model driven design synthesis of the sha 256
play

Model-driven Design & Synthesis of the SHA-256 Cryptographic - PowerPoint PPT Presentation

May 13, 2023 •341 likes •495 views

Model-driven Design & Synthesis of the SHA-256 Cryptographic Hash Function in ReWire Bill Harrison University of Missouri Adam Procter Intel Corp. Gerard Allwein US Naval Research Laboratory October 7, 2016 Challenge: High Assurance Hardware

  1. Model-driven Design & Synthesis of the SHA-256 Cryptographic Hash Function in ReWire Bill Harrison University of Missouri Adam Procter Intel Corp. Gerard Allwein US Naval Research Laboratory October 7, 2016

  2. Challenge: High Assurance Hardware Accelerators So.ware Applica1on Hardware Accelerator

  3. Challenge: High Assurance Hardware Accelerators So.ware Applica1on Hardware Accelerator “ Challenge ”? ◮ Two different languages: SW & HDL ◮ Neither (typically) with formal semantics supporting verification

  4. Challenge: High Assurance Hardware Accelerators Haskell So.ware Applica1on So.ware Applica1on ReWire Hardware Hardware Accelerator Accelerator Approach “ Challenge ”? ◮ Two different languages: SW ◮ Write in Haskell & HDL ◮ Transform acceleration ◮ Neither (typically) with target into ReWire formal semantics supporting ◮ Verify accelerator with verification Haskell semantics

  5. Case Study: High Assurance SHA-256 HW Accelerator ◮ Crypto-algorithms good Haskell So.ware Applica1on candidates for both ◮ hardware acceleration ◮ formal verification ◮ SHA-256 (Secure Hash ReWire Algorithm) defined as Hardware Accelerator pseudo-code [NIST02]: Preprocessing � Parse/Pad as N 512 bit blocks � Approach Main Loop For 1 to N : ◮ Write in Haskell � do some stuff � ◮ Transform acceleration Inner Loop target into ReWire For 0 to 63 : � other stuff � ◮ Verify accelerator with Haskell semantics

  6. ReWire Functional Hardware Description Language ReWire Compiler Haskell VHDL Synthesizable ReWire VHDL ◮ Inherits Haskell’s good qualities ◮ Pure functions & types, monads, equational reasoning, etc. ◮ Formal denotational semantics [HarrisonKieburtz05,Harrison05] ◮ Types & operators for HW abstractions & clocked/parallel computations. ◮ Organizing principle: monads, esp. “reactive resumption monad” ◮ Very familiar ideas to functional programming community

  7. Reference Semantics ◮ Straightforward sha256 :: [Hex Word32] -> M (Oct Word32) sha256 hws = do Formalization of Pseudocode putDigest initialSHA256State mainloop hws from NIST Document getDigest ◮ Can be tested: mainloop :: [Hex Word32] -> M () mainloop [] = return () GHC> run_sha256 msg1 mainloop (hw32 : hw32s) = do Oct 3128432319 2399260650 hi 1 <- getDigest putIntDig hi 1 1094795486 1571693091 putBlock hw32 2953011619 2518121116 putCtr C0 3021012833 4060091821 innerloop mainloop hw32s GHC> hashed1 Oct 3128432319 2399260650 innerloop :: M () 1094795486 1571693091 innerloop = do 2953011619 2518121116 c <- getCtr 3021012833 4060091821 s <- sched compress (seed c) s . . putCtr (incCtr c) . case c of C63 -> intermediate _ -> innerloop

  8. Reference Semantics Lifted Semantics sha256 :: [Hex Word32] -> M (Oct Word32) dev :: Inp -> ReT Inp Out M () sha256 hws = do dev (Init hw32) = do putDigest initialSHA256State lift ( do putDigest initialSHA256State mainloop hws hi 1 <- getDigest getDigest putIntDig hi 1 putBlock hw32 putCtr C0) mainloop :: [Hex Word32] -> M () signal Nix mainloop [] = return () innerloop mainloop (hw32 : hw32s) = do dev (Load hw32) = do hi 1 <- getDigest lift ( do hi 1 <- getDigest putIntDig hi 1 putIntDig hi 1 putBlock hw32 putBlock hw32 putCtr C0 putCtr C0) innerloop signal Nix mainloop hw32s innerloop dev DigestQ = do h_n <- lift getDigest innerloop :: M () i <- signal (DigestR h_n) innerloop = do dev i c <- getCtr s <- sched innerloop :: ReT Inp Out M () compress (seed c) s innerloop = do putCtr (incCtr c) c <- lift ( do c <- getCtr case c of s <- sched C63 -> intermediate compress (seed c) s _ -> innerloop putCtr (incCtr c) return c) i <- signal Nix case c of C63 -> lift intermediate >> dev i _ -> innerloop

  9. Reference Semantics Lifted Semantics sha256 :: [Hex Word32] -> M (Oct Word32) dev :: Inp -> ReT Inp Out M () sha256 hws = do dev (Init hw32) = do putDigest initialSHA256State lift ( do putDigest initialSHA256State mainloop hws hi 1 <- getDigest getDigest putIntDig hi 1 putBlock hw32 putCtr C0 ) mainloop :: [Hex Word32] -> M () signal Nix mainloop [] = return () innerloop mainloop (hw32 : hw32s) = do dev (Load hw32) = do lift ( do hi 1 <- getDigest hi 1 <- getDigest putIntDig hi 1 putIntDig hi 1 putBlock hw32 putBlock hw32 putCtr C0 putCtr C0 ) innerloop signal Nix mainloop hw32s innerloop dev DigestQ = do h_n <- lift getDigest innerloop :: M () i <- signal (DigestR h_n) innerloop = do dev i c <- getCtr innerloop :: ReT Inp Out M () s <- sched compress (seed c) s innerloop = do putCtr (incCtr c) c <- lift ( do c <- getCtr case c of s <- sched C63 -> intermediate compress (seed c) s -> innerloop putCtr (incCtr c) return c) i <- signal Nix case c of C63 -> lift intermediate >> dev i -> innerloop

  10. Evaluation: Testing, Formal Specification, & Performance ◮ Testing GHC> run_dev256 msg1 Oct 3128432319 2399260650 . . . GHC> hashed1 Oct 3128432319 2399260650 . . .

  11. Evaluation: Testing, Formal Specification, & Performance ◮ Testing ◮ Formal Specification For all finite str :: String , GHC> run_dev256 msg1 Oct 3128432319 2399260650 DigestR (run_sha256 str) = run_dev256 str . . . GHC> hashed1 Oct 3128432319 2399260650 ◮ Proof not in paper; similar . . . specs proved in [TECS16], [FPT15], [LCTES15]

  12. Evaluation: Testing, Formal Specification, & Performance ◮ Testing ◮ Formal Specification For all finite str :: String , GHC> run_dev256 msg1 Oct 3128432319 2399260650 DigestR (run_sha256 str) = run_dev256 str . . . GHC> hashed1 Oct 3128432319 2399260650 ◮ Proof not in paper; similar . . . specs proved in [TECS16], [FPT15], [LCTES15] ◮ Performance ◮ For Spartan-3E w/ Xilinx ISE, max clock rate = 60 MHz. Total throughput = 404 Mbps. Slices Flip-Flops LUTs IOBs 1424 (30%) 1106 (11%) 2716 (29%) 134 (57%) ◮ In line with published, hand-written VHDL implementations of SHA-256: [Sklavos 2005]-[Kahri et al. 2015]

  13. Summary; Related & Future Work ◮ Appel [TOPLAS15] verifies an entire C implementation of SHA-256 ◮ We have only formally specified HW accelerator ◮ Need “Foreign Device Interface” to link Haskell & ReWire ◮ High assurance relies on semantically-faithful compiler ◮ Mechanization in Coq; Compiler Verification ◮ Functional Hardware Description: Chisel, Lava, etc.; Synchronous & Imperative: Esterel ◮ Rewire is open source: https://github.com/mu-chaco/ReWire Future Work = Future Work *This research supported by the US National Science Foundation CAREER Award #0746509 and the US Naval Research Laboratory.

  14. Recent ReWire Publications I. Graves, A. Procter, W. Harrison, M. Becchi, and G. Allwein. Hardware synthesis from functional embedded domain-specific languages: A case study in regular expression compilation. In Proceedings of Applied Reconfigurable Computing 2015 . I. Graves, A. Procter, W. Harrison, and G. Allwein. Provably correct development of reconf. HW designs via eq. reasoning. In Proceedings of Field-Programmable Tech. 2015 . W. Harrison, A. Procter, I. Graves, M. Becchi, and G. Allwein. A programming model for reconf. computing based in funct. concurrency. In Proceedings of ReCoSoC 2016 . A. Procter, W. Harrison, I. Graves, M. Becchi, and G. Allwein. A principled approach to secure multi-core processor design with ReWire. ACM Trans. on Embedded Computing Systems (to appear), 2016 . A. Procter, W. Harrison, I. Graves, M. Becchi, and G. Allwein. Semantics driven hardware design, implementation, & verif. with ReWire. In Proceedings of LCTES 2015 .

Recommend

Reality-Driven Physical Synthesis Patrick Groeneveld Chief Technologist, Magma Design

Reality-Driven Physical Synthesis Patrick Groeneveld Chief Technologist, Magma Design

Reality-Driven Physical Synthesis Patrick Groeneveld Chief Technologist, Magma Design Automation, San Jose (soon: Synopsys inc., Mountain View) Chair, 49 th Design Automation Conference, San Francisco ISPD 2012, Napa Kevin Trudeau, the king of

607 views • 24 slides
Power-Driven DNN Dataflow Optimization on FPGA Qi Sun 1 , Tinghuan Chen 1 , Jin Miao 2 , Bei Yu 1 1

Power-Driven DNN Dataflow Optimization on FPGA Qi Sun 1 , Tinghuan Chen 1 , Jin Miao 2 , Bei Yu 1 1

Power-Driven DNN Dataflow Optimization on FPGA Qi Sun 1 , Tinghuan Chen 1 , Jin Miao 2 , Bei Yu 1 1 The Chinese University of Hong Kong 2 Cadence Design Systems, Inc. 1 / 22 FPGA Targeted DNN Accelerator Design Flow Dataflow Synthesis HLS Model

452 views • 22 slides
30 Transformational Design with Essential Aspect Decomposition: Model-Driven Architecture (MDA)

30 Transformational Design with Essential Aspect Decomposition: Model-Driven Architecture (MDA)

Fakultt Informatik, Institut fr Software- und Multimediatechnik, Lehrstuhl fr Softwaretechnologie 30 Transformational Design with Essential Aspect Decomposition: Model-Driven Architecture (MDA) 1. Model-Driven Architecture Prof. Dr. U.

671 views • 34 slides
La y out-Driven Logic Synthesis Based on Lattices Singapur, Septemb er 1997 1 ' $ LA

La y out-Driven Logic Synthesis Based on Lattices Singapur, Septemb er 1997 1 ' $ LA

La y out-Driven Logic Synthesis Based on Lattices Singapur, Septemb er 1997 1 ' $ LA YOUT-DRIVEN SYNTHESIS F OR SUBMICRON TECHNOLOGY: MAPPING EXP ANSIONS TO REGULAR LA TTICES Ma rek A. P erk o wski, Edmund

634 views • 37 slides
Testing Model Transformations in Model Driven Engineering Benoit Baudry INRIA IRISA

Testing Model Transformations in Model Driven Engineering Benoit Baudry INRIA IRISA

Testing Model Transformations in Model Driven Engineering Benoit Baudry INRIA IRISA (currently visiting CSU) Outline What about model transformation testing? Triskells contributions Coverage criteria Model synthesis

389 views • 35 slides
30 Transformational Design with Essential Aspect Decomposition: Model-Driven Architecture (MDA)

30 Transformational Design with Essential Aspect Decomposition: Model-Driven Architecture (MDA)

Fakultt Informatik, Institut fr Software- und Multimediatechnik, Lehrstuhl fr Softwaretechnologie 30 Transformational Design with Essential Aspect Decomposition: Model-Driven Architecture (MDA) 1. EAI* for Modular Product Lines Prof. Dr.

786 views • 50 slides
Extending enumerative function synthesis via SMT-driven classification Haniel Barbosa , Andrew

Extending enumerative function synthesis via SMT-driven classification Haniel Barbosa , Andrew

Extending enumerative function synthesis via SMT-driven classification Haniel Barbosa , Andrew Reynolds, Daniel Larraz, Cesare Tinelli FMCAD 2019 2019-10-25, San Jose, CA, USA Syntax-Guided Synthesis (SyGuS) [Alur et al. 2013] Speci fi cation

749 views • 59 slides
VHDL for Logic Synthesis Overview Design Flow for Hardware Design VHDL coding for

VHDL for Logic Synthesis Overview Design Flow for Hardware Design VHDL coding for

VHDL for Logic Synthesis Overview Design Flow for Hardware Design VHDL coding for synthesis General guidelines for hardware designers This lecture includes the content from: Nitin Yogi, Modelling for Synthesis with VHDL, Auburn

697 views • 52 slides
30 Transformational Design with Essential Aspect Decomposition: Model-Driven Architecture (MDA)

30 Transformational Design with Essential Aspect Decomposition: Model-Driven Architecture (MDA)

Fakultt Informatik - Institut Software- und Multimediatechnik - Softwaretechnologie Prof. Amann - Softwaretechnologie II 30 Transformational Design with Essential Aspect Decomposition: Model-Driven Architecture (MDA) 1. EAI* for

1.27k views • 54 slides
Verilog Modeling for Synthesis Multiplier Design (Nelson model) Add and shift binary

Verilog Modeling for Synthesis Multiplier Design (Nelson model) Add and shift binary

Verilog Modeling for Synthesis Multiplier Design (Nelson model) Add and shift binary multiplication System Example: 8x8 multiplier Multiplicand Multiplier LoadM multiplicand (M) Start Clock Q 0 controller (C) adder (ADR) Done

270 views • 14 slides
WebML: Model-driven design of Web Applications Massimo Tisi Stefano Ceri, Piero Fraternali, Aldo

WebML: Model-driven design of Web Applications Massimo Tisi Stefano Ceri, Piero Fraternali, Aldo

WebML: Model-driven design of Web Applications Massimo Tisi Stefano Ceri, Piero Fraternali, Aldo Bongio, Marco Brambilla, Alessandro Bozzon WebML 2 WebML : Web M odeling L anguage Structured approach for the design of Data-intensive

616 views • 38 slides
Basic Synthesis Flow and Commands Technology Libraries Design Read/Write Design

Basic Synthesis Flow and Commands Technology Libraries Design Read/Write Design

Introduction to Digital VLSI Logic Synthesis Basic Synthesis Flow and Commands Technology Libraries Design Read/Write Design Objects Timing Paths Constraints Compile Wire Load Models Multiple

851 views • 67 slides
Logic Synthesis Overview Design flow Principles of logic synthesis Logic

Logic Synthesis Overview Design flow Principles of logic synthesis Logic

Logic Synthesis Overview Design flow Principles of logic synthesis Logic Synthesis with the common tools Conclusions 2 System Design Flow Electronic System Level (ESL) flow System C TLM, Verification, Profiling

1.12k views • 28 slides
Domain-Driven Design Brett D. Roads Domain-Driven Design: Tackling Complexity in the Heart of

Domain-Driven Design Brett D. Roads Domain-Driven Design: Tackling Complexity in the Heart of

Domain-Driven Design Brett D. Roads Domain-Driven Design: Tackling Complexity in the Heart of Software By: Eric Evans This text address the analysis and design of software the relies on complex domain specific knowledge Motivation

638 views • 45 slides
Model-Driven, Performance-Centric HPC Software and System Design and Optimization Torsten Hoefler

Model-Driven, Performance-Centric HPC Software and System Design and Optimization Torsten Hoefler

Model-Driven, Performance-Centric HPC Software and System Design and Optimization Torsten Hoefler With contributions from: William Gropp, William Kramer, Marc Snir Scientific talk at Jlich Supercomputing Center April 8 th Jlich, Germany

621 views • 33 slides
Focusing the Core Domain Model A Domain-Driven Design Case Study, Eric Evans, Domain Language

Focusing the Core Domain Model A Domain-Driven Design Case Study, Eric Evans, Domain Language

Focusing the Core Domain Model A Domain-Driven Design Case Study, Eric Evans, Domain Language @ericevans0 #dddesign #yow13 Thirsty Fern FLLC A Mostly True Story About Strategic Design and Focusing the Core Domain with Established

720 views • 33 slides
Design, Synthesis and in vitro Screening of Pyrazolines based compounds as Phytohaemagglutinin (

Design, Synthesis and in vitro Screening of Pyrazolines based compounds as Phytohaemagglutinin (

Design, Synthesis and in vitro Screening of Pyrazolines based compounds as Phytohaemagglutinin ( PHA) mimetic Raj Kumar 1, *, Gaurav Joshi 1 , and Sandeep Singh 2 1 Laboratory for Drug Design and Synthesis, Centre for Pharmaceutical Sciences and

1.8k views • 21 slides
Automated Synthesis from HDL models Design Compiler (Synopsys) Leonardo (Mentor Graphics)

Automated Synthesis from HDL models Design Compiler (Synopsys) Leonardo (Mentor Graphics)

Automated Synthesis from HDL models Design Compiler (Synopsys) Leonardo (Mentor Graphics) Front-End Design &amp; Verification VHDL VHDL-AMS Create Behavioral/RTL Verilog HDL Model(s) Verilog-A SystemC ModelSim ADVance MS Simulate to

618 views • 41 slides
Model-based Design 182.721 VO Embedded Systems Engineering Armin Wasicek 6.12.2011 Overview

Model-based Design 182.721 VO Embedded Systems Engineering Armin Wasicek 6.12.2011 Overview

Model-based Design 182.721 VO Embedded Systems Engineering Armin Wasicek 6.12.2011 Overview Introduction System Theory Model Driven Architecture (MDA) MBD Development Environments Summary 10.12.2010 Model based Design 2

590 views • 40 slides
Model-Driven Design using I-Logix Rhapsody Riandi Wiguna MSDL August 5, 2005 Overview

Model-Driven Design using I-Logix Rhapsody Riandi Wiguna MSDL August 5, 2005 Overview

Model-Driven Design using I-Logix Rhapsody Riandi Wiguna MSDL August 5, 2005 Overview 1.Introduction to Rhapsody 2.Basic Usage of Rhapsody 3.Important Points 4.ROPES 5.Example: Answering Machine 6.Personal Experiences using Rhapsody

731 views • 39 slides
Hardware Design with VHDL Synthesis of VHDL Code ECE 443 Synthesis of VHDL Code This slide set

Hardware Design with VHDL Synthesis of VHDL Code ECE 443 Synthesis of VHDL Code This slide set

Hardware Design with VHDL Synthesis of VHDL Code ECE 443 Synthesis of VHDL Code This slide set covers Fundamental limitation of EDA software Realization of VHDL operator Realization of VHDL data type VHDL synthesis flow

511 views • 34 slides
The Besancon Galaxy Model, a population synthesis tool for galactic structure and evolution

The Besancon Galaxy Model, a population synthesis tool for galactic structure and evolution

The Besancon Galaxy Model, a population synthesis tool for galactic structure and evolution studies A.C. Robin, C. Reyl, B. Debray OSU THETA, Institut UTINAM Besanon, France Outlines Population synthesis approach Model ingredients

787 views • 51 slides
Combining data-driven and symbolic reasoning for Invariant Synthesis in SMT (Work in Progress)

Combining data-driven and symbolic reasoning for Invariant Synthesis in SMT (Work in Progress)

Combining data-driven and symbolic reasoning for Invariant Synthesis in SMT (Work in Progress) Haniel Barbosa Clark Barrett Andrew Reynolds Cesare Tinelli MVD 2018 20180929, Iowa City, IA, USA SyGuS Solving CEGIS [Solar-Lezama et

588 views • 26 slides
Complete+Cycle+for+Design DESIGN FABRICATE 8model 8synthesize IDEA 8mask+production+++

Complete+Cycle+for+Design DESIGN FABRICATE 8model 8synthesize IDEA 8mask+production+++

Implementation+Technologies We+can+implement a+design+with+many+different+ implementation+technologies+8 different+ implementation+technologies+offer+different+ tradeoffs HDL+Synthesis offers+an+easy+way+to+target+a+model+

395 views • 22 slides

More recommend