TY - JOUR
T1 - Architecture for protecting critical secrets in microprocessors
AU - Lee, Ruby B.
AU - Kwan, Peter C.S.
AU - McGregor, John P.
AU - Dwoskin, Jeffrey
AU - Wang, Zhenghong
N1 - Copyright:
Copyright 2020 Elsevier B.V., All rights reserved.
PY - 2005
Y1 - 2005
N2 - We propose "secret-protected (SP)" architecture to enable secure and convenient protection of critical secrets for a given user in an on-line environment. Keys are examples of critical secrets, and key protection and management is a fundamental problem - often assumed but not solved - underlying the use of cryptographic protection of sensitive files, messages, data and programs. SP-processors contain a minimalist set of architectural features that can be built into a general-purpose microprocessor to provide protection of critical secrets and their computations, without expensive or inconvenient auxiliary hardware. SP-architecture also requires a trusted software module, a few modifications to the operating system, a secure I/O path to the user, and a secure installation process. Unique aspects of our architecture include: decoupling of user secrets from the devices, enabling users to securely access their keys from different networked computing devices; the use of symmetric master keys rather than more costly public-private key pairs; and the avoidance of any permanent or factory-installed device secrets
AB - We propose "secret-protected (SP)" architecture to enable secure and convenient protection of critical secrets for a given user in an on-line environment. Keys are examples of critical secrets, and key protection and management is a fundamental problem - often assumed but not solved - underlying the use of cryptographic protection of sensitive files, messages, data and programs. SP-processors contain a minimalist set of architectural features that can be built into a general-purpose microprocessor to provide protection of critical secrets and their computations, without expensive or inconvenient auxiliary hardware. SP-architecture also requires a trusted software module, a few modifications to the operating system, a secure I/O path to the user, and a secure installation process. Unique aspects of our architecture include: decoupling of user secrets from the devices, enabling users to securely access their keys from different networked computing devices; the use of symmetric master keys rather than more costly public-private key pairs; and the avoidance of any permanent or factory-installed device secrets
UR - http://www.scopus.com/inward/record.url?scp=27544511310&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=27544511310&partnerID=8YFLogxK
U2 - 10.1145/1080695.1069971
DO - 10.1145/1080695.1069971
M3 - Conference article
AN - SCOPUS:27544511310
SP - 2
EP - 13
JO - Proceedings - International Symposium on Computer Architecture
JF - Proceedings - International Symposium on Computer Architecture
SN - 1063-6897
T2 - 32nd Interntional Symposium on Computer Architecture, ISCA 2005
Y2 - 4 June 2005 through 8 June 2005
ER -