Title :
Architecture for protecting critical secrets in microprocessors
Author :
Lee, Ruby B. ; Kwan, Peter C S ; McGregor, John P. ; Dwoskin, Jeffrey ; Wang, Zhenghong
Author_Institution :
Dept. of Electr. Eng., Princeton Univ., NJ, USA
Abstract :
We propose "secret-protected (SP)" architecture to enable secure and convenient protection of critical secrets for a given user in an on-line environment. Keys are examples of critical secrets, and key protection and management is a fundamental problem - often assumed but not solved nderlying the use of cryptographic protection of sensitive files, messages, data and programs. SP-processors contain a minimalist set of architectural features that can be built into a general-purpose microprocessor to provide protection of critical secrets and their computations, without expensive or inconvenient auxiliary hardware. SP-architecture also requires a trusted software module, a few modifications to the operating system, a secure I/O path to the user, and a secure installation process. Unique aspects of our architecture include: decoupling of user secrets from the devices, enabling users to securely access their keys from different networked computing devices; the use of symmetric master keys rather than more costly public-private key pairs; and the avoidance of any permanent or factory-installed device secrets.
Keywords :
authorisation; computer architecture; microprocessor chips; public key cryptography; SP-processor; cryptographic protection; general-purpose microprocessor; secret-protected architecture; secure I/O path; secure installation; software module; Computer architecture; Computer networks; Cryptography; Data security; Hardware; IP networks; Microprocessors; Military computing; Operating systems; Protection;
Conference_Titel :
Computer Architecture, 2005. ISCA '05. Proceedings. 32nd International Symposium on
Print_ISBN :
0-7695-2270-X
DOI :
10.1109/ISCA.2005.14
