Jump to content

Hardware-based encryption

From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Zanhe (talk | contribs) at 03:56, 24 January 2018 (bold article name). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.
Hardware-based encryption
The IBM 4758 Cryptographic Module
Process typeCryptography
Industrial sector(s)Computing
Main technologies or sub-processesCryptographic Hash Function, Encryption

Hardware-based encryption is the use of Computer Hardware to assist software, or sometimes replace software, in the process of data encryption. Typically, this is implemented as part of the processor's instruction set. For example, the AES encryption algorithm (a modern cipher) can be implemented using the AES instruction set on the ubiquitous x86 architecture.[1] Such instructions also exist on the ARM architecture.[2] However, more unusual systems exist where the cryptography module is separate from the central processor, instead being implemented as a coprocessor, in particular a secure cryptoprocessor, of which an example is the IBM 4764[3]. Hardware implementations can be faster and less prone to exploitation than traditional software implementations, and furthermore can be protected against tampering.[4] However, hardware implementations use additional space on the processor die, and any security vulnerability (such as Spectre) cannot be solved with a software update.[5]

History

Hardware-based encryption arguably began in the 1987 with the ABYSS (A Basic Yorktown Security System) project.[6][7] The aim of this project was to protect against Software Piracy. However, the application of computers to cryptography in general dates back to the 1940s and Bletchley Park, where the Colossus computer was used to break the encryption used by German High Command during World War 2. The use of computers to encrypt, however, came later. In particular, until the development of the Intergrated Circuit, of which the first was produced in 1960, computers were impractical for encryption, since, in comparison to the portable form factor of the Enigma machine,[8] Computers of the era took the space of an entire building. It was only with the development of the Microcomputer that computer encryption became feasible, outside of niche applications. The development of the World Wide Web lead to the need for consumers to have access to encryption, as Online Shopping became prevalent.[9] The key concerns for consumers were security and speed.[9] This led to the eventual inclusion of the key algorithms into processors as a way of both increasing speed and security.[4]

Implementations

In the Instruction Set

x86

Main articles: AES instruction set and Intel SHA extensions

The X86 architecture, as a CISC (Complex Instruction Set Computer) Architecture, typically implements complex algorithms in hardware. Cryptographic algorithms are no exception. The x86 architecture implements significant components of the AES (Advanced Encryption Standard) algorithm, which can be used by the NSA for Top Secret information.[10] The architecture also includes support for the SHA Hashing Algorithms through the Intel SHA extensions.[1] Whereas AES is a cipher, which is useful for encrypting documents, Hashing is used for verification, such as of passwords (see PBKDF2).

ARM

ARM processors can optionally support Security Extensions. Although ARM is a RISC (Reduced Instruction Set Computer) architecture, there are several optional extensions specified by ARM Holdings.[2][11]

As a coprocessor

Advantages

Implementing cryptography in hardware means that part of the processor is dedicated to the task. This can lead to a large increase in speed.[4] In particular, modern processor architectures that support pipelining can often perform other instructions concurrently with the execution of the encryption instruction. Furthermore, hardware can have methods of protecting data from software. Consequently, even if the Operating System is compromised, the data may still be secure (see Software Guard Extensions).[12]

Disadvantages

If, however, the hardware implementation is compromised, major issues arise. Malicious software can retrieve the data from the (supposedly) secure hardware - a large class of method used is the timing attack.[13] This is far more problematic to solve than a software bug, even within the Operating System. Microsoft regularly deals with security issues through Windows Update. Similarly, regular security updates are released for Mac OS X and Linux, as well as mobile Operating Systems like iOS, Android, and Windows Phone. However, hardware is a different issue. Sometimes, the issue will be fixable through updates to the processor's microcode (a low level type of software). However, other issues may only be resolvable through replacing the hardware, or a workaround in the operating system which mitigates the performance benefit of the hardware implementation, such as in the Spectre exploit.[14]

References

  1. ^ a b Intel® 64 and IA-32 Architectures Software Developer’s Manual (PDF). Intel. December 2017. pp. 303–309, 410.
  2. ^ a b ARM® Cortex®-A57 MPCore Processor Cryptography Extension (PDF). ARM Holdings. 17 December 2017.
  3. ^ a b "4764 Cryptographic Coprocessor". IBM. Retrieved 20 January 2018.
  4. ^ a b c P. Schmid and A. Roos (2010). "AES-NI Performance Analyzed". Tom's Hardware. Retrieved 20 January 2018.
  5. ^ Staff (2018). "Meltdown and Spectre". Graz University of Technology. Archived from the original on 3 January 2018. Retrieved 20 January 2018. {{cite web}}: Unknown parameter |dead-url= ignored (|url-status= suggested) (help)
  6. ^ "ABYSS: A Trusted Architecture for Software Protection" (PDF). Retrieved 20 January 2018.
  7. ^ "Building the IBM 4758 Secure Coprocessor" (PDF). IBM. Retrieved 20 January 2018.
  8. ^ "Enigma-E case" (PDF). Crypto Museum. Retrieved 20 January 2018.
  9. ^ a b "Consumers and their online shopping expectations – Ecommerce News". 20 February 2015. Retrieved 29 August 2016.
  10. ^ Lynn Hathaway (June 2003). "National Policy on the Use of the Advanced Encryption Standard (AES) to Protect National Security Systems and National Security Information" (PDF). Retrieved 15 February 2011.
  11. ^ Cryptographic Hardware Accelerators on OpenWRT.org
  12. ^ "Intel SGX for Dummies (Intel SGX Design Objectives)". intel.com. 2013-09-26.
  13. ^ "BearSSL – Constant-Time Crypto". www.bearssl.org. Retrieved 2017-01-10.
  14. ^ Hachman, Mark (January 9, 2018). "Microsoft tests show Spectre patches drag down performance on older PCs". PC World. Retrieved 2018-01-09.
Retrieved from "https://en.wikipedia.org/w/index.php?title=Hardware-based_encryption&oldid=822056552"