RISC V and Security: How, When and Why Helena Handschuh Rambus Security Technologies Fellow RISCV Security Standing Committee Chair CHES 2019 @ Atlanta 08/26/2019
Outline • RISCV Foundation • Security Standing Committee Creation and Charter • Security Task Group Charters and status update Crypto Extensions TG • Trusted Execution Environment TG • • Taxonomy and related DARPA SSITH activities • Speaker Program • Academic and industry initiatives around RISCV • Open problems and research directions 2
The RISCV Foundation • RISC- V (pronounced “risk - five”) is a free and open ISA enabling a new era of processor innovation through open standard collaboration. • Founded in 2015 • 300+ member organizations and individual members • open, collaborative community of software and hardware innovators • RISCV base ISA was born in academia and research (Berkeley) • A new level of free, extensible software and hardware freedom on architecture • Paving the way for the next 50 years of computing design and innovation. • Members of the RISC-V Foundation have access to and participate in the development of the RISC-V ISA specifications and extensions and related HW / SW ecosystem. http://riscv.org 3
The RISCV Foundation • RISC- V (pronounced “risk - five”) is a free and open ISA enabling a new era of processor innovation through open standard collaboration. • Founded in 2015 • 300+ member organizations and individual members • open, collaborative community of software and hardware innovators • RISCV base ISA was born in academia and research (Berkeley) • A new level of free, extensible software and hardware freedom on architecture • Paving the way for the next 50 years of computing design and innovation. • Members of the RISC-V Foundation have access to and participate in the development of the RISC-V ISA specifications and extensions and related HW / SW ecosystem. http://riscv.org 4
“The RISC -V Instruction Set Manual, Volume I: User-Level ISA, Document Version 2.2”, Editors Andrew Waterman and Krste Asanovi´c, RISC-V Foundation, May 2017. • Creative Commons Attribution 4.0 International License. • This document is a derivative of “ The RISC-V Instruction Set Manual, Volume I: User-Level ISA Version 2.1 ” released under the following license: c 2010 – 2017 Andrew Wate term rman, n, Yunsup up Lee, David d Patt tterson, n, Krs rste Asano novi´c. Creative Commons Attribution 4.0 International License. 5
RISCV Base Instruction Set Architecture and its Extensions • Base ISA: • 32 bit • 32 bit (Embedded) • 64 bit • 128 bit • Extensions: • M: Multiplication/division • A: Atomic instructions • F: Single Precision Floating Point • D: 2P Floating Point • Q: 4P Floating Point • L: Decimal Floating Point • C: Compressed Instructions • B: Bit Manipulation • … • V: Vectors Extensions • … 6
“ The RISC-V Instruction Set Manual, Volume I: User-Level ISA, Document Version 20190608-Base-Ratified ” , Editors Andrew Waterman and Krste Asanovi ́ c, RISC-V Foundation, March 2019. Creative Commons Attribution 4.0 International License. 7
145 236 pages; shows Ratified parts; additional extensions 8
“ The RISC-V Instruction Set Manual, Volume II: Privileged Architecture, Document Version 20190608-Priv-MSU-Ratified ” , Editors Andrew Waterman and Krste Asanovi ́ c, RISC-V Foundation, June 2019. 9
Defines Machine, Supervisor and Hypervisor modes 10
RISC V Cores / SoCs • 65 cores available here: • https://riscv.org/risc-v- cores/ • Note that none of these cores/SoCs have passed the in in-develo lopment t RISC-V compliance suite. 11
RISC-V Soft RISC Software Ecos osystem Overview • Simul ulators • Objec ject toolcha hain • Debu bugg gging ng • C compi piler ers s and d librar aries es • Boot load ader ers s and d moni nitors • OS and d OS kernel nels • Compi piler ers s and d runtimes es for other her langua uages es • IDEs • ……… Security (!) 12
January 2018… the o..s … moment 13
January 2018 … the oops(!) moment 14
Creation of the RISCV Security Standing Committee • July 2, 2018 • “ RISC-V Foundation Announces Security Standing Committee, Calls Industry To Join In Efforts ” • “ Security y is one ne of the he fund undamental issues s in n our ur conn nnec ected ed worl rld. The RISC-V community is committed to pushing the industry forward through innovative approaches and new thinking to addr ddress ss existing and nd emer erging thr hrea eats ” (Helena) • “ It is an exciting time to witness the advent of a new new compute e pl platfor orm tha hat ha has s forma rmal met ethod ods s at its foun undation on for r proc proces essor sor corr rrectness ess and nd secu curity, ” …“ RISC-V is a simple, free and open ISA that is an ideal vehicle for research in form rmally y assured d secu curity and nd secure ha hardware e de develop opment for everything from consumer devices to national security applications. ” (Joe Kiniry) 15
Security Standing Committee chair: Helena Handschuh, Rambus vice-chair: Joe Kiniry, Galois website: https://lists.riscv.org meetings roughly every other week, alternating between “ Speaker Program ” and “ Business Meeting ” • Security Standing Committee Charter: ● Promote RISC-V as an ideal vehicle for the security community ● Liaise with other internal RISC V committees and with external security committees ● Create an information repository on new attack trends, threats and countermeasures ● Identify top 10 open challenges in security for the RISC-V community to address ● Propose security committees (Marketing or Technical) to tackle specific security topics ● Recruit security talent to the RISC-V ecosystem (e.g., into committees) ● Develop consensus around best security practices for IoT devices and embedded systems 16
Cryptographic Extensions Task Group Chair: Richard Newell, Microchip, Vice-chair: Derek Atkins, SecureRF • Cha hart rter er: • pro propose se ISA ex extensi sions s to to the he vector r ex exten ensi sion ons for or the he sta standardiz ized ed and nd secure ex exec ecutio ion of of pop popula lar r cryptog ography algorit ithms. . To o ensu sure tha hat pro processo sor r imp mple lementers s are re abl ble to to sup upport rt a wi wide e ra range e of of pe perf rformance e and nd • sec ecuri rity ty lev evel els s the he comm ommittee wi will ll crea eate a ba base se and nd an n ex exten ended ed spec pecifi ificati tion. . The he ba base se wi will ll be be comp ompri rise sed of of low ow-cost ins nstru ructi tions tha hat t are e us usefu ful l for or the he accele lerati tion on of of com ommon on • algorit ithms. • The he ext exten ended ed spec pecifi ificati tion on wi will ll inc nclu lude grea eater r fun uncti tionali lity ty, re rese serv rve e enc ncod odings for or mo more e alg lgorit rithms, s, and nd wi will ll fa facili litate imp mproved sec ecurit ity of of ex exec ecutio ion and nd hi higher pe perf rform rmance. e. The he scope e wi will ll inc nclu lude sy symmetr tric ic and nd asy symmetric ic cryptographic ic alg lgorit rithms and nd re rela lated pri primiti tives es • suc uch as me mess ssage di digests. s. The he com ommit ittee e wi will ll also so ma make ISA pro proposa sals ls re regardin ing the he us use e of of ra random bi bits ts and nd sec ecure key ey ma management. 17
Cryptographic Extensions Task Group Chair: Richard Newell, Microchip, Vice-chair: Derek Atkins, SecureRF • Approach based on vector extensions • AES instructions • 128, 192, 256; done • SHA-2 instructions • SHA-256 and SHA-512; almost done • Need to convert AES and SHA-2 into formal specs now … • Prototyping Public Key Crypto algorithms • Long integer arithmetic • Implementation proof of concept • Future directions: • More light-weight approach: could recommend subset of vector extensions only • XCrypto (Bristol): proposed scalar instructions, rotates, etc. to have SW run faster • Paris Telecom also interested in same type of research 18
Trusted Ex Execution En Environment Tas ask Group Chair: ir: Joe oe Xie, ie, Nvid idia Vic Vice-chair: Nic ick Koss ossifi fidis, , Fort orth Char arter er: • To defin efine e an archi hitec ectur ure spec ecific fication on to supp ppor ort trusted ed ex exec ecution on env nviron onmen ent for RISC-V proces esso sors • To provide de necess essary implem emen entation gu guide deline nes and/ d/or recommend ndations ns to assi sist hardw dwar are e devel eloper pers s to real alize e the e spec ecific fication on • To ena nabl ble e the e devel elopm pment of necess essar ary compo pone nents, s, such h as compi piler er, simul ulation n model del, hardw dwar are, e, and d softw ftwar are compo ponen ents s to suppo pport the e speci ecific fication on 19
Recommend
More recommend