From Root-of-Trust to Secure-Processor-Architecture for Chip-to-Cloud Security

Description

In 2012, the US President Barack Obama has urged the US congress to pass the Cybersecurity act of 2012 to him in order to sign it into law. Clearly, the importance of Cyber-space security has tightly connected to one National and Economical security, nowadays we have transparently and unintentionally using Cloud services on a daily basis. For example, we use Dropbox to share files among colleagues and friends, we use Google doc to modify and create files on machines and hard-drives miles away passing through interconnection networks shared by potentially adversaries and unknown hackers. One very important question is how can a user ensure the opened file is the same file that he stored previously, and he / she is the sole owner of this file, not even the system administrator. Obviously, with the increasing trend of using mobile devices connecting to the Cloud, the importance of Chip-to-Cloud security will be continued to bloom. Chip-to-Cloud (C2C) security refers to ensuring the security of devices connecting to the Cloud computing platforms. Thus, the designs of secure processor architecture for C2C pose new security challenges for the research communities and governments to enable a safe global community.Trustworthy computing has been gaining increasing importance as computing devices become pervasive and information becomes widely distributed on the Cloud. The Root-of- Trust of a security system comes from the methodology and the quality of random key. The key is a genuine intrinsic true random number generator. By providing hardware-level protection, a secure processor ensures a safe computing environment where confidential data can be protected against both hardware and software attacks.This proposal aims to carry architectural and entropy analysis for the root-of-trust core, True Random Number Generator (TRNG) for the Field-Programmable Gate Array and ASIC platform. The created TRNG core will be placed into a rapid prototyping FPGA platform for building the secure processor architecture. The uses of our novel techniques on Montgomery multiplier using residue number systems and spectral arithmetic will be explored for the processor. Next, we will develop secure protocol for this secure platform such as the boot sequence and mechanism for the content switching of Virtual Machines (VM) on the processor. The corresponding attack model for the processor in the Cloud environment will be introduced with the techniques described in this project. By achieving the objectives described in this proposal, it is expected that a secure processor will become more favorable to everyone.