System design methodologies for a wireless security processing platform

Security protocols are critical to enabling the growth of a wide range of wireless data services and applications. However, they impose a high computational burden that is mismatched with the modest processing capabilities and battery resources available on wireless clients. Bridging the security processing gap, while retaining sufficient programmability in order to support a wide range of current and future security protocol standards, requires the use of novel system architectures and design methodologies.We present the system-level design methodology used to design a programmable security processor platform for next-generation wireless handsets. The platform architecture is based on (i) a configurable and extensible processor that is customized for efficient domain-specific processing, and (ii) layered software libraries implementing cryptographic algorithms that are optimized to the hardware platform. Our system-level design methodology enables the efficient co design of optimal cryptographic algorithms and an optimized system architecture. It includes novel techniques for algorithmic exploration and tuning, performance characterization and macro-modeling of software libraries, and architecture refinement based on selection of instruction extensions to accelerate performance-critical, computation-intensive operations. We have designed a programmable security processor platform to support both public-key and private key operations using the proposed methodology, and have evaluated its performance through extensive system simulations as well as hardware prototyping. Our experiments demonstrate large performance improvements (e.g., 31.0X for DES, 33.9X for 3DES, 17.4X for AES, and upto 66.4X for RSA) compared to well-optimized software implementations on a state-of-the-art embedded processor.

[1]  Srivaths Ravi,et al.  Optimizing public-key encryption for wireless clients , 2002, 2002 IEEE International Conference on Communications. Conference Proceedings. ICC 2002 (Cat. No.02CH37333).

[2]  Wilm E. Donath,et al.  Hardware implementation , 1968, AFIPS '68 (Fall, part II).

[3]  Diptikalyan Saha,et al.  Securing electronic commerce: reducing the SSL overhead , 2000 .

[4]  A. Raghunathan,et al.  Battery-driven system design: a new frontier in low power design , 2002, Proceedings of ASP-DAC/VLSI Design 2002. 7th Asia and South Pacific Design Automation Conference and 15h International Conference on VLSI Design.

[5]  Wolfgang Fichtner,et al.  VINCI: VLSI implementation of the new secret-key block cipher IDEA , 1993, Proceedings of IEEE Custom Integrated Circuits Conference - CICC '93.

[6]  Arthur P. Goldberg,et al.  Secure Web Server Performance Dramatically Improved by Caching SSL Session Keys , 1998 .

[7]  Jonathan M. Smith,et al.  Exploiting Parallelism in Hardware Implementations of the DES , 1991, CRYPTO.

[8]  Lynn Andrea Stein,et al.  The world wide web security faq , 2002 .

[9]  T. Austin,et al.  Architectural support for fast symmetric-key cryptography , 2000, ASPLOS IX.

[10]  Mitsuru Matsui,et al.  Hardware Evaluation of the AES Finalists , 2000, AES Candidate Conference.

[11]  Ruby B. Lee,et al.  Bit permutation instructions for accelerating software cryptography , 2000, Proceedings IEEE International Conference on Application-Specific Systems, Architectures, and Processors.

[12]  Bruce Schneier,et al.  Applied cryptography (2nd ed.): protocols, algorithms, and source code in C , 1995 .

[13]  Kaya Ko,et al.  RSA Hardware Implementation , 1995 .

[14]  Calvin L. Williams,et al.  Modern Applied Statistics with S-Plus , 1997 .

[15]  William N. Venables,et al.  Modern Applied Statistics with S-Plus. , 1996 .

[16]  Michael Rosing,et al.  Implementing elliptic curve cryptography , 1998 .

[17]  Bruce Schneier,et al.  Applied cryptography : protocols, algorithms, and source codein C , 1996 .

[18]  Sandra Kay Miller Facing the Challenge of Wireless Security , 2001, Computer.

[19]  William Stallings,et al.  Cryptography and Network Security: Principles and Practice , 1998 .

[20]  Ganesh Lakshminarayana,et al.  Algorithm Exploration for Efficient Public-Key Security Processing on Wireless Handsets , 2002 .

[21]  Bernard P. Zajac Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[22]  Dan Boneh,et al.  Experimenting with Electronic Commerce on the PalmPilot , 1999, Financial Cryptography.