{"title":"低延迟 DAE:用于物联网实时 NVM 保护的可配置轻量级混合数据和地址加密引擎","authors":"Xuewen He;Li Du;Yuan Du","doi":"10.1109/JIOT.2024.3500781","DOIUrl":null,"url":null,"abstract":"In Internet of Things (IoT) real-time systems and edge computing applications, memory encryption engines (MEEs) are used for real-time memory encryption to protect program code and sensitive data in nonvolatile memories (NVMs) and mitigate some side-channel attacks. However, for resource-constrained devices, it is a considerable challenge to realize a lightweight solution with low-hardware overhead, high security, and flexible bit-width. This article presents a lightweight full-MEE, called data&address encryption (DAE), which employs hybrid data and address encryption to protect NVMs on-the-fly with low-logic latency, flexible width adaptation, and enhanced security in some aspects. The security analyses show that DAE performs effective mitigation in some side-channel attacks, such as Remanence attack, and provides better security than data-only ciphers in resisting the brute-force attack, etc. Evaluated with TSMC’s 40-nm standard CMOS technology, 128-bit DAE has a lightweight feature of 8.703 KGates, which is only 5.46% of 128-bit advanced encryption standard (AES-128), and performs a <inline-formula> <tex-math>$5.8\\times $ </tex-math></inline-formula> throughput, a <inline-formula> <tex-math>$105.9\\times $ </tex-math></inline-formula> area efficiency, and a <inline-formula> <tex-math>$48.1\\times $ </tex-math></inline-formula> energy efficiency. In the experiments on SoC simulation and field programmable gate array platform with an embedded RISC-V core, the results show that DAE causes little or no loss of system frequency and throughput.","PeriodicalId":54347,"journal":{"name":"IEEE Internet of Things Journal","volume":"12 7","pages":"8438-8452"},"PeriodicalIF":8.9000,"publicationDate":"2024-11-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Low-Latency DAE: A Configurable Lightweight Hybrid Data and Address Encryption Engine for IoT Real-Time NVM Protection\",\"authors\":\"Xuewen He;Li Du;Yuan Du\",\"doi\":\"10.1109/JIOT.2024.3500781\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In Internet of Things (IoT) real-time systems and edge computing applications, memory encryption engines (MEEs) are used for real-time memory encryption to protect program code and sensitive data in nonvolatile memories (NVMs) and mitigate some side-channel attacks. However, for resource-constrained devices, it is a considerable challenge to realize a lightweight solution with low-hardware overhead, high security, and flexible bit-width. This article presents a lightweight full-MEE, called data&address encryption (DAE), which employs hybrid data and address encryption to protect NVMs on-the-fly with low-logic latency, flexible width adaptation, and enhanced security in some aspects. The security analyses show that DAE performs effective mitigation in some side-channel attacks, such as Remanence attack, and provides better security than data-only ciphers in resisting the brute-force attack, etc. Evaluated with TSMC’s 40-nm standard CMOS technology, 128-bit DAE has a lightweight feature of 8.703 KGates, which is only 5.46% of 128-bit advanced encryption standard (AES-128), and performs a <inline-formula> <tex-math>$5.8\\\\times $ </tex-math></inline-formula> throughput, a <inline-formula> <tex-math>$105.9\\\\times $ </tex-math></inline-formula> area efficiency, and a <inline-formula> <tex-math>$48.1\\\\times $ </tex-math></inline-formula> energy efficiency. In the experiments on SoC simulation and field programmable gate array platform with an embedded RISC-V core, the results show that DAE causes little or no loss of system frequency and throughput.\",\"PeriodicalId\":54347,\"journal\":{\"name\":\"IEEE Internet of Things Journal\",\"volume\":\"12 7\",\"pages\":\"8438-8452\"},\"PeriodicalIF\":8.9000,\"publicationDate\":\"2024-11-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IEEE Internet of Things Journal\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://ieeexplore.ieee.org/document/10755043/\",\"RegionNum\":1,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Internet of Things Journal","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10755043/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
Low-Latency DAE: A Configurable Lightweight Hybrid Data and Address Encryption Engine for IoT Real-Time NVM Protection
In Internet of Things (IoT) real-time systems and edge computing applications, memory encryption engines (MEEs) are used for real-time memory encryption to protect program code and sensitive data in nonvolatile memories (NVMs) and mitigate some side-channel attacks. However, for resource-constrained devices, it is a considerable challenge to realize a lightweight solution with low-hardware overhead, high security, and flexible bit-width. This article presents a lightweight full-MEE, called data&address encryption (DAE), which employs hybrid data and address encryption to protect NVMs on-the-fly with low-logic latency, flexible width adaptation, and enhanced security in some aspects. The security analyses show that DAE performs effective mitigation in some side-channel attacks, such as Remanence attack, and provides better security than data-only ciphers in resisting the brute-force attack, etc. Evaluated with TSMC’s 40-nm standard CMOS technology, 128-bit DAE has a lightweight feature of 8.703 KGates, which is only 5.46% of 128-bit advanced encryption standard (AES-128), and performs a $5.8\times $ throughput, a $105.9\times $ area efficiency, and a $48.1\times $ energy efficiency. In the experiments on SoC simulation and field programmable gate array platform with an embedded RISC-V core, the results show that DAE causes little or no loss of system frequency and throughput.
期刊介绍:
The EEE Internet of Things (IoT) Journal publishes articles and review articles covering various aspects of IoT, including IoT system architecture, IoT enabling technologies, IoT communication and networking protocols such as network coding, and IoT services and applications. Topics encompass IoT's impacts on sensor technologies, big data management, and future internet design for applications like smart cities and smart homes. Fields of interest include IoT architecture such as things-centric, data-centric, service-oriented IoT architecture; IoT enabling technologies and systematic integration such as sensor technologies, big sensor data management, and future Internet design for IoT; IoT services, applications, and test-beds such as IoT service middleware, IoT application programming interface (API), IoT application design, and IoT trials/experiments; IoT standardization activities and technology development in different standard development organizations (SDO) such as IEEE, IETF, ITU, 3GPP, ETSI, etc.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
