title   
  

Efficient, secure, and isolated execution of cryptographic algorithms on a cryptographic unit

Yumbul, Kazım and Savaş, Erkay (2009) Efficient, secure, and isolated execution of cryptographic algorithms on a cryptographic unit. In: 2nd International Conference on Security of Information and Networks, SIN 2009, North Cyprus, Turkey

[img]PDF - Registered users only - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
388Kb

Abstract

Cryptographic algorithms handle sensitive information and their safe execution plays an essential role in many security applications. When implemented in software on general-purpose computers, cryptographic algorithms are vulnerable to a variety of attacks such as side-channel and cold-boot attacks since they either share hardware resources with other simultaneously executing processes or store sensitive information in easily accessible places (e.g. main memory). In this paper, we demonstrate that secure and isolated execution of cryptographic algorithms is possible on a cryptographic unit that can easily be integrated to all RISC processors. The cryptographic unit is capable of physically isolating the execution of cryptographic algorithms from all other simultaneously executing processes. By specifically providing an AES implementation running in this isolated execution environment we demonstrate that it is possible to provide physical process isolation for cryptographic algorithms without any significant overhead in execution time. Furthermore, the proposed technique protects the cryptographic applications against cold-boot and cache attacks as well as any other threats originated from other processes since the sensitive material never leave the cryptographic unit. We realized a RISC-based embedded processor with five-stage pipeline featuring the cryptographic unit on an FPGA device. We included the implementation results both for FPGA and ASIC realizations.

Item Type:Papers in Conference Proceedings
Uncontrolled Keywords:Security, Cryptographic Algorithms, AES, Public Key Cryptography, Instruction Set Extensions, Computer Architecture
Subjects:T Technology > TK Electrical engineering. Electronics Nuclear engineering > TK7800-8360 Electronics > TK7885-7895 Computer engineering. Computer hardware
ID Code:12985
Deposited By:Erkay Savaş
Deposited On:26 Nov 2009 23:48
Last Modified:26 Nov 2009 23:48

Repository Staff Only: item control page