Hardware-based encryption: Difference between revisions

|technologies=[[Cryptographic Hashhash Functionfunction]], [[Encryption]]

'''Hardware-based encryption''' is the use of [[computer hardware]] to assist software, or sometimes replace software, in the process of data [[encryption]]. Typically, this is implemented as part of the [[CPU|processor]]'s [[Instruction set architecture|instruction set]]. For example, the [[Advanced Encryption Standard|AES]] encryption algorithm (a modern [[cipher]]) can be implemented using the [[AES instruction set]] on the ubiquitous [[x86]] architecture]].<ref name="Intel AES Instructions" /> Such instructions also exist on the [[ARM architecture]].<ref name="cortex cryptography" /> However, more unusual systems exist where the cryptography module is separate from the central processor, instead being implemented as a [[coprocessor]], in particular a [[secure cryptoprocessor]] or [[cryptographic accelerator]], of which an example is the [[IBM 4758]], or its successor, the [[IBM 4764]].<ref name="IBM 4764" /> Hardware implementations can be faster and less prone to exploitation than traditional software implementations, and furthermore can be protected against tampering.<ref name="performance" /> However, hardware implementations use additional space on the processor die, and any security vulnerability (such as [[Spectre (security vulnerability)|Spectre]]) cannot be solved with a software update.<ref name="MeltdownSpectre" />

HardwarePrior to the use of computer hardware, cryptography could be performed through various mechanical or [[electro-basedmechanical]] encryptionmeans. arguablyAn beganearly inexample is the 1987[[Scytale]] withused by the [[Spartan]]s.<ref name="Kelly">{{Cite journal|last=Kelly|first=Thomas|title=The Myth of the Skytale|journal=Cryptologia|date=July 1998|pages=244&ndash;260|doi=10.1080/0161-119891886902|volume=22|issue=3}}</ref> The [[Enigma machine]] was an electro-mechanical system cipher machine notably used by the Germans in [[World War II]].{{citation needed|date=June 2018}} After [[World War II]], purely electronic systems were developed. In 1987 the ABYSS (A Basic Yorktown Security System) project was initiated.<ref name="ABYSS" /><ref name="building 4758" /> The aim of this project was to protect against [[Softwaresoftware Piracypiracy]]. However, the application of computers to cryptography in general dates back to the 1940s and [[Bletchley Park]], where the [[Colossus computer]] was used to break the encryption used by German High Command during [[World War 2II]]. The use of computers to ''encrypt'', however, came later. In particular, until the development of the [[Intergratedintegrated Circuitcircuit]], of which the first was produced in 1960, computers were impractical for encryption, since, in comparison to the portable [[form factor (design)|form factor]] of the [[Enigma machine]],<ref name="Crypto Enigma" /> Computers[[SIGSALY|computers of the era]] took the space of an entire building. It was only with the development of the [[Microcomputermicrocomputer]] that computer encryption became feasible, outside of niche applications. The development of the [[World Wide Web]] lead to the need for consumers to have access to encryption, as [[Onlineonline Shoppingshopping]] became prevalent.<ref name="consumers" /> The key concerns for consumers were security and speed.<ref name="consumers" /> This led to the eventual inclusion of the key algorithms into processors as a way of both increasing speed and security.<ref name="performance" />

The [[X86]] [[Computer architecture|architecture]], as a [[Complex instruction set computer|CISC (Complex Instruction Set Computer)]] Architecture, typically implements complex [[algorithms]] in hardware.<ref name="Oxford" /> Cryptographic algorithms are no exception. The x86 architecture implements significant components of the [[Advanced Encryption Standard|AES (Advanced&nbsp;Encryption&nbsp;Standard)]] algorithm,<ref name="Intel AES Instructions" /> which can be used by the [[NSA]] for [[Top Secret]] information.<ref name="NIST National Security" /> The architecture also includes support for the [[Secure Hash Algorithms|SHA]] Hashing Algorithms through the [[Intel SHA extensions]].<ref name="Intel AES Instructions" /> Whereas AES is a cipher, which is useful for encrypting documents, [[Hash function|Hashinghashing]] is used for verification, such as of passwords (see [[PBKDF2]]).

* [[IBM 4758]] -– The predecessor to the [[IBM 4764]].<ref name="NIST approval" /> This includes its own specialised processor, [[Random-access memory|memory]] and a [[Random Number Generator]].<ref name="IBM 4758 datasheet" />

Note that [[Advanced Micro Devices|Advanced Micro Devices]] (AMD)]] processors are also x86 devices, and have supported the [[AES instruction set|AES instructions]] since the 2011 [[Bulldozer (microarchitecture)|Bulldozer]] processor iteration. <ref name="Arecibo Bulldozer" />

Due to the existence of encryption instructions on modern processors provided by both [[Intel]] and [[Advanced Micro Devices|AMD]], the instructions are present on most modern computers.<ref name="Haifa" /> They also exist on many tablets and smartphones due to their implementation in [[ARM architecture|ARM processors]].<ref name="Haifa" />

If, however, the hardware implementation is compromised, major issues arise. Malicious software can retrieve the data from the (supposedly) secure hardware -– a large class of method used is the [[timing attack]].<ref name="BearSSL" /> This is far more problematic to solve than a software bug, even within the [[operating system]]. [[Microsoft]] regularly deals with security issues through [[Windows Update]]. Similarly, regular security updates are released for [[Mac OS X]] and [[Linux]], as well as mobile operating systems like [[iOS]], [[Android (operating system)|Android]], and [[Windows Phone]]. However, hardware is a different issue. Sometimes, the issue will be fixable through updates to the processor's [[microcode]] (a low level type of software). However, other issues may only be resolvable through replacing the hardware, or a workaround in the operating system which mitigates the performance benefit of the hardware implementation, such as in the [[Spectre (security vulnerability)|Spectre exploit]].<ref name="PCW-20180109" />

<ref name="Intel AES Instructions">{{cite book|title=Intel® 64 and IA-32 Architectures Software Developer’sDeveloper's Manual|date={{date|December 2017}}|url=https://software.intel.com/sites/default/files/managed/39/c5/325462-sdm-vol-1-2abcd-3abcd.pdf|publisher=Intel|pages=303-309303–309, 410}}</ref>

<ref name="cortex cryptography">{{cite book|title=ARM® Cortex®-A57 MPCore Processor Cryptography Extension|date={{date|2017-12-17}} December 2017|publisher=ARM Holdings|url=http://infocenter.arm.com/help/topic/com.arm.doc.ddi0514g/DDI0514G_cortex_a57_mpcore_cryptography_trm.pdf|url-status=live|archive-url=https://web.archive.org/web/20161213102201/http://infocenter.arm.com/help/topic/com.arm.doc.ddi0514g/DDI0514G_cortex_a57_mpcore_cryptography_trm.pdf|archive-date=2016-12-13}}</ref>

<ref name="IBM 4764">{{cite web|url=https://www.ibm.com/support/knowledgecenter/ssw_ibm_i_61/rzajc/rzajcco4758.htm|title=4764 Cryptographic Coprocessor|publisher=IBM|access-date={{date20 January 2018|url-status=live|archive-url=https://web.archive.org/web/20180121000028/https://www.ibm.com/support/knowledgecenter/ssw_ibm_i_61/rzajc/rzajcco4758.htm|archive-date=2018-01-20}}21}}</ref>

<ref name="performance">{{cite web|title=AES-NI Performance Analyzed|url=http://www.tomshardware.com/reviews/clarkdale-aes-ni-encryption,2538.html|publisher=Tom's Hardware|year=2010|author=P. Schmid and A. Roos |accessdateaccess-date={{date|20 January 2018-01-20}}}}</ref>

<ref name="MeltdownSpectreABYSS">{{Citecite web |author=Staff |url=https://spectreattackwww.comcomputer.org/csdl/ proceedings/sp/1987/0771/00/07710038.pdf|title=MeltdownABYSS: andA SpectreTrusted |date=2018Architecture |work=[[Grazfor University of Technology]]Software Protection|access-date={{date|2018-01-20}} January 2018|deadurl-urlstatus=no live|archive-url=https://web.archive.org/web/2018010322134520180121071623/https://spectreattackwww.comcomputer.org/ csdl/proceedings/sp/1987/0771/00/07710038.pdf|archive-date={{date|2018-01-03}}21}}</ref>

<ref name="ABYSSbuilding 4758">{{cite web|url=httpshttp://www.computerresearch.orgibm.com/csdlpeople/proceedingss/spsailer/1987publications/07712001/00/07710038ibm4758.pdf|title=ABYSS:Building Athe TrustedIBM Architecture4758 forSecure Software ProtectionCoprocessor|access-date={{date|20 January 2018|publisher=[[IBM]]|url-01status=live|archive-20}}url=https://web.archive.org/web/20170808032012/http://www.research.ibm.com/people/s/sailer/publications/2001/ibm4758.pdf|archive-date=2017-08-08}}</ref>

<ref name="buildingCrypto 4758Enigma">{{cite web|url=http://www.research.ibmcryptomuseum.com/peoplekits/senigma/sailersupport/publicationsfiles/2001/ibm4758case.pdf|publisher=Crypto Museum|title=Building the IBM 4758 Secure CoprocessorEnigma-E case|access-date={{date|20 January 2018|url-01status=live|archive-20}}url=https://web.archive.org/web/20161105032157/http://www.cryptomuseum.com/kits/enigma/support/files/case.pdf|publisherarchive-date=[[IBM]]2016-11-05}}</ref>