Yumbul, Kazım and Savaş, Erkay (2009) Efficient, secure, and isolated execution of cryptographic algorithms on a cryptographic unit. In: 2nd International Conference on Security of Information and Networks, SIN 2009, North Cyprus, Turkey
PDF
p143-yumbul.pdf
Restricted to Registered users only
Download (397kB) | Request a copy
p143-yumbul.pdf
Restricted to Registered users only
Download (397kB) | Request a copy
Abstract
Cryptographic algorithms handle sensitive information and their safe execution plays an essential role in many security applications. When implemented in software on general-purpose computers, cryptographic algorithms are vulnerable
to a variety of attacks such as side-channel and cold-boot attacks since they either share hardware resources with other simultaneously executing processes or store sensitive information in easily accessible places (e.g. main memory). In
this paper, we demonstrate that secure and isolated execution of cryptographic algorithms is possible on a cryptographic unit that can easily be integrated to all RISC processors. The cryptographic unit is capable of physically isolating
the execution of cryptographic algorithms from all other simultaneously executing processes. By specifically providing an AES implementation running in this isolated execution environment we demonstrate that it is possible to provide physical process isolation for cryptographic algorithms without any significant overhead in execution time. Furthermore, the proposed technique protects the cryptographic applications against cold-boot and cache attacks as
well as any other threats originated from other processes since the sensitive material never leave the cryptographic unit. We realized a RISC-based embedded processor with five-stage pipeline featuring the cryptographic unit on an
FPGA device. We included the implementation results both for FPGA and ASIC realizations.
Item Type: | Papers in Conference Proceedings |
---|---|
Uncontrolled Keywords: | Security, Cryptographic Algorithms, AES, Public Key Cryptography, Instruction Set Extensions, Computer Architecture |
Subjects: | T Technology > TK Electrical engineering. Electronics Nuclear engineering > TK7800-8360 Electronics > TK7885-7895 Computer engineering. Computer hardware |
Divisions: | Faculty of Engineering and Natural Sciences > Academic programs > Computer Science & Eng. Faculty of Engineering and Natural Sciences |
Depositing User: | Erkay Savaş |
Date Deposited: | 26 Nov 2009 23:48 |
Last Modified: | 26 Apr 2022 08:53 |
URI: | https://research.sabanciuniv.edu/id/eprint/12985 |