Secure Internal Communication of a Trustzone-Enabled Heterogeneous Soc Lightweight Encryption

TL;DR

This paper investigates secure internal communication in TrustZone-enabled heterogeneous SoCs by evaluating lightweight stream ciphers for encrypted data exchange, demonstrating their efficiency with minimal overhead.

Contribution

It introduces a feasible approach for encrypted internal communication in TrustZone-enabled SoCs using lightweight stream ciphers, validated on Xilinx Zynq hardware.

Findings

Lightweight stream ciphers are effective for internal encryption.

Encryption incurs minimal performance overhead.

Feasibility demonstrated on Xilinx Zynq-7010 platform.

Abstract

Security in TrustZone-enabled heterogeneous system-on-chip (SoC) is gaining increasing attention for several years. Mainly because this type of SoC can be found in more and more applications in servers or in the cloud. The inside-SoC communication layer is one of the main element of heterogeneous SoC; indeed all the data goes through it. Monitoring and controlling inside-SoC communications enables to fend off attacks before system corruption. In this article, we study the feasibility of encrypted data exchange between the secure software executed in a trusted execution environment (TEE) and the secure logic part of an heterogeneous SoC. Experiment are done with a Xilinx Zynq-7010 SoC and two lightweight stream ciphers. We show that using lightweight stream ciphers is an efficient solution without excessive overheads.