Trusted platforms have been proposed as a promising approach to enhance the security of general-purpose computing systems. However, for many resource-constrained embedded systems, the size and cost overheads of a separate Trusted Platform Module (TPM) chip are not acceptable. One alternative is to use a software-based TPM, which implements TPM functions using software that executes in a protected execution domain on the embedded processor itself. However, since many embedded systems have limited processing capabilities and are battery-powered, it is also important to ensure that the computational and energy requirements for SW-TPMs are acceptable. In this article, we perform an evaluation of the energy and execution time overheads for a SW-TPM implementation on a handheld appliance (Sharp Zaurus PDA). We characterize the execution time and energy required by each TPM command through actual measurements on the target platform. We observe that for most commands, overheads are primarily due to the use of 2,048-bit RSA operations that are performed within the SW-TPM. In order to alleviate SW-TPM overheads, we evaluate the use of Elliptic Curve Cryptography (ECC) as a replacement for the RSA algorithm specified in the Trusted Computing Group (TCG) standards. In addition, we also evaluate the overheads of using the SW-TPM in the context of various end applications, including trusted boot of the Linux operating system (OS), a secure VoIP client, and a secure Web browser. Furthermore, we analyze the computational workload involved in running SW-TPM commands using ECC. We then present a suite of hardware and software enhancements to accelerate these commands—generic custom instructions and exploitation of parallel processing capabilities in multiprocessor systems-on-chip (SoCs). We report results of evaluating the proposed architectures on a commercial embedded processor (Xtensa from Tensilica). Through uniprocessor and multiprocessor optimizations, we could achieve speed-ups of up to 5.71X for individual TPM commands.
Data privacy concerns are increasing significantly in the context of Internet of Things, cloud services, edge computing, artificial intelligence applications, and other applications enabled by next generation networks. Homomorphic Encryption addresses privacy challenges by enabling multiple operations to be performed on encrypted messages without decryption. This paper comprehensively addresses homomorphic encryption from both theoretical and practical perspectives. The paper delves into the mathematical foundations required to understand fully homomorphic encryption (FHE). It consequently covers design fundamentals and security properties of FHE, and describes the main FHE schemes based on various mathematical problems. On a more practical level, the paper presents a view on privacypreserving Machine Learning using homomorphic encryption, then surveys FHE at length from an engineering angle, covering the potential application of FHE in fog computing, and cloud computing services. It also provides a comprehensive analysis of existing state-of-the-art FHE libraries and tools, implemented in software and hardware, and the performance thereof.
Motivation Malware defense is a primary concern in information security Steady increase in the prevalence and diversity of malware Escalating financial, time, and productivity losses Minor enhancements to current approaches are unlikely to succeed Increasing sophistication in techniques used by virus writers Emergence of zero-day and zero-hour attacks Recent advances in virtualization allows the implementation of isolated environmentsPrinceton University DIMVA 08 presentation Motivation (Contd.)
Biometrics represent a promising approach for reliable and secure user authentication. However, they have not yet been widely adopted in embedded systems, particularly in resource-constrained devices such as cell phones and personal digital assistants (PDAs). In this paper, we investigate the challenges involved in using face-based biometrics for authenticating a user to an embedded system. To enable high authentication accuracy, we consider robust face verifiers based on principal component analysis/linear discriminant analysis (PCA-LDA) algorithms and Bayesian classifiers, and their combined use (multi-modal biometrics). Since embedded systems are severely constrained in their processing capabilities, algorithms that provide sufficient accuracy tend to be computationally expensive, leading to unacceptable authentication times. On the other hand, achieving acceptable performance often comes at the cost of degradation in the quality of results.Our work aims at developing embedded processing architectures that improve face verification speed with minimal hardware requirements, and without any compromise in verification accuracy. We analyze the computational characteristics of face verifiers when running on an embedded processor, and systematically identify opportunities for accelerating their execution. We then present a range of targeted hardware and software enhancements that include the use of fixed-point arithmetic, various code optimizations, application-specific custom instructions and co-processors, and parallel processing capabilities in multi-processor systems-on-chip (SoCs).We evaluated the proposed architectures in the context of open-source face verification algorithms running on a commercial embedded processor (xt ens a from Tensilica). Our work shows that fast, in-system verification is possible even in the context of many resource-constrained embedded systems. We also demonstrate that high authentication accuracy can be achieved with minimum hardware overheads, while requiring no modifications to the core face verification algorithms.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.