Aegis: A Single-Chip Secure Processor

Authors:
G. Edward Suh;Charles W. O'Donnell;Srinivas Devadas
Affiliations:
Cornell University;Massachusetts Institute of Technology;Massachusetts Institute of Technology
Venue:
IEEE Design & Test
Year:
2007

Citing 8
Cited 24

Building a high-performance, programmable secure coprocessor

Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Security Engineering: A Guide to Building Dependable Distributed Systems

Security Engineering: A Guide to Building Dependable Distributed Systems
Silicon physical random functions

Proceedings of the 9th ACM conference on Computer and communications security
(How) can mobile agents do secure electronic transactions on untrusted hosts? A survey of the security issues and the current solutions

ACM Transactions on Internet Technology (TOIT)
Caches and Hash Trees for Efficient Memory Integrity Verification

HPCA '03 Proceedings of the 9th International Symposium on High-Performance Computer Architecture
Efficient Memory Integrity Verification and Encryption for Secure Processors

Proceedings of the 36th annual IEEE/ACM International Symposium on Microarchitecture
Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions

Proceedings of the 32nd annual international symposium on Computer Architecture
Physical unclonable functions for device authentication and secret key generation

Proceedings of the 44th annual Design Automation Conference

Efficient Helper Data Key Extractor on FPGAs

CHES '08 Proceeding sof the 10th international workshop on Cryptographic Hardware and Embedded Systems
A security approach for off-chip memory in embedded microprocessor systems

Microprocessors & Microsystems
Protection of Sensitive Security Parameters in Integrated Circuits

Mathematical Methods in Computer Science
Complete information flow tracking from the gates up

Proceedings of the 14th international conference on Architectural support for programming languages and operating systems
MAC Precomputation with Applications to Secure Memory

ISC '09 Proceedings of the 12th International Conference on Information Security
Execution leases: a hardware-supported mechanism for enforcing strong non-interference

Proceedings of the 42nd Annual IEEE/ACM International Symposium on Microarchitecture
SeReCon: a secure reconfiguration controller for self-reconfigurable systems

International Journal of Critical Computer-Based Systems
A case for FAME: FPGA architecture model execution

Proceedings of the 37th annual international symposium on Computer architecture
PUF ROKs: generating read-once keys from physically unclonable functions

Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
PEAR: a hardware based protocol authentication system

Proceedings of the 3rd ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS
The PUF promise

TRUST'10 Proceedings of the 3rd international conference on Trust and trustworthy computing
T-DRE: a hardware trusted computing base for direct recording electronic vote machines

Proceedings of the 26th Annual Computer Security Applications Conference
SCA-resistant embedded processors: the next generation

Proceedings of the 26th Annual Computer Security Applications Conference
On device identity establishment and verification

EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
FPGA time-bounded unclonable authentication

IH'10 Proceedings of the 12th international conference on Information hiding
Enforcing physically restricted access control for remote data

Proceedings of the first ACM conference on Data and application security and privacy
PUF ROKs: a hardware approach to read-once keys

Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
Inspection resistant memory: architectural support for security from physical examination

Proceedings of the 39th Annual International Symposium on Computer Architecture
DRV-Fingerprinting: using data retention voltage of SRAM cells for chip identification

RFIDSec'12 Proceedings of the 8th international conference on Radio Frequency Identification: security and privacy issues
Multi-processor architectural support for protecting virtual machine privacy in untrusted cloud environment

Proceedings of the ACM International Conference on Computing Frontiers
FORTUNA-A framework for the design and development of hardware-based secure systems

Journal of Systems and Software
TSV: A novel energy efficient Memory Integrity Verification scheme for embedded systems

Journal of Systems Architecture: the EUROMICRO Journal
Beyond full disk encryption: protection on security-enhanced commodity processors

ACNS'13 Proceedings of the 11th international conference on Applied Cryptography and Network Security
Memory encryption: A survey of existing techniques

ACM Computing Surveys (CSUR)

Quantified Score

Hi-index	0.00

Visualization

Abstract

This article presents the Aegis secure processor architecture, which enables physically secure computing platforms with a main processor as the only trusted component. The Aegis architecture ensures private and authentic program execution even in the face of physical attacks, using two new security primitives. First, physical unclonable functions (PUFs) generate cryptographic keys in a highly secure yet inexpensive manner, exploiting random manufacturing variations. Second, off-chip memory protection mechanisms ensure the integrity and privacy of off-chip memory. Aegis, with its new protection mechanisms, has been implemented on an FPGA, and is fully functional. The authors briefly assess the cost of the security mechanisms in the Aegis processor and show that it is reasonable.