A New Security Platform for High Performance Client...
Transcript of A New Security Platform for High Performance Client...
© 2018 Arm Limited
October 2018
A New Security Platform for High Performance Client SoCs
Udi Maor, Sr. Product manager, Client Line of Business
© 2018 Arm Limited2
Agenda
• What are Client devices?
• Arm’s approach to Trusted Execution on Client devices
• Introducing CryptoCell-713
• Features in CryptoCell-713
• Our motivation: Life Cycle of embedded security
• Premium content
• AI/ML algorithms
• Introducing CryptoCell-703
• Summary
• Q&A
© 2018 Arm Limited3
What are “Client” devices?
© 2018 Arm Limited4
Arm’s approach to Trusted Execution on Client devices
System & Security IP
TBSA TBBR & TF-A
TrustZone
© 2018 Arm Limited5
Introducing CryptoCell-713Enabling a robust, up-to-date, TEE
Performant and efficient SM2/3/4
Side Channel Attack countermeasures
Robust asset isolationUp to 10s of
Man Years saved
© 2018 Arm Limited6
Text 30pt sentence case
A (simplified) Life Cycle of embedded security
Feature introduced
Adopted by the market
Value is increased
Becomes prone to attacks
Robustness rules are updated
Cost/Effort To Attack
Asset valueSW
security
HW based security
Physical security
© 2018 Arm Limited7
Text 30pt sentence case
Client security trendsPremium content
Feature introduced
Adopted by market
Value increases
Becomes prone to attacks
Robustness rules updated
https://www.rapidtvnews.com/2017121850128/china-s-iqiyi-to-stream-the-shape-of-water-three-billboards-outside-ebbing-missouri.html
https://www.emarketer.com/content/the-subscription-video-on-deman-market-in-china-is-booming
http://4k.com/news/4k-content-ripped-by-pirates-from-netflix-and-amazon-is-flooding-the-torrent-sites-11276/
https://medium.com/@tanayj/how-much-are-you-worth-to-netflix-2fb61feb5441
© 2018 Arm Limited8
Text 30pt sentence case
Client security trendsAI/ML algorithms
TBD?
Feature introduced
Adopted by market
Value increases
Becomes prone to attacks
Robustness rules updated
https://www.slideshare.net/kstan2/tensorflow-on-android
https://www.androidauthority.com/bixby-vs-google-assistant-vs-siri-763201/
https://www.marketresearchfuture.com/reports/voice-assistant-market-4003
https://heartbeat.fritz.ai/reverse-engineering-core-ml-6d6f1c2bdab0
© 2018 Arm Limited9
• Keeping:
• CryptoCell-712’s feature set, including FIPS 140-2 certifiability
• Adding:
• High performance SM2, SM3 and SM4
• TZMP readiness
• Side Channel Attacks mitigation option
• Enhancing:
• Robustness of Secure Boot (code loading)
• Robustness of provisioning
Features in CryptoCell-713
© 2018 Arm Limited10
CryptoCell’s performance and efficiency benefits
• Arm invests in the pre-integration of CryptoCellwith other IPs (CPUs, MM, System)
• Sub-systems such as SGM-775
• Demos such as the TZMP1 demo presented at LinaroConnect
• Clear benefits of CryptoCell efficiency in real-life use cases:
• Up to 20X less dynamic power consumption (SGM-775)
• 80% increased throughput compared to software in TZMP use-case
© 2018 Arm Limited11
Flickering is visible No flickering
Decryption running on CPU Decryption running on CryptoCell
Decryption Differences
© 2018 Arm Limited12
Decryption running on CPU Decryption running on CryptoCell
Flickering is visible - Load average is higher than number of cores
No flickering - Load average is lower than number of cores
Decryption Differences
© 2018 Arm Limited13
Time-to-Market savings
• CryptoCell-713 is FIPS 140-2 certifiable, similar to the recent CryptoCell-712 certification
• Best practices and reference security policy available to partners
• FIPS 140-2 readiness alone can save SiPs/OEMs over 10MY of effort
• Chinese ciphers are designed to be GM/T 0028-2014 compliant
© 2018 Arm Limited14
Introducing CryptoCell-703
• Focused on new requirements for using Chinese ciphers
• In case the only missing functionality is SM2/3/4
• Side Channel Attacks mitigation option
© 2018 Arm Limited15
Summary
• The Client trusted execution landscape is evolving
• Arm offers 2 new CryptoCell products to enable comprehensive, up-to-date TEEs, while keeping Time-To-Market short
© 2018 Arm Limited16
Questions?
1717 © 2018 Arm Limited
Thank You!Danke!Merci!谢谢!ありがとう!Gracias!Kiitos!감사합니다धन्यवाद