A Security Architecture for Microprocessors Doctoral Thesis J¨orgPlatte Genehmigte Dissertation zur Erlangung des akademischen Grades eines Doktors an der Fakult¨atf¨urElektrotechnik und Informationstechnik Technischen Universit¨atDortmund Abteilung Informationstechnik Institut f¨urRoboterforschung 06.11.2008 II Acknowledgements It is my pleasure to thank all the people who supported me to make this thesis possible. Pr¨ufungskommission: • Prof. Dr.-Ing. Christian Rehtanz (Vorsitzender) • Prof. Dr.-Ing. Uwe Schwiegelshohn (Referent) • Prof. Dr.-Ing. Christian Grimm (Korreferent) • Dr.-Ing. Wolfgang Endemann III Abstract The Security Architecture for Microprocessors (SAM ) is a lightweight and high-performance combined hard- and software security extension for microprocessors. SAM has been designed to provide a secure remote code execution environment. It can be used to implement effective copy-protection schemes and provides mechanisms to prevent data and algorithm disclosure. SAM provides protection even if an attacker has full access to both the operating system and hardware. SAM uses an enhanced processor core which can be used as a drop in replacement for a standard processor to provide transparent encryption and hashing of memory contents to prevent external tampering and sniffing attacks. Further internal security-related extensions support a secure operating system implementation. Both the hardware and software design are presented in this thesis. IV Contents List of Figures E List of Tables F List of Algorithms G 1 Introduction 1 I Software Protection Schemes 5 2 Computer and Operating System Architecture 6 2.1 Processor Overview . 6 2.1.1 Instruction Set Protection Mechanisms . 7 2.1.2 Virtual Memory . 7 2.1.3 Memory Hierarchy . 7 2.1.4 Interrupts . 8 2.2 Operating Systems . 9 2.2.1 Memory Layout . 9 2.2.2 Interrupts . 10 2.2.3 Virtual Memory Handling . 10 2.3 Protection Mechanisms . 11 2.3.1 Multiuser Environment . 11 2.3.2 File System . 11 2.3.3 Process Management . 11 2.3.4 Administrator Access . 12 2.3.5 Sophisticated Access Control . 12 3 Security Issues 13 3.1 Hardware Access . 13 3.2 Software-Based Attacks . 14 3.3 Side Channel Attacks . 15 3.4 Program Analysis . 15 3.5 Copy Protection . 17 3.6 Sandbox Security . 17 A B CONTENTS 4 Cryptography 19 4.1 Symmetric Cryptography . 19 4.1.1 Random Number Generation . 19 4.1.2 Algorithms . 20 4.1.3 Modes of Operation . 20 4.2 Data Integrity . 21 4.3 Asymmetric Cryptography . 22 4.4 Key Exchange Protocols . 23 4.5 Cryptographic Attacks . 23 4.5.1 Brute Force . 23 4.5.2 Known Plaintext . 24 4.5.3 Related-Key Attack . 24 4.5.4 Replay Attacks . 24 4.5.5 XOR Security Considerations . 24 4.5.6 Man-in-the-Middle . 25 4.5.7 Other Attacks . 25 4.6 Standard Protocols . 25 5 Security Architectures 26 5.1 Memory Protection Schemes . 26 5.1.1 Hash Trees . 26 5.1.2 Memory Encryption . 27 5.1.3 Hiding Address Information . 27 5.2 Security Architectures . 28 5.2.1 Smart Cards . 28 5.2.2 Secure Co-Processors . 28 5.2.3 LaGrande . 29 5.2.4 Digital Rights Management . 29 5.2.5 X-Box . 30 5.2.6 XOM . 30 5.2.7 AEGIS . 31 II The Security Architecture for Microprocessors (SAM ) 35 6 SAM Design Goals 36 6.1 Motivation . 36 6.2 Requirements for Secure Computing . 37 6.2.1 Hardware Requirements . 38 6.2.2 Software Requirements . 39 7 Processor Architecture 40 7.1 Overview . 40 7.2 Cryptographic Keys . 40 7.3 Tamper Detection Unit . 42 7.4 RSA Unit and SAM Configurator . 42 7.5 Cryptographic Functions . 42 CONTENTS C 7.6 Security-Aware Cache . 42 7.7 Memory Layout . 42 7.7.1 Memory Views . 44 7.8 Protected Operating System . 44 7.8.1 Protected TRAP Table . 45 7.8.2 Sparse Hash Tree . 46 7.9 SAM Instruction Set . 47 7.10 Speculative Execution . 48 7.10.1 Memory Decryption Attack . 48 7.10.2 Secure Speculative Execution . 48 8 Memory Protection 50 8.1 Memory Integrity Verification . 50 8.2 Memory Encryption . 53 9 SAM Implementations 55 9.1 SAM for SPARC . 55 9.1.1 Register Protection . 56 9.1.2 Instruction Set . 57 9.1.3 Context Switches . 61 9.1.4 TRAP Modifications . 61 9.1.5 Memory-Mapped Configuration Registers . 61 9.1.6 Cache . 62 9.1.7 Further Changes . 62 9.2 SAM for IA-32 Processors . 62 9.2.1 Register Protection . 63 9.2.2 Context Handling and Configuration . 63 9.2.3 Privilege Level Transitions . 64 9.2.4 Instruction Set . 65 9.3 Multiprocessor Support . 65 10 SAM Operating System Design 67 10.1 Threats . 67 10.2 Protected Kernel . 68 10.2.1 Limitations . 69 10.2.2 Loading Protected Programs . 69 10.2.3 Hash Tree Handling . 70 10.2.4 User-Supervisor Mode Transitions . 71 10.2.5 Protected Compartment . 72 10.2.6 System Calls . 72 10.2.7 Multi Threading and Signal Handling . 73 11 Cache Architecture 74 11.1 Comparison with other Caches . 74 11.2 L1 Data Cache . 74 11.3 L1 Instruction Cache . 78 11.4 L2 Cache . 78 D CONTENTS 11.4.1 TAG RAM . ..