Architecture for Protecting Critical Secrets in Microprocessors

Lee, R.B.   Kwan, P.C.S.   McGregor, J.P.   Dwoskin, J.   Zhenghong Wang   
Princeton University;

This paper appears in: Computer Architecture, 2005. ISCA '05. Proceedings.
32nd International Symposium on
Publication Date: 04-08 June 2005
On page(s): 2- 13
ISSN: 1063-6897 
ISBN: 0-7695-2270-X
Digital Object Identifier: 10.1109/ISCA.2005.14
Posted online: 2005-06-20 11:37:42.0 
 
Abstract
We propose "secret-protected (SP)" architecture to enable secure and
convenient protection of critical secrets for a given user in an on-line
environment. Keys are examples of critical secrets, and key protection and
management is a fundamental problem - often assumed but not solved -
underlying the use of cryptographic protection of sensitive files, messages,
data and programs. SP-processors contain a minimalist set of architectural
features that can be built into a general-purpose microprocessor to provide
protection of critical secrets and their computations, without expensive or
inconvenient auxiliary hardware. SP-architecture also requires a trusted
software module, a few modifications to the operating system, a secure I/O
path to the user, and a secure installation process. Unique aspects of our
architecture include: decoupling of user secrets from the devices, enabling
users to securely access their keys from different networked computing
devices; the use of symmetric master keys rather than more costly
public-private key pairs; and the avoidance of any permanent or
factory-installed device secrets.