TY - GEN
T1 - Energy and execution time analysis of a software-based trusted platform module
AU - Aaraj, Najwa
AU - Raghunathan, Anand
AU - Ravi, Srivaths
AU - Jha, Niraj K.
PY - 2007
Y1 - 2007
N2 - Trusted platforms have been proposed as a promising approach to enhance the security of general-purpose computing systems. However, for many resource-constrained embedded systems, the size and cost overheads of a separate Trusted Platform Module (TPM) chip are not acceptable. One alternative is to use a software-based TPM (SW-TPM), which implements TPM functions using software that executes in a protected execution domain on the embedded processor itself. However, since many embedded systems have limited processing capabilities and are battery-powered, it is also important to ensure that the computational and energy requirements for SW-TPMs are acceptable. In this work, we perform an evaluation of the energy and execution time overheads for a SW-TPM implementation on a Sharp Zaurus PDA. We characterize the execution time and energy required by each TPM command through actual measurements on the target platform. In addition, we also evaluate the overheads of using SW-TPM in the context of various end applications, including trusted boot of the Linux operating system (OS), secure file storage, secure VoIP client, and secure web browser. Furthermore, we observe that for most TPM commands, the overheads are primarily due to the use of 2048-bit RSA operations that are performed within SW-TPM. In order to alleviate SW-TPM overheads, we evaluate the use of Elliptic Curve Cryptography (ECC) as a replacement for the RSA algorithm specified in the Trusted Computing Group (TCG) standards. Our experiments indicate that this optimization can significantly reduce SW-TPM overheads (an average of 6.51X execution time reduction and 6.75X energy consumption reduction for individual TPM commands, and an average of 10.25X execution time reduction and 10.75X energy consumption reduction for applications). Our work demonstrates that ECC-based SW-TPMs are a viable approach to realizing the benefits of trusted computing in resource-constrained embedded systems.
AB - Trusted platforms have been proposed as a promising approach to enhance the security of general-purpose computing systems. However, for many resource-constrained embedded systems, the size and cost overheads of a separate Trusted Platform Module (TPM) chip are not acceptable. One alternative is to use a software-based TPM (SW-TPM), which implements TPM functions using software that executes in a protected execution domain on the embedded processor itself. However, since many embedded systems have limited processing capabilities and are battery-powered, it is also important to ensure that the computational and energy requirements for SW-TPMs are acceptable. In this work, we perform an evaluation of the energy and execution time overheads for a SW-TPM implementation on a Sharp Zaurus PDA. We characterize the execution time and energy required by each TPM command through actual measurements on the target platform. In addition, we also evaluate the overheads of using SW-TPM in the context of various end applications, including trusted boot of the Linux operating system (OS), secure file storage, secure VoIP client, and secure web browser. Furthermore, we observe that for most TPM commands, the overheads are primarily due to the use of 2048-bit RSA operations that are performed within SW-TPM. In order to alleviate SW-TPM overheads, we evaluate the use of Elliptic Curve Cryptography (ECC) as a replacement for the RSA algorithm specified in the Trusted Computing Group (TCG) standards. Our experiments indicate that this optimization can significantly reduce SW-TPM overheads (an average of 6.51X execution time reduction and 6.75X energy consumption reduction for individual TPM commands, and an average of 10.25X execution time reduction and 10.75X energy consumption reduction for applications). Our work demonstrates that ECC-based SW-TPMs are a viable approach to realizing the benefits of trusted computing in resource-constrained embedded systems.
UR - http://www.scopus.com/inward/record.url?scp=34548301407&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=34548301407&partnerID=8YFLogxK
U2 - 10.1109/DATE.2007.364446
DO - 10.1109/DATE.2007.364446
M3 - Conference contribution
AN - SCOPUS:34548301407
SN - 3981080122
SN - 9783981080124
T3 - Proceedings -Design, Automation and Test in Europe, DATE
SP - 1128
EP - 1133
BT - Proceedings - 2007 Design, Automation and Test in Europe Conference and Exhibition, DATE 2007
T2 - 2007 Design, Automation and Test in Europe Conference and Exhibition
Y2 - 16 April 2007 through 20 April 2007
ER -