Secure cryptoprocessor

A secure cryptoprocessor is a dedicated computer on a chip or microprocessor for carrying out cryptographic operations, embedded in a packaging with multiple physical security measures, which give it a degree of tamper resistance. Unlike cryptographic processors that output decrypted data onto a bus in a secure environment, a secure cryptoprocessor does not output decrypted data or decrypted program instructions in an environment where security cannot always be maintained.

The purpose of a secure cryptoprocessor is to act as the keystone of a security subsystem, eliminating the need to protect the rest of the subsystem with physical security measures.

Examples

Smartcards are probably the most widely deployed form of secure cryptoprocessor, although more complex and versatile secure cryptoprocessors are widely deployed in systems such as Automated teller machines, TV set-top boxes, military applications, and high-security portable communication equipment. Some secure cryptoprocessors can even run general-purpose operating systems such as Linux inside their security boundary. Cryptoprocessors input program instructions in encrypted form, decrypt the instructions to plain instructions which are then executed within the same cryptoprocessor chip where the decrypted instructions are inaccessibly stored. By never revealing the decrypted program instructions, the cryptoprocessor prevents tampering of programs by technicians who may have legitimate access to the sub-system data bus. This is known as bus encryption. Data processed by a cryptoprocessor is also frequently encrypted.

The Trusted Platform Module (TPM) is an implementation of a secure cryptoprocessor that brings the notion of trusted computing to ordinary PCs by enabling a secure environment. Present TPM implementations focus on providing a tamper-proof boot environment, and persistent and volatile storage encryption.

Security Chips for embedded systems are also available that provide the same level of physical protection for keys and other secret material as a smartcard processor or trusted platform module but in a smaller, less complex and less expensive package. They are often referred to as cryptographic authentication devices and are used to authenticate peripherals, accessories and/or consumables. Like Trusted Platform Modules, they are usually turnkey integrated circuits intended to be embedded in a system, usually soldered to a PC board.

Hardware Security Modules contain one or more cryptoprocessors. These devices are high grade secure cryptoprocessors used with Enterprise servers. A hardware security module can have multiple levels of physical security with a single-chip cryptoprocessor as its most secure component. The cryptoprocessor does not reveal keys or executable instructions on a bus, except in encrypted form, and zeros keys by attempts at probing or scanning. The crypto chip(s) may also be potted in the hardware security module with other processors and memory chips that store and process encrypted data. Any attempt to remove the potting will cause the keys in the crypto chip to be zeroed. A hardware security module may also be part of a computer (for example an ATM) that operates inside a locked safe to deter theft, substitution, and tampering.

Features

Security measures used in secure cryptoprocessors:

Tamper-detecting and tamper-evident containment.
Conductive shield layers in the chip that prevent reading of internal signals.
Controlled execution to prevent timing delays from revealing any secret information.
Automatic zeroization of secrets in the event of tampering.
Chain of trust boot-loader which authenticates the operating system before loading it.
Chain of trust operating system which authenticates application software before loading it.
Hardware-based capability registers, implementing a one-way privilege separation model.

Degree of security

Secure cryptoprocessors, while useful, are not invulnerable to attack, particularly for well-equipped and determined opponents (e.g. a government intelligence agency) who are willing to expend massive resources on the project.

One attack on a secure cryptoprocessor targeted the IBM 4758.^[1] A team at the University of Cambridge reported the successful extraction of secret information from an IBM 4758, using a combination of mathematics, and special-purpose codebreaking hardware. However, this attack was not practical in real-world systems because it required the attacker to have full access to all API functions of the device. Normal and recommended practices use the integral access control system to split authority so that no one person could mount the attack.

While the vulnerability they exploited was a flaw in the software loaded on the 4758, and not the architecture of the 4758 itself, their attack serves as a reminder that a security system is only as secure as its weakest link: the strong link of the 4758 hardware was rendered useless by flaws in the design and specification of the software loaded on it.

Smartcards are significantly more vulnerable, as they are more open to physical attack. Additionally, hardware backdoors can undermine security in smartcards and other cryptoprocessors unless investment is made in anti-backdoor design methods.^[2]

In the case of full disk encryption applications, especially when implemented without a boot PIN, a cryptoprocessor would not be secure against a cold boot attack^[3] if data remanence could be exploited to dump memory contents after the operating system has retrieved the cryptographic keys from its TPM.

However, if all of the sensitive data is stored only in cryptoprocessor memory and not in external storage, and the cryptoprocessor is designed to be unable to reveal keys or decrypted or unencrypted data on chip bonding pads or solder bumps, then such protected data would be accessible only by probing the cryptoprocessor chip after removing any packaging and metal shielding layers from the cryptoprocessor chip. This would require both physical possession of the device as well as skills and equipment beyond that of most technical personnel.

Other attack methods involve carefully analyzing the timing of various operations that might vary depending on the secret value or mapping the current consumption versus time to identify differences in the way that ‘0’ bits are handled internally vs ‘1’ bits. Or the attacker may apply temperature extremes, excessively high or low clock frequencies or supply voltage that exceeds the specifications in order to induce a fault. The internal design of the cryptoprocessor can be tailored to prevent these attacks.

Some secure cryptoprocessors contain dual processor cores and generate inaccessible encryption keys when needed so that even if the circuitry is reverse engineered, it will not reveal any keys that are necessary to securely decrypt software booted from encrypted flash memory or communicated between cores.^[4]

The first single-chip cryptoprocessor design was for copy protection of personal computer software (see US Patent 4,168,396, Sept 18, 1979) and was inspired by Bill Gates' Open Letter to Hobbyists.

References

↑ attack on the IBM 4758
↑ Waksman, Adam (2010), "Tamper Evident Microprocessors" (PDF), Proceedings of the IEEE Symposium on Security and Privacy, Oakland, California
↑ J. Alex Halderman, Seth D. Schoen, Nadia Heninger, William Clarkson, William Paul, Joseph A. Calandrino, Ariel J. Feldman, Jacob Appelbaum, and Edward W. Felten (February 21, 2008). "Lest We Remember: Cold Boot Attacks on Encryption Keys". Princeton University. Retrieved 2008-02-22.
↑ Secure CPU complies with DOD anti-tamper mandate

Ross Anderson, Mike Bond, Jolyon Clulow and Sergei Skorobogatov, Cryptographic Processors — A Survey, April 2005 (PDF). This is not a survey of cryptographic processors; it is a survey of relevant security issues.
Robert M. Best, US Patent 4,278,837, July 14, 1981
R. Elbaz, et al., Hardware Engines for Bus Encryption — A Survey, 2005 (PDF).
David Lie, Execute Only Memory, .
Extracting a 3DES key from an IBM 4758
J. D. Tygar and Bennet Yee, A System for Using Physically Secure Coprocessors, Dyad

CPU technologies

Architecture	Von Neumann Harvard (Modified) Dataflow TTA

Instruction set	ASIP CISC RISC EDGE (TRIPS) VLIW (EPIC) MISC OISC NISC ZISC Comparison

Word size	1-bit 4-bit 8-bit 9-bit 10-bit 12-bit 15-bit 16-bit 18-bit 22-bit 24-bit 25-bit 26-bit 27-bit 31-bit 32-bit 33-bit 34-bit 36-bit 39-bit 40-bit 48-bit 50-bit 60-bit 64-bit 128-bit 256-bit 512-bit Variable

Execution	Instruction pipelining Bubble Operand forwarding Out-of-order execution Register renaming Speculative execution Branch predictor Memory dependence prediction Hazards

Parallel level	Bit Bit-serial Word Instruction Scalar Superscalar Task Thread Process Data Vector Memory

Multithreading	Temporal Simultaneous Preemptive Cooperative

Flynn's taxonomy	SISD SIMD MISD MIMD SPMD Addressing mode

Core count	Single-core processor Multi-core processor Manycore processor

Types	Digital signal processor (DSP) GPGPU Microcontroller Physics processing unit System on a chip (SoC) Cellular

Components	Address generation unit (AGU) Arithmetic logic unit (ALU) Barrel shifter Floating-point unit (FPU) Back-side bus Multiplexer Demultiplexer Registers Memory management unit (MMU) Translation lookaside buffer (TLB) Cache Register file Microcode Control unit Clock rate

Power management	APM ACPI Dynamic frequency scaling Dynamic voltage scaling Clock gating

Hardware security	Non-executable memory (NX bit) Bounds checking (Intel MPX) Hardware restriction (firmware) Software Guard Extensions (Intel SGX) Trusted Execution Technology Secure cryptoprocessor Hardware security module Hengzhi chip

This article is issued from Wikipedia - version of the 11/29/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.

Secure cryptoprocessor

Examples

Features

Degree of security

See also

References

Further reading