Today requirement for having the secure and safe computations in computing architecture is the growing demand and need of the era of concerned cyber security conscious business world. Side channel attacks mitigation is a growing concern among the cyber security professionals. Although there exists techniques like building of Faraday cage on the processor package and making use of advanced cryptography like learning with errors , that combined are claimed to be not feasible for attack by known methods and even by quantum computing. But even then Faraday Cages,optical couplers and power filters cannot stop the acoustic leakage through vents or self-amplification attacks that induce leakage at frequencies below the filter’s design specification.
To add the secure computation to the legacy computing architecture vary in terms of cost , programming models, features and security assurance levels. Let us look at the most employed techniques used in near history and currently .
Not far past , the use of standalone security chips like TPM chips in PCs, SIM cards in mobile devices & conditional access cards in the Pay TV systems are employed to have secure computations. But they are limited to the single purpose applications that could sustain the additional cost. But the hackers can still got access to the critical data by exploiting the security chip’s electrical interface like done by pay tv hackers that steal video decryption keys for redistribution in underground market.
So a strategy to add security modes into existing designs is one of the solutions. As the processor and other logic are reused in it so these approaches add no extra thing to the circuit it self. But as with all security measures , this reuse brings the significant risks due to existing bugs in the shared logic and separation techniques and procedures. Intel’s Software Guard Extension (SGX) , happens to be one of the results that leave almost all of the processor in the security perimeter and do not appear to resolve side channel or glitch attacks.
Trusted Execution environments typically employs the ARM’s Tust Zone CPU mode to try to isolate independent operating system that can termed as “trusted OS”. But in this case the security dependencies include the CPUs, the chip’s test/debug modes, the memory subsystem/RAM , the Trusted execution environment operating system, and other high privilege software. The approach to integrate the security blocks onto large multi function chips is appeared to be most compelling . These cores has advantage of creating the intra-chip security perimeter. This security perimeter doesn’t trust the RAM,legacy processors,operating system or other logic. Thus providing much better security integration than separate chips. Some Examples of onchip security hardware includes Apple’s Secure Enclave, AMD’s Secure Processor and Rambus’s Crypto Manager Cores. As per the requirements the security core may offload specific functions like authentication or can be programmable .
Better hardware foundation can enable new computation processes that is essential to have the Secure technology industry and cyberspace future.