Design and implementation of a cryptographic unit for efficient, secure and trusted execution of cryptographic algorithms

Yumbul, Kazım and Savaş, Erkay and Kocabaş, Övünç and Grossshaedl, Johann (2009) Design and implementation of a cryptographic unit for efficient, secure and trusted execution of cryptographic algorithms. (Submitted)

PDF (This is a RoMEO green publisher -- author can archive pre-print (ie pre-refereeing) and post-print (ie final draft post-refereeing) ; author cannot archive publisher's version/PDF) - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader


Cryptographic algorithms, although being secure in theoretical construction, have many practical implementation challenges since they feature compute- and resource- intensive operations and handles sensitive information. When implemented in software on general-purpose processors, they are vulnerable to a multitude of attacks. In this paper, we design, implement, and realize a cryptographic unit that can easily be integrated to any RISC type processor for the safe and efficient execution of cryptographic algorithms. Design of the cryptographic unit takes a completely novel approach in the execution of cryptographic algorithms when compared to cryptographic accelerators and architectural enhancements. Although it is integrated to a pipeline of an embedded RISC processor, it is partially an autonomous unit with its own resources, which is analogous to the floating-point unit in this sense. It provides new instructions to accelerate cryptographic algorithms considerably and its associated cost in terms of area is acceptable and justified by the improvement in the performance and efficiency.The cryptographic unit can also be instrumental in protecting the cryptographic computation against active and passive attacks, and other malicious processes running simultaneously. We demonstrate that the execution of AES encryption can be performed inside the cryptographic unit without any secret and/or sensitive information ever leaving the cryptographic unit during the entire computation. Thus, cryptographic keys and the entire cryptographic computation itself are protected against many powerful attacks such as cache-based side-channel and cold-boot attacks that would compromise the security in entirety otherwise.

Item Type:Article
Subjects:T Technology > TK Electrical engineering. Electronics Nuclear engineering > TK7800-8360 Electronics > TK7885-7895 Computer engineering. Computer hardware
Q Science > QA Mathematics > QA075 Electronic computers. Computer science
ID Code:12984
Deposited By:Erkay Savaş
Deposited On:26 Nov 2009 23:52
Last Modified:26 Nov 2009 23:52

Repository Staff Only: item control page