv.org, 2018. [Online]. Available: https://content.riscv.org/wp-content/uploads/2017/05/riscv-spec-v2.2.pdf. [Accessed: 14- Mar- 2019].

[5] A. Waterman, K. Asanovi´ and S. Inc, "The RISC-V Instruction Set Manual, Volume II: Privileged Architecture", Content.riscv.org, 2018. [Online]. Available: https://content.riscv.org/wp-content/uploads/2017/05/riscv-privileged-v1.10.pdf. [Accessed: 16- Mar- 2019].

[6] Freescale, "EREF: A Programmer’s Reference Manual for Freescale Power Architecture Processors", Nxp.com, 2014. [Online]. Available: https://www.nxp.com/files-static/32bit/doc/ref_manual/EREF_RM.pdf. [Accessed: 17- Mar- 2019].

[7] Y. Yarom and K. Falkner, "FLUSH+RELOAD: a High Resolution, Low Noise, L3 Cache Side-Channel Attack", Eprint.iacr.org, 2013. [Online]. Available: https://eprint.iacr.org/2013/448.pdf. [Accessed: 20- Mar- 2019].

[8] P. Kocher, J. Jaffe and B. Jun, "Differential Power Analysis", cryptography.com, 2015. [Online]. Available: https://42xtjqm0qj0382ac91ye9exr-wpengine.netdna-ssl.com/wp-content/uploads/2015/08/DPA.pdf. [Accessed: 20- Mar- 2019].

[9] P. Kocher, "Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems", cryptography.com, 2015. [Online]. Available: https://42xtjqm0qj0382ac91ye9exr-wpengine.netdna-ssl.com/wp-content/uploads/2015/08/TimingAttacks.pdf. [Accessed: 21- Mar- 2019].

[10] W. Diffie and M. Hellman, "New Directions in Cryptography", Citeseerx.ist.psu.edu. [Online]. Available: https://citeseerx.ist.psu.edu/viewdoc/download;jsessionid=E0A657EE1ECCBFBBF62FE142E4A63391?doi=10.1.1.37.9720&rep=rep1&type=pdf&fbclid=IwAR22y5GtnYvaJ7Pdcex0yOr2oIRaxyF9LkkBgGFDiSCJWz7oK_nEqro-lfU. [Accessed: 25- Mar- 2019].

[11] J. Callas, L. Donnerhacke, H. Finney, D. Shaw and R. Thayer, "Open PGP Message Format", Ietf.org, 2007. [Online]. Available: https://www.ietf.org/rfc/rfc4880.txt?fbclid=IwAR2Z1Sanzjiwk-KfH4hTLrvqPZZiNdzBfKrS6Z50TkvA0GU4kqGvjMJtxO0. [Accessed: 28- Mar- 2019].

Retrieved from "https://projectswiki.eleceng.adelaide.edu.au/projects/index.php?title=Projects:2019s1-165_Implementation_of_Cryptography_on_RISC-V_processors&oldid=12415"