吐了，好tm难懂

Remote attestation is a method by which a host (client) authenticates it’s hardware and software configuration to a remote host (server). The goal of remote attestation is to enable a remote system (challenger) to determine the level of trust in the integrity of platform of another system (attestator). The architecture for remote attestation consists of two major components: Integrity measurement architecture and remote attestation protocol.

Secure boot is a security standard developed by members of the PC industry to help make sure that a device boots using only software that is trusted by the Original Equipment Manufacturer (OEM). When the PC starts, the firmware checks the signature of each piece of boot software, including UEFI firmware drivers (also known as Option ROMs), EFI applications, and the operating system. If the signatures are valid, the PC boots, and the firmware gives control to the operating system.

A trusted computing base (TCB) refers to all of a computer system’s hardware, firmware and software components that combine to provide the system with a secure environment.

问题：secure the FPGA-based accelerator

purely cryptographic solution like homomorphic encryption is expensive.
traditional cryptographic libraries depend on a large trusted computing base (TCB), suffering from potentially malicious employees.
CPU-based trusted execution environment (TEE) like SGX and TrustZone. However, it’s harden and security method like cryptography is evolving; different compute and communication pattern requires different level of protection; SGX bugs.
CPU-based TEE can’t be used on FPGA.

现有TEE for FPGA的问题

direct physical attacks
require fundamental hardware changes
address isolated challenges
rely on CPU TEE

ShEF, hardware-based bespoke security and customizable acceleration.

Decouple from CPU TEE and don’t trust CPU TEE and the software running on CPU；

Customization 保证给unique accelerator 提供合适的security mechanism，仅提供right levels of protection节约资源。

ShEF 组成：

ShEF boot process centers (softwre security kernel)
- load accelerator to a known and trusted state on the FPGA
- attest the state
- secure the ports
ShEF shield:
- communicate with host software and protects data through customizable soft-logic engines.

贡献：

确定cloud FPGA TEE 要求
实现了first comprehensive and customizable TEE在cloud FPGA
Protocol enable TEE building block including secure boot and remote attestation
Customizability

conventional FPGA security mechnisms：仅加载签名的bitstream; 加密bitstream; 防止FPGA被篡改。

SPB（security processor block) can access AES key and public ECDSA/RSA key. Developer 用AES key加密或者用RSA私钥签名，SPB用于解密或者验证。SPB能够监控tampering.

A lack of asymmetric keys: 其他设备不能access to FPGA利用AES key，所以FPGA TEE需要在top of the AES key上建立hardware root of trust 和remote attestation protocol.

Presence of an untrusted shell: In CPU, enclave can access secure hardware bypassing the untrusted OS. But in FPGA, the fabric is spatially shared with the untrusted Shell logic.

Lack of secure and flexible I/O: 不同加速器需要不同的off-chip I/O security requirement. Current work on FPGA security ignore the lack of secure I/O as a result of the Shell. 也没有给不同加速器提供不同安全机制。

four parties: (注意单双钥)
- manufacturer: device key(AES密钥对称)， asymmetric public/private device key pair (RSA公私钥)
  1. private key put on SPB and encryption by AES
  2. register and publish public device key
- IP vendor: accelerator I/O connect to ShEF Shield. ShEF secures I/O and isolated execution. symmetric bitstream encryption key. **asymmetric ** Shield Encryption Key.
  1. develop an IP
  2. 用private Shield Encryption Key嵌入Shield模块再整体编译为partial bitstream，再用Bitstream Encryption Key加密变成encrypted partial bitstream
  accelerator bitstream相同，Data Owner的 Shield Encryption Key不同，用于attestation
- Data Owner：
  1. FPGA instance from CSP
  2. FPGA driver reset FPGA (secure boot process)
    
    注意security kernel是soft CPU
  3. SPB firmware boots the ShEF Security Kernel from external storage onto a dedicated Security Kernel Processor executing. 把ShEF的security Kernel 加载到Security Kernel Processor (reserved hardened CPU on FPGA or a static bitstream containing a soft CPU)
  4. perform remote attestation with Data Owner and IP Vendor. FPGA device, SK,and accelerator partial bitstream are authentic.
  5. - CSP先用SK加载Shell，
    - SK receives the accelerator Bitstream Encryption Key from IP Vendor and decrypt and load the accelerator onto FPGA,
    - connecting it to the Shell interface via partial reconfiguration.
  6. Data Owner生成symmetric Data Encryption Key 加密敏感输入数据，用IP Vendor的public Shield Encryption Key 加密Data Encryption Key, 生成Load Key. Load Key负责把Data Encryption Key供给ShEF shield module.
  7. Data Owner通过不安全的ShEF host program untrusted host CPU to accelerator.
    
    host program 把Load Key和加密数据传给FPGA，ShEF Shield使用private Shield Encryption Key解密得到Data Encryption Keys解密数据。输出再用DEK加密传给Data Owner.

secure boot

Security enabling TEE building blocks：作为FPGA 当前启动方式的补充
1. BootROM decrypts the SPB firmware using the AES device key and hand off the boot process to it.
2. secure boot
  
  H(SecKrnl)H(SecKrnl)H(SecKrnl) signed by DeviceKeyprivDeviceKey_{priv}DeviceKeypriv: AttestKeypriv,pubAttestKey_{priv,pub}AttestKeypriv,pub
  
  certification: σSecKrnl=SignDeviceKey(H(SecKrnl),AttestKeypub)\sigma_{SecKrnl} = Sign_{DeviceKey}(H(SecKrnl), AttestKey_{pub})σSecKrnl=SignDeviceKey(H(SecKrnl),AttestKeypub)
  
  Security Kernel private memory stores AttestKeypriv,pubAttestKey_{priv,pub}AttestKeypriv,pub和σSecKrnl\sigma_{SecKrnl}σSecKrnl.
3. remote attestation
  - Data Owner generates an ephemeral Data Encryption Key
  - IP Vendor validate the authenticity of FPGA device and bitstream
  - Security Kernel receives the Bitstream Key required to load the accelerator
Secure Storage and I/O
1. IP Vendor provides the public Shield Encryption Key to the Data Owner
2. Data Owner generates Data Encryption Key
  
  $Load Key = Enc_{ShieldEncKey}(DataEncKey) $
  
  Data Owner encrypts sensitive input data with Data Encryption Key.
  
  Load Key send to FPGA Shield and get Data Encryption Key.
  
  注意这块是在上个环节Security Kernel 收到了Bitstream Key. Decrypt accelerator bitstream and get private Shield Encryption Key.

ShEF shield

突发burst是指的是同一行中相邻的存储单元连续进行数据传输的方式，只需要给出读写命令和开始地址，就就开始读/写一定长度的数据，地址自动递增。

Shield is a RTL module that provides isolated execution and secure I/O and storage by interpsing on ports between the accelerator and Shell.
register interface provides authenticated encryption. Data from host program will be decrypts and authenticates before stroing into the accelerators’s plaintext register.
Cryptographic engines: encryption(AES) and authentication(HMAC/PAMC)
Chunk size: chunk size specifies the granularity of each authenticated encryption chunk
On-chip buffers: store decrypted and authenticated plaintext data and their address ranges
Advanced integrity verification: Merkle Trees over counter to prevent replay attacks

问题：secure the FPGA-based accelerator
存在问题：现有加密算法计算复杂，依赖CPU的library，不同应用的安全需求不同，CPU的TEE不能直接在FPGA运行。
现有FPGA加速器现有用于accelerator TEE存在问题：不能防御direct physical attacks, require fundamental hardware changes, address isolated challenges, rely on external CPU TEE, ignore Shell（cloud FPGA logic 不可信的操作系统）

解决方案：
ShEF: 由secure boot, configurable remote attestation process, Shield logic for run-time isolation execution组成。

ShEF boot process center构建chain of trust，保证accelerator加载到FPGA安全位置，remote attestation process，保证敏感端口如JTAG安全。
ShEF shield 与host software通信，通过soft-logic engine保护加速器敏感数据。高度可定制，根据需求分配资源。

摘要：

问题：public cloud process sensitive data.
Solution: ShEF trusted execution environment for cloud-based reconfigurable accelerator.
ShEF allow secure execution under a threat model (The system can be attacked.)
Secure boot and remote attestation process
Shield component provides secure access to data while the accelerator is in use.

1.introduction

问题：data leak shows a vulnerability in any layer of the stack can result in exposure of highly-sensitive information.
现有方案：cryptographic solution e.g. homomorphic encryption (HE，同态加密)，但HE计算复杂，传统加密算法libraries仍然依赖于TCB（trusted computing base）
基于CPU 的TEE（trusted execution environment）如Intel SGX 和 ARM Trustzone，存在密码学不断发展、不同应用需要安全性不同，SGX有安全漏洞，基于CPU的TEE不能直接在FPGA上运行

问题：远程FPGA的安全执行重要，FPGA用于加速器
现有用于accelerator TEE存在问题：不能防御direct physical attacks, require fundamental hardware changes, address isolated challenges, rely on external CPU TEE, ignore Shell（cloud FPGA logic 不可信的操作系统）

本文设计了ShEF, hardware-based bespoke security and customizable acceleration.
Decouple from CPU TEE and don’t trust CPU TEE and the software running on CPU；
Customization 保证给unique accelerator 提供合适的security mechanism，仅提供right levels of protection节约资源。

ShEF 两部分组成：
ShEF boot process center构建chain of trust，保证accelerator加载到FPGA安全位置，远程证明状态，保证敏感端口如JTAG安全。
ShEF shield 与host software通信，通过soft-logic engine保护加速器敏感数据。高度可定制，根据需求分配资源。

贡献：

确定cloud FPGA TEE 要求
实现了first comprehensive and customizable TEE在cloud FPGA
Protocol enable TEE building block including secure boot and remote attestation
Customizability

2.background

2.1TEE

介绍了TEE的工作流程和功能
Secure boot extend trust by cryptographically measuring each component during boot
Remote attestation process: integrity measurement.
Secure storage and I/O
Insolated execution

FPGA的TEE也需要可定制

2.2conventional FPGA security mechanisms

Security processor block(SPB): 保证only developer-signed bitstreams can be loaded; bitstreams are encrypted to prevent reverse-engineering; FPGA can detect and respond to physical tampering.

SPB包括 ASE key (对称)和the hash of a public ECDSA or RSA key（非对称）
部署前嵌入密钥，采用AES加密或者ECDSA/RSA私钥签名，然后再SPB中进行解密（AES）或者认证（public key hash），SPB最终监视篡改。

2.3remote FPGA as a Service

Design time : Accelerator I/O接到shell的interfaces，
Deployment time: 动态program chosen bitstream onto the remaining reconfigurable region。
Once programmed, host CPU 启动加速器并数据传输。

2.4 challenges for secure and customized computing

A lack of asymmetric keys: build a hardware root-of-trust and remote attestation protocol on top of the available AES key.

Presence of an untrusted shell: In CPU, enclave can access secure hardware bypassing the untrusted OS. But in FPGA, the fabric is spatially shared with the untrusted Shell logic.

2.5 Threat model

7.Related work

CPU enclave
Accelerator enclaves
FPGA security

8.conclusion

Secure boot; configurable remote attestation process; Shield logic for run-time isolation execution

https://www.cnblogs.com/dhcn/p/12795777.html
完整性挑战协议：
用于挑战者与平台之间传输数据，最主要的数据就是ML和TPM Aggregate，该协议通过TPM和密码学理论保证传输的数据是机密的、完整的。该协议号称能够阻止：1）重放攻击；2）篡改攻击；3）假面攻击。

目前该部分现在通常称为“远程证实”。

【文献阅读】ShEF: Shielded Enclaves for Cloud FPGAs相关推荐

利用Python, PyQt5,Selenium,百度图像识别API制作文献阅读辅助工具
开发背景作为一名科研狗,经常需要读一些外文文献并且做笔记,有时还需要全文翻译以备后用.这时候会遇到一些问题: PDF和CAJ文件直接复制出来的东西含有大量无用的换行符,手动删除十分麻烦: 有的文献是 ...
四位科研牛人介绍的文献阅读经验
每天保持读至少2-3 篇的文献的习惯.读文献有不同的读法,但最重要的自己总结概括这篇文献到底说了什么,否则就是白读,读的时候好像什么都明白,一合上就什么都不知道,这是读文献的大忌,既浪费时间,最 ...
最大熵模型（Maximum Entropy Model）文献阅读指南
最大熵模型(Maximum Entropy Model)是一种机器学习方法,在自然语言处理的许多领域(如词性标注.中文分词.句子边界识别.浅层句法分析及文本分类等)都有比较好的应用效果.张乐博士的最大 ...
条件随机场（Conditional random fields，CRFs）文献阅读指南
与最大熵模型相似,条件随机场(Conditional random fields,CRFs)是一种机器学习模型,在自然语言处理的许多领域(如词性标注.中文分词.命名实体识别等)都有比较好的应用效果.条 ...
文献阅读疑问(202010)
学习笔记,仅供参考文章目录文献阅读疑问 Unsupervised Deep Embedding for Clustering Analysis 文献阅读疑问 Unsupervised Deep E ...
那些文献阅读能力爆表的科研学子，都在偷偷做这件事……
对于广大科研学子来说,阅读文献这件事可谓是贯穿整个学术生涯,因为文献是了解现在所学专业的领域切入点,且做科研遇到难题时还可以在文献中寻找答案. 以及科研实验完毕后,若是准备发表论文,那么还得再看看文献 ...
知云文献翻译_工具推荐 | 知云学术翻译，让外文文献阅读不再难
点击上方蓝字"Edtshare"一起玩耍想必大家都经历过阅读外文文献的痛苦吧:专有名词不会.嵌套从句不懂.好不容易单词和句子都看懂了,连起来在说啥又一头雾水.笔者曾经深受其苦,所 ...
文献阅读005【精读】
Markov Weight Fields for Face Sketch Synthesis 相关知识点:马尔可夫随机场(MRF) 1. Introduction 画像合成方法:MRF(Markov ...
知云文献翻译打不开_比有道更好用的英文文献阅读翻译神器免费啦
知云文献翻译软件免费啦!您扫下面二维码就就可以得到,不需转发朋友圈.不配一款神器,科研哪来效率!有了这款神器,科研都变得更简单! 用它直接打开英文pdf文献,随便选中一段话,右侧立即给出翻译,不再需要 ...

【文献阅读】ShEF: Shielded Enclaves for Cloud FPGAs