AEGIS: A single-chip secure processor

Authors:
G. Edward Suh;Charles W. O'Donnell;Srinivas Devadas
Affiliations:
Computer Science and Artificial Intelligence Laboratory (CSAIL), Massachusetts Institute of Technology, Cambridge, MA 02139, USA;Computer Science and Artificial Intelligence Laboratory (CSAIL), Massachusetts Institute of Technology, Cambridge, MA 02139, USA;Computer Science and Artificial Intelligence Laboratory (CSAIL), Massachusetts Institute of Technology, Cambridge, MA 02139, USA
Venue:
Information Security Tech. Report
Year:
2005

Citing 6
Cited 6

Building a high-performance, programmable secure coprocessor

Computer Networks: The International Journal of Computer and Telecommunications Networking - Special issue on computer network security
Security Engineering: A Guide to Building Dependable Distributed Systems

Security Engineering: A Guide to Building Dependable Distributed Systems
(How) can mobile agents do secure electronic transactions on untrusted hosts? A survey of the security issues and the current solutions

ACM Transactions on Internet Technology (TOIT)
Caches and Hash Trees for Efficient Memory Integrity Verification

HPCA '03 Proceedings of the 9th International Symposium on High-Performance Computer Architecture
Efficient Memory Integrity Verification and Encryption for Secure Processors

Proceedings of the 36th annual IEEE/ACM International Symposium on Microarchitecture
Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions

Proceedings of the 32nd annual international symposium on Computer Architecture

Physically restricted authentication with trusted hardware

Proceedings of the 2009 ACM workshop on Scalable trusted computing
PUF ROKs: generating read-once keys from physically unclonable functions

Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
PEAR: a hardware based protocol authentication system

Proceedings of the 3rd ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS
Enforcing physically restricted access control for remote data

Proceedings of the first ACM conference on Data and application security and privacy
PUF ROKs: a hardware approach to read-once keys

Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
OASIS: on achieving a sanctuary for integrity and secrecy on untrusted platforms

Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

Quantified Score

Hi-index	0.00

Visualization

Abstract

This article presents the AEGIS secure processor architecture, which enables new applications by ensuring private and authentic program execution even in the face of physical attack. Our architecture uses two new primitives to achieve physical security. First, we describe Physical Random Functions which reliably protect and share secrets in a manner that is cheaper and more secure than existing solutions based on non-volatile memory. Second, off-chip memory protection mechanisms ensure the integrity and the privacy of off-chip memory. Our processor, with its new protection mechanisms, has been implemented on an FPGA, and is fully functional. We briefly assess the cost of the security mechanisms in our processor and show that it is reasonable.