# Securing Wireless Data: System Architecture Challenges

Srivaths Ravi, Anand Raghunathan and Nachiketh Potlapally International Symposium on Systems Synthesis, ACM October 2002

林佑青 2003.1.3

### Outline

- Introduction
- System design challenges
- Wireless security processing gap
- System design methodologies
- Performance
- Conclusion

#### Introduction

- The deployment of high-speed wireless data and multimedia communications ushers in new and greater security challenges.
- Wireless clients are much more constrained in their processing capabilities and energy supplies.
- Bottleneck : Security processing gap, Battery gap.
- Mobile security processing system design methodologies.

## System design challenges

- Security processing gap
- Battery gap growth is far slower than the processing requirements.
- Flexibility
  different protocol stack and networks
- Tamper-proof implementation
  Biometric identification techniques

### Battery gap



# Security Processing Gap (1)



# Security processing gap (2)



# Processing requirements of RSA-based SSL handshake





# Bridging the wireless security processing gap

- Low complexity security protocols and cryptographic algorithms.
- Embedded processors with enhanced security processing capabilities.
- MOSES: MObile SEcurity processing System

### MOSES

- A programmable security processor platform, to enable secure data and multi-media communications in next-generation wireless handsets.
- Employs a novel system-level design methodology to build the HW/SW platform.
- The objective is to address the wireless security processing gap.

#### Software Architecture

- Using a layered philosophy, like the design of network protocols.
- At the top level, the SW architecture provides a generic interface using security protocols and applications can be ported to the platform.
- Advantages : each SW layer can proceed concurrently.

### Hardware platform architecture

- The instruction set of the processor is extended through the addition of custom instructions that speed up operation.
- The added instructions are executed by custom hardware, which is tightly integrated into the processor execution pipeline.



## System design methodologies

- Performance characterization of software libraries.
- Algorithm exploration.
- Formulation of candidate custom instructions to accelerate individual library routines.
- Global custom instruction selection to generate the required performance for each security algorithm.





### Performance

|                | Processing Rates |                 |         |
|----------------|------------------|-----------------|---------|
| Sec. Algo.     | Orig.            | Final           | Speedup |
|                | (cycle/byte)     | (cycle/byte)    |         |
| DES enc./dec.  | 476.8            | 15.4            | 31.0X   |
| 3DES enc./dec. | 1426.4           | 42.1            | 33.9X   |
| AES enc./dec.  | 1526.2           | 87.5            | 17.4X   |
| RSA enc.       | $34.29 * 10^3$   | $3.16*10^3$     | 10.8X   |
| RSA dec.       | $12658 * 10^3$   | $190.78 * 10^3$ | 66.4X   |



### Conclusion

- There are several challenges unique to wireless devices and their environment, which need to be addressed.
- A new system architectures and system design methods will be required to address many of these challenges.