Building a High-Performance, Programmable Secure Coprocessor

        Replaces RC21045

        Secure coprocessors enable secure distributed applications by
        providing safe havens where an application program can execute (and
        accumulate state), free of observation and interference by an
        adversary with direct physical access to the device.  However, for
        these coprocessors to be effective, participants in such applications
        must be able to verify that they are interacting with an authentic
        program on an authentic, untampered device.  Furthermore, secure
        coprocessors that support {\em general-purpose} computation and will
        be manufactured and distributed as {\em commercial products} must
        provide these core sanctuary and authentication properties while also
        meeting many additional challenges, including:

          * the applications, operating system, and underlying security
         management may all come from different, mutually suspicious
         authorities;

          * configuration and maintenance must occur in a hostile environment,
         while minimizing disruption of operations;

          * the device must be able to recover from the vulnerabilities that
         inevitably emerge in complex software;

          * hardware constraints dictate that support for advanced cryptography
         depends on reloadable software; and

          * physical security dictates that the device itself can never be
         opened and examined.

        This paper summarizes the hardware, software, and cryptographic
        architecture we developed to address these problems.  Furthermore,
        with our colleagues, we have implemented this solution, now available
        as a commercial product.

By: Sean Smith, Steve Weingart

Published in: RC21102 in 1998

LIMITED DISTRIBUTION NOTICE:

This Research Report is available. This report has been submitted for publication outside of IBM and will probably be copyrighted if accepted for publication. It has been issued as a Research Report for early dissemination of its contents. In view of the transfer of copyright to the outside publisher, its distribution outside of IBM prior to publication should be limited to peer communications and specific requests. After outside publication, requests should be filled only by reprints or legally obtained copies of the article (e.g., payment of royalties). I have read and understand this notice and am a member of the scientific community outside or inside of IBM seeking a single copy only.

att1.zip

Questions about this service can be mailed to reports@us.ibm.com .