Design and implementation of a cryptographic unit for efficient, secure and trusted execution of cryptographic algorithms
Yumbul, Kazım and Savaş, Erkay and Kocabaş, Övünç and Grossshaedl, Johann (2009) Design and implementation of a cryptographic unit for efficient, secure and trusted execution of cryptographic algorithms. (Submitted)
Cryptographic algorithms, although being secure in theoretical construction, have many practical implementation challenges since they feature compute- and resource- intensive operations and handles sensitive information. When implemented in software on general-purpose processors, they are vulnerable to a multitude of attacks. In this paper, we design, implement, and realize a cryptographic unit that can easily be integrated to any RISC type processor for the safe and efficient execution of cryptographic algorithms. Design of the cryptographic unit takes a completely novel approach in the execution of cryptographic algorithms when compared to cryptographic accelerators and architectural enhancements. Although it is integrated to a pipeline of an embedded RISC processor, it is partially an autonomous unit with its own resources, which is analogous to the floating-point unit in this sense. It provides new instructions to accelerate cryptographic algorithms considerably and its associated cost in terms of area is acceptable and justified by the improvement in the performance and efficiency.The cryptographic unit can also be instrumental in protecting the cryptographic computation against active and passive attacks, and other malicious processes running simultaneously. We demonstrate that the execution of AES encryption can be performed inside the cryptographic unit without any secret and/or sensitive information ever leaving the cryptographic unit during the entire computation. Thus, cryptographic keys and the entire cryptographic computation itself are protected against many powerful attacks such as cache-based side-channel and cold-boot attacks that would compromise the security in entirety otherwise.
Repository Staff Only: item control page