Steve Harris Weingart

Building a high-performance, programmable secure coprocessor

Unsecure computational environments threaten many financial cryptography implementations, and other sensitive computation. High-performance secure coprocessors can address these threats. However, using this technology for practical security solutions requires overcoming numerous technical and business obstacles. These obstacles motivate building a high-performance secure coprocessor that balances security with easy third-party programmability—but these obstacles also provide many design challenges. This paper discusses some of issues we faced when attempting to build such a device.

Using a High-Performance, Programmable Secure Coprocessor

Unsecure computational environments threaten many financial cryptography implementations, and other sensitive computation. High-performance secure coprocessors can address these threats. However, using this technology for practical security solutions requires overcoming numerous technical and business obstacles. These obstacles motivate building a high-performance secure coprocessor that balances security with easy third-party programmability—but these obstacles also provide many design challenges. This paper discusses some of issues we faced when attempting to build such a device.

Physical Security Devices for Computer Subsystems: A Survey of Attacks and Defences

As the value of data on computing systems increases and operating systems become more secure, physical attacks on computing systems to steal or modify assets become more likely. This technology requires constant review and improvement, just as other competitive technologies need review to stay at the leading edge. This paper describes known physical attacks, ranging from simple attacks that require little skill or resource, to complex attacks that require trained, technical people and considerable resources. Physical security methods to deter or prevent these attacks are presented. The intent is to match protection methods with the attack methods in terms of complexity and cost. In this way cost effective protection can be produced across a wide range of systems and needs. Specific technical mechanisms now in use are shown, as well as mechanisms proposed for future use. Common design problems and solutions are discussed with consideration for manufacturing.

An evaluation system for the physical security of computing systems

Physical security technology is being used more often to protect the integrity of computing systems and the assets they contain. A physical security rating system is defined in terms of the difficulty of mounting a successful physical attack against it, quality assurance documentation and system testing. An evaluation system is presented for determining adequate physical security, as a function of the environment in which the system is placed and the value of the assets resident in the system.<<ETX>>