🥸Advanced Computer Architecture Unit 15 – Security and Trust in Computer Architecture

Key Concepts and Foundations

• Computer architecture security involves protecting hardware and software components from unauthorized access, tampering, and exploitation
• Confidentiality ensures sensitive information is not disclosed to unauthorized parties (encryption)
• Integrity guarantees data and systems remain unaltered and consistent (hashing)
• Availability ensures resources and services are accessible to authorized users when needed (redundancy, failover)
• Authentication verifies the identity of users or devices before granting access (passwords, biometrics)
• Non-repudiation prevents entities from denying their actions or transactions (digital signatures)
• Access control restricts access to resources based on user privileges and permissions (role-based access control)
• Least privilege principle grants users the minimum permissions necessary to perform their tasks

Security Threats in Computer Architecture

• Malware includes viruses, worms, trojans, and ransomware that can compromise systems and data
• Buffer overflow attacks exploit vulnerabilities in memory management to execute malicious code
• Rootkits are stealthy malware that gain privileged access to systems and hide their presence
• Denial-of-service (DoS) attacks overwhelm resources to disrupt availability of services
• Side-channel attacks exploit unintended information leakage (timing, power consumption) to infer sensitive data
• Hardware Trojans are malicious modifications to hardware designs that can enable unauthorized access or functionality
• Reverse engineering techniques can be used to analyze and exploit hardware and software vulnerabilities
• Supply chain attacks compromise hardware or software components during manufacturing, distribution, or updates

Trust Models and Principles

• Trust is the confidence that an entity will behave as expected and not compromise security
• Trust models define the relationships, assumptions, and expectations among entities in a system
• Trusted computing base (TCB) includes hardware, firmware, and software components critical for system security
• Root of trust is a foundational component that is inherently trusted and serves as the basis for establishing trust in other components
• Chain of trust extends trust from the root of trust to other components through a series of verifications and attestations
• Zero trust assumes no implicit trust and requires continuous authentication and authorization for all entities and actions
• Trusted platform module (TPM) is a secure hardware component that provides cryptographic functions and secure storage for keys and measurements
• Remote attestation allows remote parties to verify the integrity and trustworthiness of a system's hardware and software components

Secure Hardware Design

• Hardware security modules (HSMs) are dedicated devices that securely generate, store, and manage cryptographic keys
• Tamper-resistant hardware designs prevent unauthorized physical access and detect tampering attempts (tamper-evident seals, sensors)
• Physically unclonable functions (PUFs) generate unique and unpredictable values based on physical characteristics of hardware for device authentication and key generation
• Secure boot ensures the integrity of firmware and software components during system startup by verifying digital signatures
• Hardware-based isolation mechanisms (Intel SGX, ARM TrustZone) provide secure enclaves for executing sensitive code and protecting data
• Memory encryption protects data confidentiality in memory by encrypting data stored in RAM or non-volatile storage
• Secure key storage techniques (key splitting, key wrapping) safeguard cryptographic keys from unauthorized access
• Hardware-based random number generators provide high-quality entropy for cryptographic operations

Cryptographic Implementations

• Cryptographic algorithms provide confidentiality, integrity, and authentication for data and communications
• Symmetric-key cryptography uses the same key for encryption and decryption (AES, ChaCha20)
• Public-key cryptography uses a pair of keys: a public key for encryption and a private key for decryption (RSA, ECC)
• Hash functions generate fixed-size digests of input data for integrity verification and digital signatures (SHA-256, BLAKE2)
• Digital signatures provide authentication, integrity, and non-repudiation for messages and transactions (ECDSA, EdDSA)
• Key exchange protocols establish shared secrets between parties for secure communication (Diffie-Hellman, ECDH)
• Cryptographic accelerators are hardware components that optimize the performance of cryptographic operations
• Post-quantum cryptography aims to develop algorithms resistant to attacks by quantum computers (lattice-based, code-based)

Side-Channel Attacks and Countermeasures

• Side-channel attacks exploit unintended information leakage from hardware or software implementations to infer sensitive data
• Timing attacks analyze variations in execution time to deduce secret information (cache timing attacks)
• Power analysis attacks measure power consumption patterns to extract cryptographic keys (differential power analysis)
• Electromagnetic emanation attacks capture and analyze electromagnetic emissions from devices to infer sensitive data
• Acoustic attacks exploit sound emanations from keyboards or other components to infer user input or system behavior
• Countermeasures against side-channel attacks include constant-time implementations, noise injection, and masking techniques
• Secure coding practices help prevent software vulnerabilities that can enable side-channel attacks
• Hardware countermeasures (shielding, filtering) can mitigate physical side-channel leakage

Trusted Execution Environments

• Trusted execution environments (TEEs) provide isolated and secure execution of sensitive code and data
• Intel Software Guard Extensions (SGX) creates secure enclaves within the processor for confidential computing
• ARM TrustZone partitions the system into secure and non-secure worlds for isolated execution
• AMD Secure Encrypted Virtualization (SEV) encrypts virtual machine memory and protects against hypervisor attacks
• Secure elements are tamper-resistant hardware components that store sensitive data and execute security-critical operations
• Trusted I/O paths ensure secure input and output between peripherals and TEEs to prevent tampering or eavesdropping
• Remote attestation allows remote parties to verify the integrity and trustworthiness of TEEs
• TEEs enable secure storage, secure boot, and secure firmware updates for enhanced system security

Future Trends and Challenges

• Post-quantum cryptography is an active research area to develop algorithms resistant to quantum computing attacks
• Homomorphic encryption allows computations on encrypted data without revealing the underlying plaintext
• Secure multi-party computation enables multiple parties to jointly compute a function while keeping their inputs private
• Hardware-based security solutions (PUFs, HSMs) are becoming more prevalent for robust security primitives
• Formal verification techniques are used to mathematically prove the correctness and security of hardware and software designs
• AI and machine learning are being applied to enhance security threat detection and mitigation
• Quantum computing poses significant challenges to existing cryptographic algorithms and requires the development of quantum-resistant solutions
• Balancing security, performance, and energy efficiency remains a key challenge in computer architecture design