Efficient, secure, and isolated execution of cryptographic algorithms on a cryptographic unit

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Efficient, secure, and isolated execution of cryptographic algorithms on a cryptographic unit

Full text

Pdf (398 KB)

Source

International Conference on Security of Information and Networks archive
Proceedings of the 2nd international conference on Security of information and networks table of contents

North Cyprus, Turkey

SESSION: CS.3 CS: cryptography, security, and networks table of contents

Pages 143-151

Year of Publication: 2009

ISBN:978-1-60558-412-6

Authors

Kazim Yumbul	Gebze Institute of Technology, Kocaeli, Turkey
Erkay Savaş	Sabanci University, Istanbul, Turkey

Sponsor

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 21, Downloads (12 Months): 21, Citation Count: 0

Additional Information:

abstract references index terms

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1626195.1626233 What is a DOI?

ABSTRACT

Cryptographic algorithms handle sensitive information and their safe execution plays an essential role in many security applications. When implemented in software on general-purpose computers, cryptographic algorithms are vulnerable to a variety of attacks such as side-channel and cold-boot attacks since they either share hardware resources with other simultaneously executing processes or store sensitive information in easily accessible places (e.g. main memory). In this paper, we demonstrate that secure and isolated execution of cryptographic algorithms is possible on a cryptographic unit that can easily be integrated to all RISC processors. The cryptographic unit is capable of physically isolating the execution of cryptographic algorithms from all other simultaneously executing processes. By specifically providing an AES implementation running in this isolated execution environment we demonstrate that it is possible to provide physical process isolation for cryptographic algorithms without any significant overhead in execution time. Furthermore, the proposed technique protects the cryptographic applications against cold-boot and cache attacks as well as any other threats originated from other processes since the sensitive material never leave the cryptographic unit. We realized a RISC-based embedded processor with five-stage pipeline featuring the cryptographic unit on an FPGA device. We included the implementation results both for FPGA and ASIC realizations.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Onur Aciicmez and Cetin Kaya Koc. Trace-Driven Cache Attacks on AES (short paper). In Peng Ning, Sihan Qing, and Ninghui Li, editors, ICICS, volume 4307 of LNCS, pages 112--121. Springer Verlag, Berlin, Germany, 2006.
	2	Onur Aciicmez, Werner Schindler, and Cetin Kaya Koc. Cache-Based Remote Timing Attacks on the AES. In MAsayuki Abe, editor, CT-RSA, volume 4377 of LNCS, pages 271--286. Springer Verlag, Berlin, Germany, 2007.
	3	ARM. TrustZone Technology Overview. http://www.arm.com/products/security/trustzone/.
	4	P. Barreto. The AES Block Cipher in C++. Website, 2003. http://planeta.terra.com.br/informatica/.
	5	Johannes Bl¨omer and Volker Krummel. Analysis of Countermeasures Against Access Driven Cache Attacks on AES. In Carlisle M. Adams, Ali Miri, and Michael J. Wiener, editors, Selected Areas in Cryptography, volume 4876 of LNCS, pages 96--109. Springer, 2007.
	6	Ernie Brickell, Liqun Chen, and Jiangtao Li. A new direct anonymous attestation scheme from bilinear maps. In Peter Lipp, Ahmad-Reza Sadeghi, and Klaus-Michael Koch, editors, TRUST, volume 4968 of Lecture Notes in Computer Science, pages 166--178. Springer, 2008.
	7	Liqun Chen, Paul Morrissey, and Nigel P. Smart. Pairings in trusted computing. In Steven D. Galbraith and Kenneth G. Paterson, editors, Pairing, volume 5209 of Lecture Notes in Computer Science, pages 1--17. Springer, 2008.
	8	Dwaine E. Clarke, Srinivas Devadas, Marten van Dijk, Blaise Gassend, and G. Edward Suh. Incremental multiset hash functions and their application to memory integrity checking. In Chi-Sung Laih, editor, ASIACRYPT 2003, volume 2894 of Lecture Notes in Computer Science, pages 188--207. Springer-Verlag, 2003.
	9	Dwaine E. Clarke, G. Edward Suh, Blaise Gassend, Ajay Sudan, Marten van Dijk, and Srinivas Devadas. Towards constant bandwidth overhead integrity checking of untrusted data. In IEEE Symposium on Security and Privacy, pages 139--153. IEEE Computer Society, 2005.
	10	Henri Cohen, Atsuko Miyaji, and Takatoshi Ono. Efficient elliptic curve exponentiation using mixed coordinates. In Kazuo Ohta and Dingyi Pei, editors, ASIACRYPT, volume 1514 of LNCS, pages 51--65. Springer, 1998.
	11	Jean-Sébastien Coron, David Naccache, and Paul C. Kocher. Statistics and secret leakage. ACM Trans. Embedded Comput. Syst., 3(3):492--508, 2004.
	12	Intel Corporation. LeGrande technology preliminary architecture specification. Intel Publication no. D52212, May 2006.
	13	D. Bernstein. Cache-Timing Attacks on AES. Website, 2005. http://cr.yp.to/papers.html#cachetiming. Advanced Micro Devices. AMD64 virtualization: Secure virtual machine architecture manual. AMD Publication no. 33047 rev. 3.01, May 2005.
	14	A.O. Durahim, E. Savas, T.B. Pedersen, B. Sunar, and O. Kocabas. Transparent code authentication at the processor level. IET Computers and Digital Techniques, to appear, 2009.
	15	A. Murat Fiskiran and Ruby B. Lee. On-Chip Lookup Tables for Fast Symmetric-Key Encryption. In ASAP, pages 356--363. IEEE Computer Society, 2005.
	16	Blaise Gassend, G. Edward Suh, Dwaine E. Clarke, Marten van Dijk, and Srinivas Devadas. Caches and hash trees for efficient memory integrity. In Proceedings of Ninth International Symposium of High Performance Computer Architecture (HPCA 2003), pages 295--306, February 2003.
	17	Philipp Grabher, Johann Großschädl, and Dan Page. Light-weight instruction set extensions for bit-sliced cryptography. In Elisabeth Oswald and Pankaj Rohatgi, editors, CHES, volume 5154 of Lecture Notes in Computer Science, pages 331--345. Springer, 2008.
	18	Johann Großschädl and Erkay Savas. Instruction Set Extensions for Fast Arithmetic in Finite Fields GF(p) and GF(2m). In Marc Joye and Jean-Jacques Quisquater, editors, CHES, volume 3156 of LNCS, pages 133--147. Springer, 2004.
	19	Johann Großschädl, Stefan Tillich, and Alexander Szekely. Performance Evaluation of Instruction Set Extensions for Long Integer Modular Arithmetic on a SPARC V8 Processor. In DSD, pages 680--689. IEEE, 2007.
	20	J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten. Lest We Remember: Cold Boot Attacks on Encryption Keys. In Proc. 17th USENIX Security Symposium (Sec '08), San Jose, CA, July 2008.
	21	Paul C. Kocher. Timing attacks on implementations of diffie-hellman, rsa, dss, and other systems. In Neal Koblitz, editor, CRYPTO, volume 1109 of Lecture Notes in Computer Science, pages 104--113. Springer, 1996.
	22	Paul C. Kocher, Joshua Jaffe, and Benjamin Jun. Differential power analysis. In Michael J. Wiener, editor, CRYPTO, volume 1666 of Lecture Notes in Computer Science, pages 388--397. Springer, 1999.
	23	Jonathan M. McCune, Bryan Parno, Adrian Perrig, Michael K. Reiter, and Hiroshi Isozaki. Flicker: an execution infrastructure for tcb minimization. In Joseph S. Sventek and Steven Hand, editors, EuroSys, pages 315--328. ACM, 2008.
	24	Dag Arne Osvik, Adi Shamir, and Eran Tromer. Cache Attacks and Countermeasures: The Case of AES. In David Pointcheval, editor, CT-RSA, volume 3860 of LNCS, pages 1--20. Springer, 2006.
	25	Ovunc Kocabas, Erkay Savas, and Johann Großschädl. Enhancing an embedded processor core with a cryptographic unit for speed and security. In RECONFIG '08: Proceedings of the 2008 International Conference on Reconfigurable Computing and FPGAs, pages 409--414, Washington, DC, USA, 2008. IEEE Computer Society.
	26	D. Page. Partitioned cache architecture as a side channel defence mechanism. Cryptography ePrint Archive, Report 2005/280, August, 2005. citeseer.ist.psu.edu/page05partitioned.html.
	27	Tensilica. Xtensa LX2 Embedded Processor Core. Website. http://www.tensilica.com/products/xtensa_LX2.htm.
	28	Stefan Tillich and Johann Großschädl. Instruction Set Extensions for Efficient AES Implementation on 32-bit Processors. In Louis Goubin and Mitsuru Matsui, editors, CHES, volume 4249 of LNCS, pages 270--284. Springer, 2006.
	29	Trusted Computing Group, Incorporated. TCG Software Stack (TSS), Specification Version 1.2, Level 1. Part1: Commands and Structures, January 6 2006. https://www.trustedcomputinggroup.org/specs/TSS/TSS_Version_1.2_Level_1_FINAL.pdf.
	30	Tobias Vejda, Dan Page, and Johann Großschädl. Instruction Set Extensions for Pairing-Based Cryptography. In Tsuyoshi Takagi, Tatsuaki Okamoto, Eiji Okamoto, and Takeshi Okamoto, editors, Pairing, volume 4575 of LNCS, pages 208--224. Springer, 2007.
	31	Chenyu Yan, Daniel Englender, Milos Prvulovic, Brian Rogers, and Yan Solihin. Improving cost, performance, and security of memory encryption and authentication. In ISCA, pages 179--190. IEEE Computer Society, 2006.
	32	Jun Yang, Lan Gao, and Youtao Zhang. Improving memory encryption performance in secure processors. IEEE Trans. Computers, 54(5):630--640, 2005.