Application Support Architecture for a High-Performance, Programmable Secure Coprocessor
نویسندگان
چکیده
A “secure system” should be secure—but should also be a system that achieves some particular functionality. A family of secure systems that our group has been investigating (and building) are high-end secure coprocessors: devices that combine a general-purpose computing environment with high-performance cryptography inside a tamper-responding secure boundary. With the appropriate application software, such secure coprocessors can solve security problems that otherwise would be difficult or impossible. In this paper, we examine a high-end secure coprocessor as a system: the programming environment it must provide to support such on-card applications; the software and hardware architecture we developed and implemented to provide this support; and some of the lessons we learned from this development. This paper is not just an academic exercise, but a case study of commercial research and development (leading to a released product, the IBM 4758 [4]).
منابع مشابه
Building a high-performance, programmable secure coprocessor
Secure coprocessors enable secure distributed applications by providing safe havens where an application program can execute (and accumulate state), free of observation and interference by an adversary with direct physical access to the device. However, for these coprocessors to be effective, participants in such applications must be able to verify that they are interacting with an authentic pr...
متن کاملUsing a High-Performance, Programmable Secure Coprocessor
Unsecure computational environments threaten many nancial cryptography implementations, and other sensitive computation. High-performance secure coprocessors can address these threats. However, using this technology for practical security solutions requires overcoming numerous technical and business obstacles. These obstacles motivate building a high-performance secure coprocessor that balances...
متن کاملValidating a High-Performance, Programmable Secure Coprocessor
This paper details our experiences with successfully validating a trusted device at FIPS 140-1 Level 4—earning the world’s first certificate at this highest level. Over the last several years, our group designed and built a physically secure PCI card (the IBM 4758 [5]) containing a general-purpose processor with crypto support. However, for this device to function as a trusted platform for secu...
متن کاملA Secure Programmable Architecture with a Dedicated Tech-mapping Algorithm: Application to a Crypto-processor
With worldwide communications, information technology and confidentiality have become a major issue for exchanging and securing data. Nevertheless the ASIC high costs and the frequent updates in cryptographic standards used in security applications such as homeland security or banking have made the ciphering algorithms on an embedded FPGA (e-FPGA) co-processor a viable alternative. This paper p...
متن کاملSub-Block Oriented Media Processor Architecture
Sub-block oriented media processor architecture is presented. A block oriented instruction set extension is proposed to process and transfer 1D or 2D data blocks. Two programmable processors are employed to perform sequential processing and block oriented processing respectively. We evaluated the performance potential of the media processor architecture using a special FPGA card, and an image F...
متن کامل