Efficient, secure, and isolated execution of cryptographic algorithms on a cryptographic unit

Yumbul, Kazım and Savaş, Erkay (2009) Efficient, secure, and isolated execution of cryptographic algorithms on a cryptographic unit. In: 2nd International Conference on Security of Information and Networks, SIN 2009, North Cyprus, Turkey

[thumbnail of p143-yumbul.pdf] PDF
p143-yumbul.pdf
Restricted to Registered users only

Download (397kB) | Request a copy

Abstract

Cryptographic algorithms handle sensitive information and their safe execution plays an essential role in many security applications. When implemented in software on general-purpose computers, cryptographic algorithms are vulnerable to a variety of attacks such as side-channel and cold-boot attacks since they either share hardware resources with other simultaneously executing processes or store sensitive information in easily accessible places (e.g. main memory). In this paper, we demonstrate that secure and isolated execution of cryptographic algorithms is possible on a cryptographic unit that can easily be integrated to all RISC processors. The cryptographic unit is capable of physically isolating the execution of cryptographic algorithms from all other simultaneously executing processes. By specifically providing an AES implementation running in this isolated execution environment we demonstrate that it is possible to provide physical process isolation for cryptographic algorithms without any significant overhead in execution time. Furthermore, the proposed technique protects the cryptographic applications against cold-boot and cache attacks as well as any other threats originated from other processes since the sensitive material never leave the cryptographic unit. We realized a RISC-based embedded processor with five-stage pipeline featuring the cryptographic unit on an FPGA device. We included the implementation results both for FPGA and ASIC realizations.
Item Type: Papers in Conference Proceedings
Uncontrolled Keywords: Security, Cryptographic Algorithms, AES, Public Key Cryptography, Instruction Set Extensions, Computer Architecture
Subjects: T Technology > TK Electrical engineering. Electronics Nuclear engineering > TK7800-8360 Electronics > TK7885-7895 Computer engineering. Computer hardware
Divisions: Faculty of Engineering and Natural Sciences > Academic programs > Computer Science & Eng.
Faculty of Engineering and Natural Sciences
Depositing User: Erkay Savaş
Date Deposited: 26 Nov 2009 23:48
Last Modified: 26 Apr 2022 08:53
URI: https://research.sabanciuniv.edu/id/eprint/12985

Actions (login required)

View Item
View Item