Energy and Execution Time Analysis of a Software-based Trusted Platform Module

2007 Design, Automation & Test in Europe Conference & Exhibition Pub Date : 2007-04-16 DOI:10.1145/1266366.1266610

N. Aaraj, A. Raghunathan, S. Ravi, N. Jha

{"title":"Energy and Execution Time Analysis of a Software-based Trusted Platform Module","authors":"N. Aaraj, A. Raghunathan, S. Ravi, N. Jha","doi":"10.1145/1266366.1266610","DOIUrl":null,"url":null,"abstract":"Trusted platforms have been proposed as a promising approach to enhance the security of general-purpose computing systems. However, for many resource-constrained embedded systems, the size and cost overheads of a separate trusted platform module (TPM) chip are not acceptable. One alternative is to use a software-based TPM (SW-TPM), which implements TPM functions using software that executes in a protected execution domain on the embedded processor itself. However, since many embedded systems have limited processing capabilities and are battery-powered, it is also important to ensure that the computational and energy requirements for SW-TPMs are acceptable. In this work, an evaluation of the energy and execution time overheads for a SW-TPM implementation on a Sharp Zaurus PDA was performed. The execution time and energy required by each TPM command was characterized through actual measurements on the target platform. In addition, the overheads of using SW-TPM in the context of various end applications, including trusted boot of the Linux operating system (OS), secure file storage, secure VoIP client, and secure Web browser was also evaluated. Furthermore, it was observed that for most TPM commands, the overheads are primarily due to the use of 2048-bit RSA operations that are performed within SW-TPM. In order to alleviate SW-TPM overheads, the use of elliptic curve cryptography (ECC) as a replacement for the RSA algorithm specified in the trusted computing group (TCG) standards was evaluated. Experiments indicate that this optimization can significantly reduce SW-TPM overheads (an average of 6.51times execution time reduction and 6.75times energy consumption reduction for individual TPM commands, and an average of 10.25times execution time reduction and 10.75times energy consumption reduction for applications). This work demonstrates that ECC-based SW-TPMs are a viable approach to realizing the benefits of trusted computing in resource-constrained embedded systems","PeriodicalId":298961,"journal":{"name":"2007 Design, Automation & Test in Europe Conference & Exhibition","volume":"39 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-04-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"28","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 Design, Automation & Test in Europe Conference & Exhibition","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1266366.1266610","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 28

Abstract

Trusted platforms have been proposed as a promising approach to enhance the security of general-purpose computing systems. However, for many resource-constrained embedded systems, the size and cost overheads of a separate trusted platform module (TPM) chip are not acceptable. One alternative is to use a software-based TPM (SW-TPM), which implements TPM functions using software that executes in a protected execution domain on the embedded processor itself. However, since many embedded systems have limited processing capabilities and are battery-powered, it is also important to ensure that the computational and energy requirements for SW-TPMs are acceptable. In this work, an evaluation of the energy and execution time overheads for a SW-TPM implementation on a Sharp Zaurus PDA was performed. The execution time and energy required by each TPM command was characterized through actual measurements on the target platform. In addition, the overheads of using SW-TPM in the context of various end applications, including trusted boot of the Linux operating system (OS), secure file storage, secure VoIP client, and secure Web browser was also evaluated. Furthermore, it was observed that for most TPM commands, the overheads are primarily due to the use of 2048-bit RSA operations that are performed within SW-TPM. In order to alleviate SW-TPM overheads, the use of elliptic curve cryptography (ECC) as a replacement for the RSA algorithm specified in the trusted computing group (TCG) standards was evaluated. Experiments indicate that this optimization can significantly reduce SW-TPM overheads (an average of 6.51times execution time reduction and 6.75times energy consumption reduction for individual TPM commands, and an average of 10.25times execution time reduction and 10.75times energy consumption reduction for applications). This work demonstrates that ECC-based SW-TPMs are a viable approach to realizing the benefits of trusted computing in resource-constrained embedded systems

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

基于软件的可信平台模块的能量和执行时间分析

可信平台被认为是提高通用计算系统安全性的一种很有前途的方法。然而，对于许多资源受限的嵌入式系统，单独的可信平台模块(TPM)芯片的大小和成本开销是不可接受的。一种替代方法是使用基于软件的TPM (SW-TPM)，它使用在嵌入式处理器本身的受保护执行域中执行的软件来实现TPM功能。然而，由于许多嵌入式系统的处理能力有限，并且由电池供电，因此确保sw - tpm的计算和能量需求是可接受的也很重要。在这项工作中，对Sharp Zaurus PDA上SW-TPM实现的能量和执行时间开销进行了评估。每个TPM命令所需的执行时间和能量通过目标平台上的实际测量来表征。此外，还评估了在各种终端应用程序上下文中使用SW-TPM的开销，包括Linux操作系统(OS)的可信引导、安全文件存储、安全VoIP客户机和安全Web浏览器。此外，可以观察到，对于大多数TPM命令，开销主要是由于使用了在SW-TPM中执行的2048位RSA操作。为了减轻SW-TPM开销，评估了使用椭圆曲线加密(ECC)作为可信计算组(TCG)标准中指定的RSA算法的替代品。实验表明，这种优化可以显著降低SW-TPM开销(单个TPM命令平均减少6.51倍的执行时间和6.75倍的能耗，应用程序平均减少10.25倍的执行时间和10.75倍的能耗)。这项工作表明，基于ecc的sw - tpm是在资源受限的嵌入式系统中实现可信计算优势的可行方法

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2007 Design, Automation & Test in Europe Conference & Exhibition

自引率

0.00%

发文量