ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Java cryptography on KVM and its performance and security optimization using HW/SW co-design techniques
Full text PdfPdf (188 KB)
Source International Conference on Compilers, Architecture and Synthesis for Embedded Systems archive
Proceedings of the 2004 international conference on Compilers, architecture, and synthesis for embedded systems table of contents
Washington DC, USA
SESSION: Reliability and security table of contents
Pages: 303 - 311  
Year of Publication: 2004
ISBN:1-58113-890-3
Authors
Yusuke Matsuoka  University of California, Los Angeles, CA
Patrick Schaumont  University of California, Los Angeles, CA
Kris Tiri  University of California, Los Angeles, CA
Ingrid Verbauwhede  University of California, Los Angeles, CA
Sponsor
ACM: Association for Computing Machinery
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 7,   Downloads (12 Months): 77,   Citation Count: 2
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1023833.1023874
What is a DOI?

ABSTRACT

This paper describes a design approach to include and optimize Java based cryptographic applications into resource limited embedded devices.For easy prototyping and to be platform independent, the security applications are first developed in Java. Two Java cryptographic libraries, the Bouncy Castle API and the IAIK API are ported to a real embedded device for cost and performance evaluation. It requires 0.88Mbytes to 1.2Mbytes in the KVM footprint size and a few milliseconds to run secret key algorithms and message digests on a typical embedded device.In a second step, the performance critical components of the security applications are moved to hardware acceleration units. The GEZEL design environment is used for the hardware modeling and the co-simulation between software on KVM and the hardware co-processor. Moving the AES algorithm from the SH3-DSP microprocessor to a hardware co-processor shows a performance gain of 10.4x including the overhead in Java, C, and hardware interfaces.Then in a third step, the security critical components are realized by means of a special dynamic differential logic (DDL) style, which makes the secure modules resistant against side channel attacks. All key related actions and cryptographic algorithms are restricted to the secure co-processor. The overall performance gain is 25x compared to a pure Java implementation.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
M. Renaudin , F. Bouesse , Ph. Proust , J. P. Tual , L. Sourgen , F. Germain, High Security Smartcards, Proceedings of the conference on Design, automation and test in Europe, p.10228, February 16-20, 2004
 
2
Bruce Schneier, "Applied Cryptography", John Wiley & Sons, 1996 ISBN 0-471-12845-7
 
3
J2ME Building Blocks for Mobile Devices - White Paper on KVM and the Connected, Limited Device Configuration (CLDC) http://java.sun.com/products/cldc/wp/KVMwp.pdf
 
4
J2ME CLDC 1.1, http://java.sun.com/products/cldc/index.jsp
 
5
Java Devices, http://www.microjava.com/devices
 
6
Japan NTT DoCoMo's i-mode Article, http://www.peterindia.net/i-ModeView.html
 
7
The Bouncy Castle Lightweight API Release 1.20, http://www.bouncycastle.org/download/lcrypto-j2me-120.tar.gz
 
8
IAIK JCE and iSaSiLk APIs, http://jce.iaik.tugraz.at/download/evaluation/index.php
 
9
Intel SA-1110 Processor, http://www.intel.com/design/edk/product/strongarm_edk.htm
 
10
The eCos OS, http://sources.redhat.com/ecos
 
11
Michael Juntao Yuan, Enterprise J2ME: Developing Mobile Java Applications, Prentice Hall PTR, Upper Saddle River, NJ, 2003
 
12
The GEZEL Design Environment, http://www.ee.ucla.edu/~schaum/gezel/
 
13
KPIT Cummins GNU Tools & Support, http://www.kpitgnutools.com/
 
14
Advanced Encryption Standard, http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf
 
15
Java 2 Platform Security Architecture, http://java.sun.com/j2se/1.4.2/docs/guide/security/
 
16
Java Cryptography Architecture, http://java.sun.com/j2se/1.4.2/docs/guide/security/CryptoSpec.html
 
17
E. Hess, N. Janssen, B. Meyer, T. Schuetze, "Information Leakage Attacks Against Smart Card Implementations of Cryptographic Algorithms and Countermeasures "a Survey", EUROSMART Security Conference (2000) pp.55--64
 
18
Paul C. Kocher , Joshua Jaffe , Benjamin Jun, Differential Power Analysis, Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology, p.388-397, August 15-19, 1999
 
19
GEZEL User Manual, http://www.ee.ucla.edu/~schaum/gezel/gzldata/gezelum.pdf
 
20
Kris Tiri , Ingrid Verbauwhede, A Logic Level Design Methodology for a Secure DPA Resistant ASIC or FPGA Implementation, Proceedings of the conference on Design, automation and test in Europe, p.10246, February 16-20, 2004
 
21
K. Tiri, I. Verbauwhede, "Securing Encryption Algorithms against DPA at the Logic Level: Next Generation Smart Card Technology", Workshop on Cryptographic Hardware and Embedded Systems (CHES 2003) pp.125--136
 
22
SH-Mobile Application Processor, http://www.renesas.com/eng/products/mpumcu/shmobile/index.html
23
Srivaths Ravi , Paul Kocher , Ruby Lee , Gary McGraw , Anand Raghunathan, Security as a new dimension in embedded system design, Proceedings of the 41st annual conference on Design automation, June 07-11, 2004, San Diego, CA, USA  [doi>10.1145/996566.996771]
 
24
Srivaths Ravi , Anand Raghunathan , Srimat Chakradhar, Tamper Resistance Mechanisms for Secure, Embedded Systems, Proceedings of the 17th International Conference on VLSI Design, p.605, January 05-09, 2004
25
Catherine H. Gebotys, Design of secure cryptography against the threat of power-attacks in DSP-embedded processors, ACM Transactions on Embedded Computing Systems (TECS), v.3 n.1, p.92-113, February 2004  [doi>10.1145/972627.972632]

CITED BY  2
 
Patrick Schaumont , Ingrid Verbauwhede, A Component-Based Design Environment for ESL Design, IEEE Design & Test, v.23 n.5, p.338-347, September 2006
Patrick Schaumont , Doris Ching , Ingrid Verbauwhede, An interactive codesign environment for domain-specific coprocessors, ACM Transactions on Design Automation of Electronic Systems (TODAES), v.11 n.1, p.70-87, January 2006

INDEX TERMS

Primary Classification:
  C. Computer Systems Organization
  C.3 SPECIAL-PURPOSE AND APPLICATION-BASED SYSTEMS
      Subjects: Real-time and embedded systems

Additional Classification:
  D. Software
  D.3 PROGRAMMING LANGUAGES
      D.3.2 Language Classifications
          Subjects: Object-oriented languages


General Terms:
Design, Languages, Performance, Security


Keywords:
cryptography, design, embedded systems, java, security

Collaborative Colleagues:
Yusuke Matsuoka: colleagues
Patrick Schaumont: colleagues
Kris Tiri: colleagues
Ingrid Verbauwhede: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player