|
Papers
|
www.cs.dartmouth.edu/~sws/abstracts/sw99.shtml
Last modified: 08/27/03 11:56:54 AM
|
S.W. Smith, S.H. Weingart.
``Building a High-Performance, Programmable Secure Coprocessor.''
Computer Networks (Special Issue on Computer Network Security.)
31: 831-860. April 1999.
Abstract
Secure coprocessors enable secure distributed applications by
providing safe havens where an application program can execute and
accumulate state, free of observation and interference by an adversary
with direct physical access to the device. However, for these
coprocessors to be effective, participants in such applications must
be able to verify that they are interacting with an authentic program
on an authentic, untampered device. Furthermore, secure coprocessors
that support general-purpose computation and will be manufactured and
distributed as commercial products must provide these core sanctuary
and authentication properties while also meeting many additional
challenges, including:
- the applications, operating system, and underlying security management may all come from different, mutually suspicious
authorities;
- configuration and maintenance must occur in a hostile environment, while minimizing disruption of operations;
- the device must be able to recover from the vulnerabilities that inevitably emerge in complex software;
- physical security dictates that the device itself can never be opened and examined; and
- ever-evolving cryptographic requirements dictate that hardware accelerators be supported by reloadable on-card software.
This paper summarizes the hardware, software, and cryptographic
architecture we developed to address these problems. Furthermore,
with our colleagues, we have implemented this solution, into a
commercially available product.
Download
PDF
