Quick Boot of Trusted Execution Environment With Hardware Accelerators

Trong-Thuc Hoang; Ckristian Duran; Duc-Thinh Nguyen-Hoang; Duc-Hung Le; Akira Tsukamoto; Kuniyasu Suzaki; Cong-Kha Pham

doi:10.1109/ACCESS.2020.2987617

IEEE Access (Jan 2020)

Quick Boot of Trusted Execution Environment With Hardware Accelerators

Trong-Thuc Hoang,
Ckristian Duran,
Duc-Thinh Nguyen-Hoang,
Duc-Hung Le,
Akira Tsukamoto,
Kuniyasu Suzaki,
Cong-Kha Pham

Affiliations

Trong-Thuc Hoang: ORCiD; Department of Information and Network Engineering, The University of Electro-Communications (UEC), Tokyo, Japan
Ckristian Duran: Department of Information and Network Engineering, The University of Electro-Communications (UEC), Tokyo, Japan
Duc-Thinh Nguyen-Hoang: Department of Information and Network Engineering, The University of Electro-Communications (UEC), Tokyo, Japan
Duc-Hung Le: Department of Information and Network Engineering, The University of Electro-Communications (UEC), Tokyo, Japan
Akira Tsukamoto: National Institute of Advanced Industrial Science and Technology (AIST), Tokyo, Japan
Kuniyasu Suzaki: National Institute of Advanced Industrial Science and Technology (AIST), Tokyo, Japan
Cong-Kha Pham: Department of Information and Network Engineering, The University of Electro-Communications (UEC), Tokyo, Japan

DOI: https://doi.org/10.1109/ACCESS.2020.2987617
Journal volume & issue: Vol. 8
pp. 74015 – 74023

Abstract

Read online

The Trusted Execution Environment (TEE) offers a software platform for secure applications. The TEE offers a memory isolation scheme and software authentication from a high privilege mode. The procedure uses different algorithms such as hashes and signatures, to authenticate the application to secure. Although the TEE hardware has been defined for memory isolation, the security algorithms often are executed using software implementations. In this paper, a RISC-V system compatible with TEEs featuring security algorithm accelerators is presented. The hardware accelerators are the SHA-3 hash and the Ed25519 elliptic curve algorithms. TileLink is used for the communications between the processor and the register of the accelerators. For the TEE boot, the software procedures are switched with the accelerated counterpart. Comparing to the software approach, a 2.5-decade increment is observed in the throughput of the signature procedure using the SHA-3 acceleration for big chunks of data. The Ed25519 performs 90% better compared to the software counterpart in execution times.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords