Protecting cryptographic keys and computations via virtual secure coprocessing

Cryptographic processing is a critical component of secure networked computing systems. The protection offered by cryptographic processing, however, greatly depends on the methods employed to manage, store, and exercise a user's cryptographic keys. In general, software-only key management schemes contain numerous security weaknesses. Thus, many systems protect keys with distributed protocols or supplementary hardware devices, such as smart cards and cryptographic coprocessors. However, these key protection mechanisms suffer from combinations of user inconvenience, inflexibility, performance penalties, and high cost.In this paper, we propose architectural enhancements for general-purpose processors that protect core secrets by facilitating virtual secure coprocessing (VSCoP). We describe modest hardware modifications and a trusted software library that allow common computing devices to perform flexible, high-performance, and protected cryptographic computation. The hardware additions include a small key store in the processor, encryption engines at the cache-memory interface, a few new instructions, and minor hardware platform modifications. With these enhancements, users can store, transport, and employ their secret keys to safely complete cryptographic operations in the presence of insecure software. In addition, we provide a foundation with which users can more securely access their secret keys on any Internet-connected computing device (that supports VSCoP) without requiring auxiliary hardware such as smart cards.

[1]  Todd M. Austin,et al.  The SimpleScalar tool set, version 2.0 , 1997, CARN.

[2]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[3]  Peter Gutmann An Open-Source Cryptographic Coprocessor , 2000, USENIX Security Symposium.

[4]  Mike Bond,et al.  API-Level Attacks on Embedded Systems , 2001, Computer.

[5]  John P. McGregor,et al.  Virtual Secure Coprocessing on General-purpose Processors , 2004 .

[6]  Tommie Singleton Managing the Most Critical Internet Security Vulnerabilities: One Effective Approach , 2002 .

[7]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[8]  Edward W. Felten,et al.  Hand-Held Computers Can Be Better Smart Cards , 1999, USENIX Security Symposium.

[9]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[10]  G. Edward Suh,et al.  Caches and Merkle Trees for Efficient Memory Authentication , 2002 .

[11]  Sean W. Smith,et al.  Building a high-performance, programmable secure coprocessor , 1999, Comput. Networks.

[12]  Jean-Didier Legat,et al.  Architecture of security management unit for safe hosting of multiple agents , 1999, Electronic Imaging.

[13]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .

[14]  G. Edward Suh,et al.  AEGIS: architecture for tamper-evident and tamper-resistant processing , 2003 .

[15]  Michael K. Reiter,et al.  Networked cryptographic devices resilient to capture , 2003, International Journal of Information Security.

[16]  Markus G. Kuhn,et al.  Low Cost Attacks on Tamper Resistant Devices , 1997, Security Protocols Workshop.

[17]  Burton S. Kaliski,et al.  Server-assisted generation of a strong secret from a password , 2000, Proceedings IEEE 9th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE 2000).

[18]  Matt Blaze,et al.  High-Bandwidth Encryption with Low-Bandwidth Smartcards , 1996, FSE.

[19]  Dan Boneh,et al.  Architectural support for copy and tamper resistant software , 2000, SIGP.

[20]  Richard E. Smith,et al.  Authentication: From Passwords to Public Keys , 2001 .

[21]  Sean W. Smith,et al.  Using a High-Performance, Programmable Secure Coprocessor , 1998, Financial Cryptography.

[22]  G. Edward Suh,et al.  AEGIS: architecture for tamper-evident and tamper-resistant processing , 2003, ICS.

[23]  Tal Rabin,et al.  Secure distributed storage and retrieval , 2000, Theor. Comput. Sci..

[24]  Bennet S. Yee,et al.  Dyad : a system for using physically secure coprocessors , 1991 .

[25]  Miodrag Potkonjak,et al.  Enabling trusted software integrity , 2002, ASPLOS X.

[26]  Brian A. Carter,et al.  Advanced Encryption Standard , 2007 .

[27]  Sean W. Smith,et al.  Application Support Architecture for a High-Performance, Programmable Secure Coprocessor , 1999 .